Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-02-2015
Ran by Shirley at 2015-02-10 18:04:22 Run:1
Running from C:\Users\Shirley\Desktop
Loaded Profiles: Shirley & UpdatusUser (Available profiles: Shirley & Mimi & UpdatusUser)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CreateRestorePoint:
Stopallprocesses:
SearchScopes: HKU\S-1-5-21-3187660000-4005643778-904162757-1000 -> {CAF23D13-F526-4D8C-B831-502412BB7724} URL = http://www.ask.com/web?q={searchTerms}&search=search&qsrc=0&o=0&l=dir
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO-x32: No Name -> {D40C654D-7C51-4EB3-95B2-1E23905C2A2D} ->  No File
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
HKU\S-1-5-21-3187660000-4005643778-904162757-1001\...\MountPoints2: {083bf88a-32a4-11e3-9238-e0cb4effeff8} - F:\LaunchU3.exe -a
FF user.js: detected! => C:\Users\Shirley\AppData\Roaming\Mozilla\Firefox\Profiles\4xgc4omk.default\user.js
FF Extension: Ads Removal - C:\Users\Shirley\AppData\Roaming\Mozilla\Firefox\Profiles\4xgc4omk.default\Extensions\adremoveext@adremoveext.net [2015-01-24]
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\Shirley\AppData\Roaming\Mozilla\Firefox\Profiles\4xgc4omk.default\Extensions\iobitascsurfingprotection@iobit.com [2014-12-11]
CHR Extension: (Ads Removal) - C:\Users\Shirley\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2015-01-24]
CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - No Path
CHR HKLM-x32\...\Chrome\Extension: [heoldelcflnigdllmlopiefhkkobendj] - No Path
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2631456 2014-11-26] (IObit)
C:\Program Files (x86)\IObit
2015-02-07 22:47 - 2015-02-07 22:47 - 00003290 _____ () C:\Windows\System32\Tasks\CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805}
2015-01-25 00:26 - 2014-07-10 23:28 - 00000000 ____D () C:\Users\Shirley\AppData\Roaming\IObit
C:\Users\Mimi\Bubblets.dat
C:\Users\Public\AlexaNSISPlugin.6860.dll
FlvPlayer (HKU\S-1-5-21-3187660000-4005643778-904162757-1000\...\FlvPlayer) (Version: ${VERSION} - ) <==== ATTENTION
Task: {9B114BAD-30C6-4C39-92B2-187EC3795584} - System32\Tasks\CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805} => C:\ProgramData\cis6D24.exe <==== ATTENTION
C:\ProgramData\cis6D24.exe
Strongvault Online Backup (x32 Version: 5.0.2.34 - Strongvault Online Backup) Hidden <==== ATTENTION
Yontoo 1.12.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.12.02 - Yontoo LLC) <==== ATTENTION
AlternateDataStreams: C:\Windows\system32\GEARAspi64.dll:$CmdTcID
AlternateDataStreams: C:\Windows\system32\msvcp120.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\FlashPlayerApp.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\GEARAspi.dll:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\java.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\javaw.exe:$CmdTcID
AlternateDataStreams: C:\Windows\SysWOW64\javaws.exe:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbam.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mbamchameleon.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\mwac.sys:$CmdTcID
AlternateDataStreams: C:\Windows\system32\Drivers\SWDUMon.sys:$CmdTcID
AlternateDataStreams: C:\Users\Mimi\Downloads\10-Gut-Cleansing-Foods-FB13PX.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Mimi\Downloads\10-Gut-Cleansing-Foods-FB13PX.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Mimi\Downloads\17-Cheat-Foods-That-Burn-Fat-M81441.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Mimi\Downloads\17-Cheat-Foods-That-Burn-Fat-M81441.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Mimi\Downloads\1DD-CheatSheets-r3p1231.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Mimi\Downloads\1DD-CheatSheets-r3p1231.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Mimi\Downloads\4-Sneaky-Tricks-to-Lower-Your-Blood-Sugar-G1981.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Mimi\Downloads\4-Sneaky-Tricks-to-Lower-Your-Blood-Sugar-G1981.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Mimi\Downloads\5-WorstCookingOils-for-A-FlatStomach-60-69-32561K58941.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Mimi\Downloads\5-WorstCookingOils-for-A-FlatStomach-60-69-32561K58941.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Mimi\Downloads\7-Fattening-Foods-That-Fight-Fat-ZBB233G6.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Mimi\Downloads\7-Fattening-Foods-That-Fight-Fat-ZBB233G6.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Mimi\Downloads\CyberLink_Power2Go_Downloader.exe:$CmdTcID
AlternateDataStreams: C:\Users\Mimi\Downloads\CyberLink_Power2Go_Downloader.exe:$CmdZnID
AlternateDataStreams: C:\Users\Mimi\Downloads\Fitbit_SupportedDevices_Android.pdf:$CmdTcID
AlternateDataStreams: C:\Users\Mimi\Downloads\Fitbit_SupportedDevices_Android.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Mimi\Downloads\Fitbit_SupportedDevices_iOS.pdf:$CmdZnID
EmptyTemp:
CMD: bitsadmin /reset /allusers
End



*****************

Restore point was successfully created.
Stopallprocesses: => Error: No automatic fix found for this entry.
"HKU\S-1-5-21-3187660000-4005643778-904162757-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CAF23D13-F526-4D8C-B831-502412BB7724}" => Key deleted successfully.
HKCR\CLSID\{CAF23D13-F526-4D8C-B831-502412BB7724} => Key not found. 
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => Key deleted successfully.
"HKCR\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D} => Key not found. 
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}" => Key deleted successfully.
HKU\S-1-5-21-3187660000-4005643778-904162757-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{083bf88a-32a4-11e3-9238-e0cb4effeff8} => Key not found. 
HKCR\CLSID\{083bf88a-32a4-11e3-9238-e0cb4effeff8} => Key not found. 
C:\Users\Shirley\AppData\Roaming\Mozilla\Firefox\Profiles\4xgc4omk.default\user.js => Moved successfully.
C:\Users\Shirley\AppData\Roaming\Mozilla\Firefox\Profiles\4xgc4omk.default\Extensions\adremoveext@adremoveext.net => Moved successfully.
C:\Users\Shirley\AppData\Roaming\Mozilla\Firefox\Profiles\4xgc4omk.default\Extensions\iobitascsurfingprotection@iobit.com => Moved successfully.
C:\Users\Shirley\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\heoldelcflnigdllmlopiefhkkobendj" => Key deleted successfully.
LiveUpdateSvc => Service deleted successfully.
C:\Program Files (x86)\IObit => Moved successfully.
C:\Windows\System32\Tasks\CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805} => Moved successfully.
C:\Users\Shirley\AppData\Roaming\IObit => Moved successfully.
C:\Users\Mimi\Bubblets.dat => Moved successfully.
C:\Users\Public\AlexaNSISPlugin.6860.dll => Moved successfully.
FlvPlayer (HKU\S-1-5-21-3187660000-4005643778-904162757-1000\...\FlvPlayer) (Version: ${VERSION} - ) <==== ATTENTION => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9B114BAD-30C6-4C39-92B2-187EC3795584}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9B114BAD-30C6-4C39-92B2-187EC3795584}" => Key deleted successfully.
C:\Windows\System32\Tasks\CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805} not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805}" => Key deleted successfully.
"C:\ProgramData\cis6D24.exe" => File/Directory not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5E33D30D-D896-4D92-B033-5F45819B2937}\\SystemComponent => value deleted successfully.
Yontoo 1.12.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.12.02 - Yontoo LLC) <==== ATTENTION => Error: No automatic fix found for this entry.
C:\Windows\system32\GEARAspi64.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\msvcp120.dll => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\FlashPlayerApp.exe => ":$CmdTcID" ADS removed successfully.
C:\Windows\SysWOW64\GEARAspi.dll => ":$CmdTcID" ADS removed successfully.
"C:\Windows\SysWOW64\java.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\javaw.exe" => ":$CmdTcID" ADS not found.
"C:\Windows\SysWOW64\javaws.exe" => ":$CmdTcID" ADS not found.
C:\Windows\system32\Drivers\mbam.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\mbamchameleon.sys => ":$CmdTcID" ADS removed successfully.
C:\Windows\system32\Drivers\mwac.sys => ":$CmdTcID" ADS removed successfully.
"C:\Windows\system32\Drivers\SWDUMon.sys" => ":$CmdTcID" ADS not found.
C:\Users\Mimi\Downloads\10-Gut-Cleansing-Foods-FB13PX.pdf => ":$CmdTcID" ADS removed successfully.
C:\Users\Mimi\Downloads\10-Gut-Cleansing-Foods-FB13PX.pdf => ":$CmdZnID" ADS removed successfully.
C:\Users\Mimi\Downloads\17-Cheat-Foods-That-Burn-Fat-M81441.pdf => ":$CmdTcID" ADS removed successfully.
C:\Users\Mimi\Downloads\17-Cheat-Foods-That-Burn-Fat-M81441.pdf => ":$CmdZnID" ADS removed successfully.
C:\Users\Mimi\Downloads\1DD-CheatSheets-r3p1231.pdf => ":$CmdTcID" ADS removed successfully.
C:\Users\Mimi\Downloads\1DD-CheatSheets-r3p1231.pdf => ":$CmdZnID" ADS removed successfully.
C:\Users\Mimi\Downloads\4-Sneaky-Tricks-to-Lower-Your-Blood-Sugar-G1981.pdf => ":$CmdTcID" ADS removed successfully.
C:\Users\Mimi\Downloads\4-Sneaky-Tricks-to-Lower-Your-Blood-Sugar-G1981.pdf => ":$CmdZnID" ADS removed successfully.
C:\Users\Mimi\Downloads\5-WorstCookingOils-for-A-FlatStomach-60-69-32561K58941.pdf => ":$CmdTcID" ADS removed successfully.
C:\Users\Mimi\Downloads\5-WorstCookingOils-for-A-FlatStomach-60-69-32561K58941.pdf => ":$CmdZnID" ADS removed successfully.
C:\Users\Mimi\Downloads\7-Fattening-Foods-That-Fight-Fat-ZBB233G6.pdf => ":$CmdTcID" ADS removed successfully.
C:\Users\Mimi\Downloads\7-Fattening-Foods-That-Fight-Fat-ZBB233G6.pdf => ":$CmdZnID" ADS removed successfully.
C:\Users\Mimi\Downloads\CyberLink_Power2Go_Downloader.exe => ":$CmdTcID" ADS removed successfully.
C:\Users\Mimi\Downloads\CyberLink_Power2Go_Downloader.exe => ":$CmdZnID" ADS removed successfully.
C:\Users\Mimi\Downloads\Fitbit_SupportedDevices_Android.pdf => ":$CmdTcID" ADS removed successfully.
C:\Users\Mimi\Downloads\Fitbit_SupportedDevices_Android.pdf => ":$CmdZnID" ADS removed successfully.
C:\Users\Mimi\Downloads\Fitbit_SupportedDevices_iOS.pdf => ":$CmdZnID" ADS removed successfully.

=========  bitsadmin /reset /allusers =========


BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========

EmptyTemp: => Removed 1.3 GB temporary data.


The system needed a reboot. 

==== End of Fixlog 18:05:57 ====