Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Proxy server isn't responding - 127.0.0.1:8800


  • Please log in to reply
25 replies to this topic

#1 wenkmt

wenkmt

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 01 December 2014 - 08:37 PM

Hello, kid installed a youtube accelerator and since then unable to find proxy server and found that I am unable to change the proxy 127.0.01:8800

 

Hardware: Asus Core I3

OS: Windows 7 Home Premium

Thanks for help and look forward for more instructions

 

Sincerely,

 

Wen



BC AdBot (Login to Remove)

 


m

#2 wenkmt

wenkmt
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 02 December 2014 - 05:35 PM

Hello, and thanks for helping....

 

By reading other with similar problem....  I have download and run the FARBAR Recovery Scan and this are the FRST.TXT file 12/02/2014 14:11 PST

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-12-2014
Ran by VTHAI68 (administrator) on VTHAI68-PC on 02-12-2014 14:08:16
Running from C:\Users\VTHAI68\Desktop
Loaded Profile: VTHAI68 (Available profiles: VTHAI68 & Giselle & Wen & Richard)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(ASUS) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Google Inc.) C:\Users\VTHAI68\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2589992 2011-04-12] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [361984 2011-03-21] (Alcor Micro Corp.)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel® Corporation)
HKLM\...\Run: [HP Color LaserJet CM1312 MFP Series Fax] => C:\Program Files (x86)\HP\HP Color LaserJet CM1312 MFP Series\hppfaxprintersrv.exe [3700736 2009-09-22] (Hewlett-Packard Company)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3331312 2012-02-17] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe [737104 2011-07-29] (ecareme)
HKLM-x32\...\Run: [SonicMasterTray] => C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-09] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5716608 2011-07-21] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] => C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2319536 2011-10-18] (ASUS)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [BlockAndSurf] => C:\Program Files (x86)\ver8BlockAndSurf\BlockAndSurf.exe
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2090149351-3478286336-2442695903-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7767832 2014-10-11] (SUPERAntiSpyware)
HKU\S-1-5-21-2090149351-3478286336-2442695903-1000\...\Run: [GoogleChromeAutoLaunch_E957FC75A9CE0736AEAC325C1E606729] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-11-24] (Google Inc.)
HKU\S-1-5-21-2090149351-3478286336-2442695903-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-2090149351-3478286336-2442695903-1000\...\Run: [Google Update] => C:\Users\VTHAI68\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-08-26] (Google Inc.)
HKU\S-1-5-21-2090149351-3478286336-2442695903-1000\...\Run: [MusicManager] => C:\Users\VTHAI68\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7475200 2014-11-13] (Google Inc.)
HKU\S-1-5-21-2090149351-3478286336-2442695903-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
AppInit_DLLs: C:\PROGRA~2\SEARCH~2\Datamngr\x64\mgrldr.dll => C:\PROGRA~2\SEARCH~2\Datamngr\x64\mgrldr.dll File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
ShortcutTarget: AsusVibeLauncher.lnk -> C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe (ASUSTeK Computer Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
ShortcutTarget: FancyStart daemon.lnk -> C:\Windows\Installer\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\_77B5857C27147149171BE7.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Wen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\VTHAI68\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
Startup: C:\Users\Wen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe ()
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\ASUSWSShellExt64.dll (eCareme Technologies, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2090149351-3478286336-2442695903-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2090149351-3478286336-2442695903-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2090149351-3478286336-2442695903-1000\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=393&systemid=1&apn_dtid=IME001&apn_ptnrs=AGE&o=APN10653&apn_uid=5525819248814242&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://Lasaoren.com/results.php?f=4&q={searchTerms}&a=lrn_app_14_46_ch&cd=2XzuyEtN2Y1L1QzuyBzzzytBzy0CzyzyyByEyE0D0D0B0BtDtN0D0Tzu0StCtDyEyCtN1L2XzutAtFyCtFtCtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyBtBtBzy0AtBtCyDtG0EyCtByCtG0A0CtB0CtGzzzy0C0AtGyDtAyD0A0CyEtDtAyD0B0E0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDyC0EzztB0B0DtG0CtB0F0FtGyEyD0BtAtGzzyEyC0CtG0CzztA0C0EtByC0ByCyD0EyC2Q&cr=845448638&ir=
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=393&systemid=1&apn_dtid=IME001&apn_ptnrs=AGE&o=APN10653&apn_uid=5525819248814242&q={searchTerms}
SearchScopes: HKLM -> {A25AC313-DD19-4238-ACA2-401D6BEE4321} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM -> {CC865B26-C31D-4D23-B17B-96548EEF03F6} URL =
SearchScopes: HKLM-x32 -> DefaultScope 006ee092-9658-4fd6-bd8e-a21a348e59f5 URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=843&q={searchTerms}&s_it=webpickaol-ie&s_qt=sb&tb_uuid=0E4C4E3FB9A24FABAE99846B9DC29DEF&tb_oid=02-04-2013&tb_mrud=02-04-2013
SearchScopes: HKU\S-1-5-21-2090149351-3478286336-2442695903-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://Lasaoren.com/results.php?f=4&q={searchTerms}&a=lrn_app_14_46_ch&cd=2XzuyEtN2Y1L1QzuyBzzzytBzy0CzyzyyByEyE0D0D0B0BtDtN0D0Tzu0StCtDyEyCtN1L2XzutAtFyCtFtCtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyBtBtBzy0AtBtCyDtG0EyCtByCtG0A0CtB0CtGzzzy0C0AtGyDtAyD0A0CyEtDtAyD0B0E0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDyC0EzztB0B0DtG0CtB0F0FtGyEyD0BtAtGzzyEyC0CtG0CzztA0C0EtByC0ByCyD0EyC2Q&cr=845448638&ir=
SearchScopes: HKU\S-1-5-21-2090149351-3478286336-2442695903-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://Lasaoren.com/results.php?f=4&q={searchTerms}&a=lrn_app_14_46_ch&cd=2XzuyEtN2Y1L1QzuyBzzzytBzy0CzyzyyByEyE0D0D0B0BtDtN0D0Tzu0StCtDyEyCtN1L2XzutAtFyCtFtCtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyBtBtBzy0AtBtCyDtG0EyCtByCtG0A0CtB0CtGzzzy0C0AtGyDtAyD0A0CyEtDtAyD0B0E0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDyC0EzztB0B0DtG0CtB0F0FtGyEyD0BtAtGzzyEyC0CtG0CzztA0C0EtByC0ByCyD0EyC2Q&cr=845448638&ir=
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name -> {3352F334-A389-4004-A026-3A161A0C69A7} ->  No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2090149351-3478286336-2442695903-1000 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler-x32: http - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Hosts: 192.168.1.37 npi344efb
Tcpip\Parameters: [DhcpNameServer] 192.168.10.11 8.8.8.8

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.updatepm.com/PriceMeterLiveUpdate Update;version=3 -> C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.updatepm.com/PriceMeterLiveUpdate Update;version=9 -> C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2090149351-3478286336-2442695903-1000: @tools.google.com/Google Update;version=3 -> C:\Users\VTHAI68\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2090149351-3478286336-2442695903-1000: @tools.google.com/Google Update;version=9 -> C:\Users\VTHAI68\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2090149351-3478286336-2442695903-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\VTHAI68\Music\Amazon MP3\Valshe\Play The Joker\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-2090149351-3478286336-2442695903-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

Chrome:
=======
CHR HomePage: Default -> hxxp://Lasaoren.com/?f=1&a=lrn_app_14_46_ch&cd=2XzuyEtN2Y1L1QzuyBzzzytBzy0CzyzyyByEyE0D0D0B0BtDtN0D0Tzu0StCtDyEyCtN1L2XzutAtFyCtFtCtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyBtBtBzy0AtBtCyDtG0EyCtByCtG0A0CtB0CtGzzzy0C0AtGyDtAyD0A0CyEtDtAyD0B0E0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDyC0EzztB0B0DtG0CtB0F0FtGyEyD0BtAtGzzyEyC0CtG0CzztA0C0EtByC0ByCyD0EyC2Q&cr=845448638&ir=
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Live? Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Users\VTHAI68\Music\Amazon MP3\npAmazonMP3DownloaderPlugin101752.dll (Amazon.com, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Profile: C:\Users\VTHAI68\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\VTHAI68\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-07]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\VTHAI68\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-04]
CHR Extension: (YouTube) - C:\Users\VTHAI68\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-07]
CHR Extension: (Search) - C:\Users\VTHAI68\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-07]
CHR Extension: (Google Play) - C:\Users\VTHAI68\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2013-07-19]
CHR Extension: (Google Wallet) - C:\Users\VTHAI68\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\VTHAI68\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-07]
CHR HKLM-x32\...\Chrome\Extension: [jgjgoboealkonoikjklgigbgconjnfbc] - C:\Users\VTHAI68\AppData\Local\CRE\jgjgoboealkonoikjklgigbgconjnfbc.crx []
CHR HKLM-x32\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Users\VTHAI68\AppData\Local\Torch\Plugins\TorchPlugin.crx []
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\VTHAI68\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx [2013-04-23]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-09-08] (SUPERAntiSpyware.com)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [139264 2007-11-06] (Hewlett-Packard Co.) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [621336 2013-12-04] (Wacom Technology, Corp.)
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-23] (GOOBZO)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 SMUpdd; \??\C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-02 14:08 - 2014-12-02 14:08 - 00027981 _____ () C:\Users\VTHAI68\Desktop\FRST.txt
2014-12-02 14:07 - 2014-12-02 14:08 - 00000000 ____D () C:\FRST
2014-12-02 14:06 - 2014-12-02 14:04 - 02117120 _____ (Farbar) C:\Users\VTHAI68\Desktop\FRST64.exe
2014-12-01 09:03 - 2014-12-01 09:03 - 00000000 __SHD () C:\Users\Richard\AppData\Local\EmieUserList
2014-12-01 09:03 - 2014-12-01 09:03 - 00000000 __SHD () C:\Users\Richard\AppData\Local\EmieSiteList
2014-12-01 09:03 - 2014-12-01 09:03 - 00000000 ____D () C:\Users\Richard\AppData\Roaming\SUPERAntiSpyware.com
2014-11-27 23:04 - 2014-11-27 23:04 - 04443312 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-11-18 11:33 - 2014-11-10 19:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-18 11:33 - 2014-11-10 19:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-11-18 11:32 - 2014-11-10 18:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-18 11:32 - 2014-11-10 18:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-11-11 22:09 - 2014-11-11 22:12 - 00000672 _____ () C:\Windows\SysWOW64\InstallUtil.InstallLog
2014-11-11 21:26 - 2014-11-07 11:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-11 21:26 - 2014-11-07 11:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-11 21:26 - 2014-11-05 20:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-11 21:26 - 2014-11-05 20:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-11 21:26 - 2014-11-05 20:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-11 21:26 - 2014-11-05 19:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-11 21:26 - 2014-11-05 19:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-11 21:26 - 2014-11-05 19:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-11 21:26 - 2014-11-05 19:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-11 21:26 - 2014-11-05 19:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-11 21:26 - 2014-11-05 19:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-11 21:26 - 2014-11-05 19:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-11 21:26 - 2014-11-05 19:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-11 21:26 - 2014-11-05 19:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-11 21:26 - 2014-11-05 19:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-11 21:26 - 2014-11-05 19:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-11 21:26 - 2014-11-05 19:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-11 21:26 - 2014-11-05 19:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-11 21:26 - 2014-11-05 19:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-11 21:26 - 2014-11-05 19:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-11 21:26 - 2014-11-05 19:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-11 21:26 - 2014-11-05 19:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-11 21:26 - 2014-11-05 19:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-11 21:26 - 2014-11-05 19:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-11 21:26 - 2014-11-05 19:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-11 21:26 - 2014-11-05 19:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-11 21:26 - 2014-11-05 19:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-11 21:26 - 2014-11-05 19:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-11 21:26 - 2014-11-05 19:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-11 21:26 - 2014-11-05 19:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-11 21:26 - 2014-11-05 19:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-11 21:26 - 2014-11-05 19:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-11 21:26 - 2014-11-05 18:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-11 21:26 - 2014-11-05 18:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-11 21:26 - 2014-11-05 18:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-11 21:26 - 2014-11-05 18:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-11 21:26 - 2014-11-05 18:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-11 21:26 - 2014-11-05 18:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-11 21:26 - 2014-11-05 18:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-11 21:26 - 2014-11-05 18:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-11 21:26 - 2014-11-05 18:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-11 21:26 - 2014-11-05 18:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-11 21:26 - 2014-11-05 18:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-11 21:26 - 2014-11-05 18:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-11 21:26 - 2014-11-05 18:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-11 21:26 - 2014-11-05 18:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-11 21:26 - 2014-11-05 18:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-11 21:26 - 2014-11-05 18:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-11 21:26 - 2014-11-05 18:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-11 21:26 - 2014-11-05 18:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-11 21:26 - 2014-11-05 18:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-11 21:26 - 2014-11-05 18:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-11 21:26 - 2014-11-05 17:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-11 21:26 - 2014-11-05 17:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-11 21:26 - 2014-11-05 17:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-11 21:26 - 2014-11-05 17:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-11 21:26 - 2014-10-24 17:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-11 21:26 - 2014-10-24 17:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-11 21:26 - 2014-10-02 18:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-11 21:26 - 2014-10-02 17:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-11 21:26 - 2014-08-20 22:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-11 21:26 - 2014-08-20 22:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-11 21:26 - 2014-08-20 22:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-11 21:26 - 2014-08-20 22:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-11 21:26 - 2014-08-11 18:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-11 21:26 - 2014-08-11 17:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-11 21:25 - 2014-10-13 18:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-11 21:25 - 2014-10-13 18:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-11 21:25 - 2014-10-13 18:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-11 21:25 - 2014-10-13 18:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-11 21:25 - 2014-10-13 18:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-11 21:25 - 2014-10-13 18:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-11 21:25 - 2014-10-13 17:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-11 21:25 - 2014-10-13 17:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-11 21:25 - 2014-10-13 17:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-11 21:25 - 2014-10-13 17:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-11 21:25 - 2014-10-13 17:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-11 21:25 - 2014-10-02 18:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-11 21:25 - 2014-10-02 18:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-11 21:25 - 2014-10-02 18:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-11 21:25 - 2014-10-02 18:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-11 21:25 - 2014-10-02 17:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-11 21:25 - 2014-10-02 17:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-11 21:23 - 2014-11-05 09:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-11 21:23 - 2014-11-05 09:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-11 21:23 - 2014-11-05 09:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-11 21:23 - 2014-09-19 01:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-11 21:23 - 2014-09-19 01:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-11 21:23 - 2014-09-19 01:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-11 21:23 - 2014-09-19 01:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-11 21:23 - 2014-09-19 01:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-11 21:23 - 2014-09-19 01:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-11 21:23 - 2014-09-19 01:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-11 21:23 - 2014-09-19 01:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-11 21:23 - 2014-09-19 01:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-11 21:23 - 2014-09-19 01:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-11 21:23 - 2014-09-19 01:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-11 21:23 - 2014-09-19 01:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-11 21:20 - 2014-10-17 18:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-11 21:20 - 2014-10-17 17:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-11 21:20 - 2014-10-09 16:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-11 21:03 - 2014-11-11 21:11 - 00000000 ____D () C:\Users\Giselle\Downloads\MSOffice
2014-11-11 19:23 - 2014-11-12 01:36 - 00000000 ____D () C:\ProgramData\ddc24aa9-6c5d-44d0-8c40-9bed83bb2ab7
2014-11-11 17:51 - 2014-11-11 17:51 - 00003454 _____ () C:\Windows\System32\Tasks\PCSB_WaitAndStartAfter
2014-11-11 17:51 - 2014-11-11 17:51 - 00001935 _____ () C:\Users\VTHAI68\Desktop\Sync Folder.lnk
2014-11-11 17:51 - 2014-11-11 17:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC SpeedBoost
2014-11-11 17:51 - 2014-11-11 17:51 - 00000000 ____D () C:\ProgramData\BoostSoftware
2014-11-11 17:51 - 2014-11-11 17:51 - 00000000 ____D () C:\Program Files (x86)\PC SpeedBoost
2014-11-11 17:50 - 2014-11-11 17:50 - 01678496 _____ (Skype Technologies S.A.) C:\Users\VTHAI68\Downloads\Skype-Installer.exe
2014-11-11 17:49 - 2014-11-11 17:49 - 00811832 _____ ( ) C:\Users\Giselle\Downloads\Skype Download Manager.exe
2014-11-10 18:36 - 2014-11-10 18:36 - 00000000 ____D () C:\Users\Giselle\AppData\Roaming\Mozilla
2014-11-10 16:31 - 2014-11-10 16:31 - 00000000 ___RD () C:\Users\Giselle\Google Drive
2014-11-08 20:53 - 2014-11-08 20:53 - 00000000 ____D () C:\Users\Giselle\AppData\Local\{D26E2A7E-E7D2-47B0-859F-F9534E4DEE41}
2014-11-04 18:16 - 2014-11-04 18:19 - 00002152 _____ () C:\Users\VTHAI68\Desktop\Continue Five Nights at Freddy~s for PC.lnk
2014-11-04 18:03 - 2014-11-04 18:03 - 00001292 _____ () C:\Users\VTHAI68\Desktop\Continue installation .lnk

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-02 14:08 - 2012-06-18 13:32 - 01136348 _____ () C:\Windows\WindowsUpdate.log
2014-12-02 13:51 - 2013-08-26 17:42 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2090149351-3478286336-2442695903-1000UA.job
2014-12-02 13:43 - 2012-02-17 23:37 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-02 13:41 - 2013-01-16 18:42 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2090149351-3478286336-2442695903-1003UA.job
2014-12-02 13:15 - 2012-11-27 23:18 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-02 12:41 - 2009-07-13 21:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-02 11:41 - 2013-01-16 18:42 - 00000864 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2090149351-3478286336-2442695903-1003Core.job
2014-12-02 11:18 - 2012-11-07 19:02 - 00000000 ____D () C:\Users\VTHAI68\AppData\Local\Adobe
2014-12-02 11:18 - 2012-11-05 12:34 - 00000000 ___HD () C:\ASUS.DAT
2014-12-02 11:18 - 2012-02-17 23:37 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-02 10:55 - 2009-07-13 20:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-02 10:55 - 2009-07-13 20:45 - 00018736 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-02 10:14 - 2014-08-23 08:18 - 00000000 ____D () C:\Users\Public\Documents\GOOBZO
2014-12-02 10:14 - 2012-06-18 13:52 - 00000000 ____D () C:\ProgramData\Temp
2014-12-02 10:14 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-02 10:14 - 2009-07-13 20:51 - 00120575 _____ () C:\Windows\setupact.log
2014-12-01 09:03 - 2012-11-12 17:31 - 00123376 _____ () C:\Users\Richard\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-01 09:02 - 2013-03-10 13:16 - 00002221 _____ () C:\Users\Richard\Desktop\Google Chrome.lnk
2014-11-30 20:51 - 2013-08-26 17:42 - 00000864 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2090149351-3478286336-2442695903-1000Core.job
2014-11-30 08:26 - 2014-05-21 19:32 - 00000000 ____D () C:\Users\Giselle\AppData\Local\Deployment
2014-11-27 23:08 - 2014-05-27 17:55 - 00002145 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-27 23:05 - 2012-11-27 23:18 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-27 23:05 - 2012-11-27 23:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-27 23:05 - 2012-11-27 23:18 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-27 12:31 - 2013-12-25 09:48 - 00000000 ____D () C:\Program Files (x86)\osu!
2014-11-16 21:03 - 2014-09-23 19:47 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-16 20:53 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-11-16 20:46 - 2013-08-26 17:42 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2090149351-3478286336-2442695903-1000UA
2014-11-16 20:46 - 2013-08-26 17:42 - 00003494 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2090149351-3478286336-2442695903-1000Core
2014-11-16 11:36 - 2013-01-16 18:42 - 00003890 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2090149351-3478286336-2442695903-1003UA
2014-11-16 11:36 - 2013-01-16 18:42 - 00003494 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2090149351-3478286336-2442695903-1003Core
2014-11-13 06:38 - 2012-02-17 23:37 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-13 06:38 - 2012-02-17 23:37 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-12 16:07 - 2014-05-21 19:32 - 00000000 ____D () C:\Users\Giselle\AppData\Local\Apps\2.0
2014-11-12 03:56 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-11-12 03:18 - 2009-07-13 20:45 - 00468360 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-12 03:17 - 2012-02-17 23:15 - 01276672 _____ () C:\Windows\PFRO.log
2014-11-12 03:15 - 2014-05-06 02:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-12 02:00 - 2013-07-09 21:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-12 01:51 - 2012-11-07 06:26 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 01:36 - 2012-02-17 23:43 - 00000000 ____D () C:\Windows\fr
2014-11-12 01:34 - 2013-02-17 10:27 - 00000000 ____D () C:\Users\Giselle\AppData\Local\iLivid
2014-11-11 21:18 - 2012-06-18 13:50 - 00001969 _____ () C:\Windows\system32\ServiceFilter.ini
2014-11-11 21:17 - 2013-08-21 23:46 - 00000000 ___RD () C:\Users\VTHAI68\Google Drive
2014-11-11 21:17 - 2012-11-08 23:47 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-11-11 18:53 - 2009-07-13 18:34 - 00000668 _____ () C:\Windows\win.ini
2014-11-11 17:51 - 2014-08-23 08:24 - 00004034 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-11-11 17:50 - 2012-11-05 12:33 - 00000000 ____D () C:\Users\VTHAI68
2014-11-10 16:31 - 2012-11-06 18:52 - 00000000 ____D () C:\Users\Giselle
2014-11-03 20:37 - 2013-08-21 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

Some content of TEMP:
====================
C:\Users\Giselle\AppData\Local\Temp\contentDATs.exe
C:\Users\Giselle\AppData\Local\Temp\installhelper.dll
C:\Users\Giselle\AppData\Local\Temp\propsys.dll
C:\Users\Giselle\AppData\Local\Temp\SpOrder.dll
C:\Users\Giselle\AppData\Local\Temp\SpotifyUninstall.exe
C:\Users\Giselle\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\VTHAI68\AppData\Local\Temp\BackupSetup.exe
C:\Users\VTHAI68\AppData\Local\Temp\BearShare_setup.exe
C:\Users\VTHAI68\AppData\Local\Temp\cabex.dll
C:\Users\VTHAI68\AppData\Local\Temp\down.14664.ncdownloader_setup.exe
C:\Users\VTHAI68\AppData\Local\Temp\GenericUninstall.exe
C:\Users\VTHAI68\AppData\Local\Temp\hsbing_717_active.exe
C:\Users\VTHAI68\AppData\Local\Temp\iMesh_setup.exe
C:\Users\VTHAI68\AppData\Local\Temp\Installhelper.dll
C:\Users\VTHAI68\AppData\Local\Temp\instructionsCv3.exe
C:\Users\VTHAI68\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\VTHAI68\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\VTHAI68\AppData\Local\Temp\mpa04152.exe
C:\Users\VTHAI68\AppData\Local\Temp\mssinstaller.exe
C:\Users\VTHAI68\AppData\Local\Temp\post1.exe
C:\Users\VTHAI68\AppData\Local\Temp\post2.dll
C:\Users\VTHAI68\AppData\Local\Temp\post2.exe
C:\Users\VTHAI68\AppData\Local\Temp\propsys.dll
C:\Users\VTHAI68\AppData\Local\Temp\SAS6_Update.exe
C:\Users\VTHAI68\AppData\Local\Temp\SCC.dll
C:\Users\VTHAI68\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\VTHAI68\AppData\Local\Temp\SendMsg.dll
C:\Users\VTHAI68\AppData\Local\Temp\Setup-Wacom.exe
C:\Users\VTHAI68\AppData\Local\Temp\setup_ospd_us.exe
C:\Users\VTHAI68\AppData\Local\Temp\SweetIESetup.exe
C:\Users\VTHAI68\AppData\Local\Temp\tbWhit.dll
C:\Users\VTHAI68\AppData\Local\Temp\TorchSetupFull.exe
C:\Users\VTHAI68\AppData\Local\Temp\TsuD7662737.dll
C:\Users\VTHAI68\AppData\Local\Temp\unelevate.exe
C:\Users\VTHAI68\AppData\Local\Temp\uninst1.exe
C:\Users\VTHAI68\AppData\Local\Temp\uninstaller.exe
C:\Users\VTHAI68\AppData\Local\Temp\vcredist_x64.exe
C:\Users\VTHAI68\AppData\Local\Temp\wget.exe
C:\Users\VTHAI68\AppData\Local\Temp\WSSetup.exe
C:\Users\Wen\AppData\Local\Temp\converter.exe
C:\Users\Wen\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzekvhy.dll
C:\Users\Wen\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Wen\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Wen\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Wen\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Wen\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-11-27 23:35

==================== End Of Log ============================



#3 wenkmt

wenkmt
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 02 December 2014 - 05:37 PM

Hello, and thanks for helping....

 

By reading other with similar problem....  I have download and run the FARBAR Recovery Scan and this is the Addition.TXT file 12/02/2014 14:11 PST

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-12-2014
Ran by VTHAI68 at 2014-12-02 14:09:45
Running from C:\Users\VTHAI68\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 4.2.1 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Professional CS6 (HKLM-x32\...\{BD5669B5-49FF-4490-B956-E9D7CB9B0ADC}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.5.146 - Adobe Systems, Inc.)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 1.2.0117.08443 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.2.0117.08443 - Alcor Micro Corp.) Hidden
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.2.0 - Asmedia Technology)
ASUS AI Recovery (HKLM-x32\...\{D39F0676-163E-4595-A917-E28F99BBD4D2}) (Version: 1.0.24 - ASUS)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0013 - ASUS)
ASUS FancyStart (HKLM-x32\...\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}) (Version: 1.1.1 - ASUSTeK Computer Inc.)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.2 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.0.28 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.2 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 1.1.50 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.02.0037 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.24 - asus)
ASUS WebStorage (HKLM-x32\...\ASUS WebStorage) (Version: 3.0.108.222 - eCareme Technologies, Inc.)
AsusScr_K3 Series_ENG (HKLM-x32\...\AsusScr_K3 Series_ENG) (Version: 1.0.0001 - ASUS)
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.9.157 - ASUSTEK)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0014 - ASUS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2926 - CyberLink Corp.)
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1126 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DeviceDiscovery (x32 Version: 100.0.190.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
ETDWare PS/2-X64 8.0.5.3_WHQL (HKLM\...\Elantech) (Version: 8.0.5.3 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.10 - ASUS)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP Color LaserJet CM1312 MFP Series 5.1 (HKLM\...\{8EEDB90E-6ABC-42bb-AD4C-39DEE05E3EEA}) (Version: 5.1 - HP)
HP Imaging Device Functions 10.0 (HKLM\...\HP Imaging Device Functions) (Version: 10.0 - HP)
HP Product Detection (HKLM-x32\...\{ACAA0152-96A4-4D93-92F5-1B4728C3D984}) (Version: 11.15.0008 - HP)
hppCLJCM1312 (x32 Version: 005.001.00142 - Hewlett-Packard) Hidden
hppFaxDrvCM1312 (x32 Version: 005.000.00001 - Hewlett-Packard) Hidden
hppFaxUtilityCM1312 (x32 Version: 005.001.00137 - Hewlett-Packard) Hidden
hppFonts (x32 Version: 001.001.00061 - Hewlett-Packard) Hidden
hppManualsCM1312 (x32 Version: 005.001.00145 - Hewlett-Packard) Hidden
hppQFolderCM1312 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
hppScanToCM1312 (x32 Version: 005.001.00140 - Hewlett-Packard) Hidden
hppSendFaxCM1312 (x32 Version: 005.000.00001 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{D0CB24F4-084F-40DE-B6B9-A03626E682F0}) (Version: 2.1.1.3 - Apple Inc.)
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
iTunes (HKLM\...\{1CF5754A-545B-4360-BFDE-2847BC728DFC}) (Version: 11.2.0.115 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Long Live the Queen (HKLM-x32\...\GOGPACKLLTQ_is1) (Version: 2.0.0.3 - GOG.com)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{91110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Music Manager (HKU\S-1-5-21-2090149351-3478286336-2442695903-1000\...\MusicManager) (Version:  - Google, Inc.)
myBitCast 1.0.0.3 (HKLM\...\myBitCast) (Version: 1.0.0.3 - ASUS Cloud Corporation)
MyPaint 1.0.0 (HKU\S-1-5-21-2090149351-3478286336-2442695903-1000\...\MyPaint) (Version: 1.0.0 - Martin Renold & MyPaint Development Team)
osu! (HKLM-x32\...\{65ceca2f-3a5b-4d27-b75e-ab20f5a260b9}) (Version: latest - ppy Pty Ltd)
PCSpeedBoost 1.0.5 (HKLM-x32\...\PCSpeedBoost) (Version: 1.0.5 - Boost Software Inc.)
PdaNet+ for Android 4.15 (HKLM-x32\...\PdaNet_is1) (Version:  - June Fabrics Technology Inc)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
Sonic Focus (HKLM-x32\...\{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}) (Version: 1.00.0000 - Virage Logic, Corp.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1014 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.30992 - TeamViewer)
TrayApp (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.7-6 - Wacom Technology Corp.)
WebReg (x32 Version: 100.0.170.000 - Hewlett-Packard) Hidden
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.32.3 - ASUS)
WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Wireless Console 3 (HKLM-x32\...\{19EA33FB-B34E-40EA-8B8A-61743AEB795A}) (Version: 3.0.25 - ASUS)
用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文) (HKLM-x32\...\{F992409C-9D10-4AE2-BAEB-B5409AD3785E}) (Version: 15.4.5722.2 - Microsoft Corporation)
適用遠端連線的 Windows Live Mesh ActiveX 控制項 (HKLM-x32\...\{622DE1BE-9EDE-49D3-B349-29D64760342A}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2090149351-3478286336-2442695903-1000_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-2090149351-3478286336-2442695903-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\VTHAI68\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2090149351-3478286336-2442695903-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\VTHAI68\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2090149351-3478286336-2442695903-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\VTHAI68\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2090149351-3478286336-2442695903-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\VTHAI68\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2090149351-3478286336-2442695903-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\VTHAI68\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2090149351-3478286336-2442695903-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\VTHAI68\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

16-11-2014 18:52:35 Windows Update
19-11-2014 11:00:15 Windows Update
27-11-2014 20:03:04 Windows Update
01-12-2014 17:13:59 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2012-11-07 08:50 - 00000848 ____A C:\Windows\system32\Drivers\etc\hosts
192.168.1.37 npi344efb

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0D50E30B-D8F5-46B2-9A6A-E3F29A393212} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {10C337D8-8196-4FF0-A32D-91729F9B417A} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2011-12-06] (ASUS)
Task: {11D9458C-FB82-462F-93D6-3DA2242A616B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {18C7010A-3B2D-4E84-A6A4-54C6180DE250} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2090149351-3478286336-2442695903-1000UA => C:\Users\VTHAI68\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-26] (Google Inc.)
Task: {260D965D-C414-4DBD-AAE5-889BB1933036} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2090149351-3478286336-2442695903-1000Core => C:\Users\VTHAI68\AppData\Local\Google\Update\GoogleUpdate.exe [2013-08-26] (Google Inc.)
Task: {3498AE0F-9537-4BD7-A7FB-F54A9340B5B4} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {42DC630D-5296-4048-B0D8-12D95BC55E5D} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-01-09] (ASUSTeK Computer Inc.)
Task: {4917FBE7-C208-4523-9BD7-A8BBCEC0C1FD} - \PastaQuotes No Task File <==== ATTENTION
Task: {54F72862-E9A2-4F2F-A363-A9097B462BF7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)
Task: {5B2262C8-0D5D-4719-B72D-9129E1012576} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {61FCD659-3DB9-4BD3-94CE-D2ABE7637B18} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2090149351-3478286336-2442695903-1003Core => C:\Users\Giselle\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-18] (Google Inc.)
Task: {6ADDF08E-21F3-4D44-99E9-5FBB81472037} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {74688CD2-BB39-432B-8C9B-786ACF71BCE4} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
Task: {808E3B4B-B5CE-4B6C-877A-B27603839C29} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {AC43336B-BD10-4AB4-A459-C3A0011504F6} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)
Task: {AD0F7021-7040-45C0-928C-29011820F7B9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2090149351-3478286336-2442695903-1003UA => C:\Users\Giselle\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-18] (Google Inc.)
Task: {AD91050A-5033-414E-885C-9BBC1D649C2D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-27] (Adobe Systems Incorporated)
Task: {BC632E7B-B8EA-411F-A6AA-B86918993BB2} - \pricemeterdownloader No Task File <==== ATTENTION
Task: {C768588A-D567-4A61-BE25-B66A86FD6D32} - System32\Tasks\YTAUpdate => C:\Program Files (x86)\YouTube Accelerator\Updater.exe [2014-08-23] (Goobzo) <==== ATTENTION
Task: {CDA22030-8A50-4EF3-B347-AF90E7EEB707} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2011-07-21] (ASUS)
Task: {D2BFC1BB-F08D-476B-A52A-EBFDCC097473} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2011-10-03] (ASUS)
Task: {D749821B-B9E4-4C82-9DDE-93627000E035} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {DD6D7D16-60DF-440F-B594-9949F5B54E01} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2011-11-15] (ASUS)
Task: {EC179F44-6DE6-4D75-A28C-CAE430EA9C56} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F208AA5D-3F9E-4059-B353-439A67141AA8} - System32\Tasks\AdobeAAMUpdater-1.0-VTHAI68-PC-VTHAI68 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {F51462E8-DCA7-43E5-BF64-7826DB2FF229} - System32\Tasks\YTAUpdate_logon => C:\Program Files (x86)\YouTube Accelerator\Updater.exe [2014-08-23] (Goobzo) <==== ATTENTION
Task: {F555D75D-7202-4C50-A24B-8226F1EA2B8C} - System32\Tasks\PCSB_WaitAndStartAfter => C:\Program Files (x86)\PC SpeedBoost\PCSpeedBoost.exe [2014-11-05] ()
Task: {F91BC9D2-17C5-4AD4-8E3A-98ECBA779B93} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2090149351-3478286336-2442695903-1000Core.job => C:\Users\VTHAI68\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2090149351-3478286336-2442695903-1000UA.job => C:\Users\VTHAI68\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2090149351-3478286336-2442695903-1003Core.job => C:\Users\Giselle\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2090149351-3478286336-2442695903-1003UA.job => C:\Users\Giselle\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-05-02 12:41 - 2011-05-02 12:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-03-19 21:34 - 2013-10-23 13:24 - 00087600 _____ () C:\Windows\System32\cpwmon64.dll
2012-12-17 17:14 - 2012-12-17 17:14 - 00954848 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2009-03-01 18:08 - 2009-03-01 18:08 - 00003584 _____ () C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\LogicNP.PropSheetExtensionHelper_x64.dll
2010-07-14 15:11 - 2010-07-14 15:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2011-05-02 12:41 - 2011-05-02 12:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2013-12-06 23:13 - 2013-12-04 08:35 - 01185048 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2012-03-28 18:45 - 2011-07-25 23:37 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-04-23 15:05 - 2014-04-23 15:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 15:04 - 2014-04-23 15:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-12-06 15:21 - 2011-12-06 15:21 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2007-07-12 10:11 - 2007-07-12 10:11 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2014-12-02 11:18 - 2014-12-02 11:18 - 00098816 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\win32api.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00110080 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\pywintypes27.dll
2014-12-02 11:18 - 2014-12-02 11:18 - 00364544 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\pythoncom27.dll
2014-12-02 11:18 - 2014-12-02 11:18 - 00045568 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\_socket.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 01160704 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\_ssl.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00320512 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\win32com.shell.shell.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00713216 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\_hashlib.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 01175040 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\wx._core_.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00805888 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\wx._gdi_.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00811008 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\wx._windows_.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 01062400 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\wx._controls_.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00735232 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\wx._misc_.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00128512 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\_elementtree.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00127488 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\pyexpat.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00557056 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\pysqlite2._sqlite.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00087552 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\_ctypes.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00119808 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\win32file.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00108544 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\win32security.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00007168 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\hashobjs_ext.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00167936 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\win32gui.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00018432 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\win32event.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00038912 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\win32inet.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00011264 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\win32crypt.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00070656 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\wx._html2.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00027136 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\_multiprocessing.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00035840 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\win32process.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00686080 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\unicodedata.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00122368 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\wx._wizard.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00024064 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\win32pipe.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00025600 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\win32pdh.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00525640 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\windows._lib_cacheinvalidation.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00010240 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\select.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00017408 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\win32profile.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00022528 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\win32ts.pyd
2014-12-02 11:18 - 2014-12-02 11:18 - 00078336 _____ () C:\Users\VTHAI68\AppData\Local\Temp\_MEI43282\wx._animate.pyd
2010-08-20 08:57 - 2010-08-20 08:57 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-20 08:57 - 2010-08-20 08:57 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-09-03 11:15 - 2014-09-03 11:15 - 10683392 _____ () C:\Users\VTHAI68\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
2014-09-03 11:15 - 2014-09-03 11:15 - 07741952 _____ () C:\Users\VTHAI68\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
2014-09-03 11:15 - 2014-09-03 11:15 - 02248192 _____ () C:\Users\VTHAI68\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
2014-09-03 11:15 - 2014-09-03 11:15 - 01681408 _____ () C:\Users\VTHAI68\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
2014-11-13 10:57 - 2014-11-13 10:57 - 00117248 _____ () C:\Users\VTHAI68\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2014-11-13 10:57 - 2014-11-13 10:57 - 00231936 _____ () C:\Users\VTHAI68\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2014-11-13 10:57 - 2014-11-13 10:57 - 00253440 _____ () C:\Users\VTHAI68\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2014-11-13 10:57 - 2014-11-13 10:57 - 00344064 _____ () C:\Users\VTHAI68\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2014-09-03 11:15 - 2014-09-03 11:15 - 00026624 _____ () C:\Users\VTHAI68\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\Users\VTHAI68\AppData\Local\Temporary Internet Files:5tNdTyI9mqN4DpjO2QNkza5LK

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: CltMngSvc => 2
MSCONFIG\Services: Level Quality Watcher => 2
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

========================= Accounts: ==========================

Administrator (S-1-5-21-2090149351-3478286336-2442695903-500 - Administrator - Disabled)
Giselle (S-1-5-21-2090149351-3478286336-2442695903-1003 - Limited - Enabled) => C:\Users\Giselle
Guest (S-1-5-21-2090149351-3478286336-2442695903-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2090149351-3478286336-2442695903-1002 - Limited - Enabled)
Richard (S-1-5-21-2090149351-3478286336-2442695903-1005 - Limited - Enabled) => C:\Users\Richard
VTHAI68 (S-1-5-21-2090149351-3478286336-2442695903-1000 - Administrator - Enabled) => C:\Users\VTHAI68
Wen (S-1-5-21-2090149351-3478286336-2442695903-1004 - Administrator - Enabled) => C:\Users\Wen

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (12/01/2014 09:07:11 AM) (Source: WTabletServicePro) (EventID: 1) (User: )
Description: Prefs: Failed to get user path

Error: (11/19/2014 06:16:58 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=38.0.2125.111;lang=;guid=6FEE38C27010468DA6E7B580EAAE1F53;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\f794ba5c-e5ce-420e-8e0e-fe683c9e927f.dmp

Error: (11/16/2014 08:44:45 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=38.0.2125.111;lang=;guid=03DDC18C12AA4EF0A87D873658EDBADB;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\aea96865-329f-499a-b522-1f3d108f0684.dmp

Error: (11/13/2014 09:48:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1ff8

Start Time: 01cfffc761f63717

Termination Time: 81

Application Path: C:\Windows\Explorer.EXE

Report Id: ceae696c-6bc1-11e4-b335-3085a905e3d6

Error: (11/12/2014 04:22:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15553

Error: (11/12/2014 04:22:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15553

Error: (11/12/2014 04:22:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/11/2014 04:53:12 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume OS (C:) was not defragmented because an error was encountered: An attempt was made to load a program with an incorrect format. (0x8007000B)

Error: (11/10/2014 04:28:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ScheduledTask.exe, version: 1.2.1.1, time stamp: 0x54041968
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86
Exception code: 0xe0434352
Fault offset: 0x0000c42d
Faulting process id: 0xba0
Faulting application start time: 0xScheduledTask.exe0
Faulting application path: ScheduledTask.exe1
Faulting module path: ScheduledTask.exe2
Report Id: ScheduledTask.exe3

Error: (11/10/2014 04:27:56 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ScheduledTask.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.InvalidOperationException
Stack:
   at System.ServiceProcess.ServiceController.Start(System.String[])
   at System.ServiceProcess.ServiceController.Start()
   at ScheduledTask.NpServiceController.StartService()
   at ScheduledTask.Program.Main(System.String[])

System errors:
=============
Error: (12/02/2014 10:16:11 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The HP CUE DeviceDiscovery Service service hung on starting.

Error: (12/02/2014 10:15:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

Error: (12/02/2014 10:12:16 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (12/02/2014 10:10:27 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (12/02/2014 10:10:27 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1068netprofm{A47979D2-C419-11D9-A5B4-001185AD2B89}

Error: (12/02/2014 10:10:16 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFD
ATKWMIACPIIO
DfsC
discache
MpFilter
NetBIOS
NetBT
nsiproxy
Psched
rdbss
SASDIFSV
SASKUTIL
spldr
tdx
vwififlt
Wanarpv6
WfpLwf

Error: (12/02/2014 10:10:13 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:
%%1068

Error: (12/02/2014 10:10:13 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Microsoft Network Inspection System service depends on the Microsoft Malware Protection Driver service which failed to start because of the following error:
%%31

Error: (12/02/2014 10:10:13 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:
%%1068

Error: (12/02/2014 10:10:13 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:
%%1068

Microsoft Office Sessions:
=========================
Error: (12/01/2014 09:07:11 AM) (Source: WTabletServicePro) (EventID: 1) (User: )
Description: Prefs: Failed to get user path

Error: (11/19/2014 06:16:58 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=38.0.2125.111;lang=;guid=6FEE38C27010468DA6E7B580EAAE1F53;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\f794ba5c-e5ce-420e-8e0e-fe683c9e927f.dmp

Error: (11/16/2014 08:44:45 PM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=38.0.2125.111;lang=;guid=03DDC18C12AA4EF0A87D873658EDBADB;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\aea96865-329f-499a-b522-1f3d108f0684.dmp

Error: (11/13/2014 09:48:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.175671ff801cfffc761f6371781C:\Windows\Explorer.EXEceae696c-6bc1-11e4-b335-3085a905e3d6

Error: (11/12/2014 04:22:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15553

Error: (11/12/2014 04:22:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15553

Error: (11/12/2014 04:22:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (11/11/2014 04:53:12 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: OS (C:)An attempt was made to load a program with an incorrect format. (0x8007000B)

Error: (11/10/2014 04:28:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ScheduledTask.exe1.2.1.154041968KERNELBASE.dll6.1.7601.1840953159a86e04343520000c42dba001cffd4653ab8294C:\Program Files (x86)\pastaleads\ScheduledTask.exeC:\Windows\syswow64\KERNELBASE.dll9e74afd7-6939-11e4-89b2-3085a905e3d6

Error: (11/10/2014 04:27:56 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: ScheduledTask.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.InvalidOperationException
Stack:
   at System.ServiceProcess.ServiceController.Start(System.String[])
   at System.ServiceProcess.ServiceController.Start()
   at ScheduledTask.NpServiceController.StartService()
   at ScheduledTask.Program.Main(System.String[])

CodeIntegrity Errors:
===================================
  Date: 2013-03-07 18:11:32.857
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-07 18:11:32.707
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-07 18:11:32.551
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-07 18:11:32.442
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\usbaapl64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-11-05 14:53:49.440
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\VTHAI68\Documents\boot\Windows\System32\fveapibase.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-11-05 14:53:49.175
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\VTHAI68\Documents\boot\Windows\System32\fveapibase.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-11-05 14:53:48.957
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\VTHAI68\Documents\boot\Windows\System32\fveapibase.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-11-05 14:53:48.660
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\VTHAI68\Documents\boot\Windows\System32\fveapibase.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-11-05 14:53:31.688
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\VTHAI68\Documents\boot\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll because the set of per-page image hashes could not be found on the system.

  Date: 2012-11-05 14:53:31.469
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\VTHAI68\Documents\boot\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel® Core™ i3-2310M CPU @ 2.10GHz
Percentage of memory in use: 24%
Total physical RAM: 7969.14 MB
Available physical RAM: 6000.71 MB
Total Pagefile: 15936.46 MB
Available Pagefile: 13855.73 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:186.3 GB) (Free:41.31 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:254.46 GB) (Free:248.85 GB) NTFS
Drive g: (1GBGREEN) (Removable) (Total:0.96 GB) (Free:0.25 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: E3102A4B)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=186.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=254.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 985 MB) (Disk ID: 04030201)
Partition 1: (Not Active) - (Size=985 MB) - (Type=06)

==================== End Of Log ============================



#4 nasdaq

nasdaq

  • Malware Response Team
  • 38,223 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:18 AM

Posted 06 December 2014 - 11:02 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
start

HKLM-x32\...\Run: [BlockAndSurf] => C:\Program Files (x86)\ver8BlockAndSurf\BlockAndSurf.exe
HKU\S-1-5-21-2090149351-3478286336-2442695903-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
AppInit_DLLs: C:\PROGRA~2\SEARCH~2\Datamngr\x64\mgrldr.dll => C:\PROGRA~2\SEARCH~2\Datamngr\x64\mgrldr.dll File Not Found
ShortcutTarget: Dropbox.lnk -> C:\Users\VTHAI68\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2090149351-3478286336-2442695903-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2090149351-3478286336-2442695903-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=393&systemid=1&apn_dtid=IME001&apn_ptnrs=AGE&o=APN10653&apn_uid=5525819248814242&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://Lasaoren.com/results.php?f=4&q={searchTerms}&a=lrn_app_14_46_ch&cd=2XzuyEtN2Y1L1QzuyBzzzytBzy0CzyzyyByEyE0D0D0B0BtDtN0D0Tzu0StCtDyEyCtN1L2XzutAtFyCtFtCtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyBtBtBzy0AtBtCyDtG0EyCtByCtG0A0CtB0CtGzzzy0C0AtGyDtAyD0A0CyEtDtAyD0B0E0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDyC0EzztB0B0DtG0CtB0F0FtGyEyD0BtAtGzzyEyC0CtG0CzztA0C0EtByC0ByCyD0EyC2Q&cr=845448638&ir=
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=393&systemid=1&apn_dtid=IME001&apn_ptnrs=AGE&o=APN10653&apn_uid=5525819248814242&q={searchTerms}
SearchScopes: HKLM -> {A25AC313-DD19-4238-ACA2-401D6BEE4321} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=843&q={searchTerms}&s_it=webpickaol-ie&s_qt=sb&tb_uuid=0E4C4E3FB9A24FABAE99846B9DC29DEF&tb_oid=02-04-2013&tb_mrud=02-04-2013
SearchScopes: HKU\S-1-5-21-2090149351-3478286336-2442695903-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://Lasaoren.com/results.php?f=4&q={searchTerms}&a=lrn_app_14_46_ch&cd=2XzuyEtN2Y1L1QzuyBzzzytBzy0CzyzyyByEyE0D0D0B0BtDtN0D0Tzu0StCtDyEyCtN1L2XzutAtFyCtFtCtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyBtBtBzy0AtBtCyDtG0EyCtByCtG0A0CtB0CtGzzzy0C0AtGyDtAyD0A0CyEtDtAyD0B0E0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDyC0EzztB0B0DtG0CtB0F0FtGyEyD0BtAtGzzyEyC0CtG0CzztA0C0EtByC0ByCyD0EyC2Q&cr=845448638&ir=
BHO-x32: No Name -> {3352F334-A389-4004-A026-3A161A0C69A7} ->  No File
Toolbar: HKU\S-1-5-21-2090149351-3478286336-2442695903-1000 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.updatepm.com/PriceMeterLiveUpdate Update;version=3 -> C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.updatepm.com/PriceMeterLiveUpdate Update;version=9 -> C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll No File
CHR HomePage: Default -> hxxp://Lasaoren.com/?f=1&a=lrn_app_14_46_ch&cd=2XzuyEtN2Y1L1QzuyBzzzytBzy0CzyzyyByEyE0D0D0B0BtDtN0D0Tzu0StCtDyEyCtN1L2XzutAtFyCtFtCtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyBtBtBzy0AtBtCyDtG0EyCtByCtG0A0CtB0CtGzzzy0C0AtGyDtAyD0A0CyEtDtAyD0B0E0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDyC0EzztB0B0DtG0CtB0F0FtGyEyD0BtAtGzzyEyC0CtG0CzztA0C0EtByC0ByCyD0EyC2Q&cr=845448638&ir=
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Extension: (Google Wallet) - C:\Users\VTHAI68\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR HKLM-x32\...\Chrome\Extension: [jgjgoboealkonoikjklgigbgconjnfbc] - C:\Users\VTHAI68\AppData\Local\CRE\jgjgoboealkonoikjklgigbgconjnfbc.crx []
CHR HKLM-x32\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Users\VTHAI68\AppData\Local\Torch\Plugins\TorchPlugin.crx []
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\VTHAI68\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx [2013-04-23]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-23] (GOOBZO)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 SMUpdd; \??\C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys [X]
C:\Users\VTHAI68\AppData\Local\CRE\jgjgoboealkonoikjklgigbgconjnfbc.crx
C:\Users\VTHAI68\AppData\Local\Torch
C:\Users\VTHAI68\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}
Task: {4917FBE7-C208-4523-9BD7-A8BBCEC0C1FD} - \PastaQuotes No Task File <==== ATTENTION
Task: {74688CD2-BB39-432B-8C9B-786ACF71BCE4} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
Task: {808E3B4B-B5CE-4B6C-877A-B27603839C29} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {BC632E7B-B8EA-411F-A6AA-B86918993BB2} - \pricemeterdownloader No Task File <==== ATTENTION
Task: {C768588A-D567-4A61-BE25-B66A86FD6D32} - System32\Tasks\YTAUpdate => C:\Program Files (x86)\YouTube Accelerator\Updater.exe [2014-08-23] (Goobzo) <==== ATTENTION
Task: {F51462E8-DCA7-43E5-BF64-7826DB2FF229} - System32\Tasks\YTAUpdate_logon => C:\Program Files (x86)\YouTube Accelerator\Updater.exe [2014-08-23] (Goobzo) <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\Users\VTHAI68\AppData\Local\Temporary Internet Files:5tNdTyI9mqN4DpjO2QNkza5LK

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log Fixlog.txt please post it to your reply.
===

You will probably need to reset the proxy, execute this.

Please Download Tweaking.com - Windows Repair from Here
  • Install and then run the program
  • Click Next at the Welcome Screen, Click Next on Step 1 Screen
  • Click Next on Step 2 Screen, Click Do it on Step 3 Screen, After is has completed click Next
  • On Step 4 Under System Restore Click Create, Then under registry back-up Click Backup When you have completed this click Next
  • On Start Repairs Click Start
  • Click the Unselect All button then select just the items below
    Repair Proxy Settings
    Repair Winsock & DNS Cache
    Remove Temp Files
    
  • Click the Start button and let the process run to completion. Copy any error messages into Notepad, Save it on your Desktop. ( Reboot if asked to do so)
  • Please copy and paste the Contents of this file on your next reply.
  • How is the computer running now?


#5 wenkmt

wenkmt
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 09 December 2014 - 11:51 AM

Thanks you nasdaq for your assistance.

 

here is the fixlog.txt

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-12-2014
Ran by VTHAI68 at 2014-12-08 12:40:41 Run:1
Running from C:\Users\VTHAI68\Desktop
Loaded Profile: VTHAI68 (Available profiles: VTHAI68 & Giselle & Wen & Richard)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start

HKLM-x32\...\Run: [BlockAndSurf] => C:\Program Files (x86)\ver8BlockAndSurf\BlockAndSurf.exe
HKU\S-1-5-21-2090149351-3478286336-2442695903-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
AppInit_DLLs: C:\PROGRA~2\SEARCH~2\Datamngr\x64\mgrldr.dll => C:\PROGRA~2\SEARCH~2\Datamngr\x64\mgrldr.dll File Not Found
ShortcutTarget: Dropbox.lnk -> C:\Users\VTHAI68\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2090149351-3478286336-2442695903-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2090149351-3478286336-2442695903-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=393&systemid=1&apn_dtid=IME001&apn_ptnrs=AGE&o=APN10653&apn_uid=5525819248814242&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://Lasaoren.com/results.php?f=4&q={searchTerms}&a=lrn_app_14_46_ch&cd=2XzuyEtN2Y1L1QzuyBzzzytBzy0CzyzyyByEyE0D0D0B0BtDtN0D0Tzu0StCtDyEyCtN1L2XzutAtFyCtFtCtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyBtBtBzy0AtBtCyDtG0EyCtByCtG0A0CtB0CtGzzzy0C0AtGyDtAyD0A0CyEtDtAyD0B0E0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDyC0EzztB0B0DtG0CtB0F0FtGyEyD0BtAtGzzyEyC0CtG0CzztA0C0EtByC0ByCyD0EyC2Q&cr=845448638&ir=
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2001} URL = http://dts.search-results.com/sr?src=ieb&gct=ds&appid=393&systemid=1&apn_dtid=IME001&apn_ptnrs=AGE&o=APN10653&apn_uid=5525819248814242&q={searchTerms}
SearchScopes: HKLM -> {A25AC313-DD19-4238-ACA2-401D6BEE4321} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {443789B7-F39C-4b5c-9287-DA72D38F4FE6} URL = http://slirsredirect.search.aol.com/redirector/sredir?sredir=843&q={searchTerms}&s_it=webpickaol-ie&s_qt=sb&tb_uuid=0E4C4E3FB9A24FABAE99846B9DC29DEF&tb_oid=02-04-2013&tb_mrud=02-04-2013
SearchScopes: HKU\S-1-5-21-2090149351-3478286336-2442695903-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://Lasaoren.com/results.php?f=4&q={searchTerms}&a=lrn_app_14_46_ch&cd=2XzuyEtN2Y1L1QzuyBzzzytBzy0CzyzyyByEyE0D0D0B0BtDtN0D0Tzu0StCtDyEyCtN1L2XzutAtFyCtFtCtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyBtBtBzy0AtBtCyDtG0EyCtByCtG0A0CtB0CtGzzzy0C0AtGyDtAyD0A0CyEtDtAyD0B0E0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDyC0EzztB0B0DtG0CtB0F0FtGyEyD0BtAtGzzyEyC0CtG0CzztA0C0EtByC0ByCyD0EyC2Q&cr=845448638&ir=
BHO-x32: No Name -> {3352F334-A389-4004-A026-3A161A0C69A7} ->  No File
Toolbar: HKU\S-1-5-21-2090149351-3478286336-2442695903-1000 -> No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @tools.updatepm.com/PriceMeterLiveUpdate Update;version=3 -> C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.updatepm.com/PriceMeterLiveUpdate Update;version=9 -> C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll No File
CHR HomePage: Default -> hxxp://Lasaoren.com/?f=1&a=lrn_app_14_46_ch&cd=2XzuyEtN2Y1L1QzuyBzzzytBzy0CzyzyyByEyE0D0D0B0BtDtN0D0Tzu0StCtDyEyCtN1L2XzutAtFyCtFtCtFtDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyBtBtBzy0AtBtCyDtG0EyCtByCtG0A0CtB0CtGzzzy0C0AtGyDtAyD0A0CyEtDtAyD0B0E0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDyC0EzztB0B0DtG0CtB0F0FtGyEyD0BtAtGzzyEyC0CtG0CzztA0C0EtByC0ByCyD0EyC2Q&cr=845448638&ir=
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Extension: (Google Wallet) - C:\Users\VTHAI68\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR HKLM-x32\...\Chrome\Extension: [jgjgoboealkonoikjklgigbgconjnfbc] - C:\Users\VTHAI68\AppData\Local\CRE\jgjgoboealkonoikjklgigbgconjnfbc.crx []
CHR HKLM-x32\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Users\VTHAI68\AppData\Local\Torch\Plugins\TorchPlugin.crx []
CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Users\VTHAI68\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx [2013-04-23]
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1510248 2014-08-23] (GOOBZO)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
S3 SMUpdd; \??\C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys [X]
C:\Users\VTHAI68\AppData\Local\CRE\jgjgoboealkonoikjklgigbgconjnfbc.crx
C:\Users\VTHAI68\AppData\Local\Torch
C:\Users\VTHAI68\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}
Task: {4917FBE7-C208-4523-9BD7-A8BBCEC0C1FD} - \PastaQuotes No Task File <==== ATTENTION
Task: {74688CD2-BB39-432B-8C9B-786ACF71BCE4} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
Task: {808E3B4B-B5CE-4B6C-877A-B27603839C29} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {BC632E7B-B8EA-411F-A6AA-B86918993BB2} - \pricemeterdownloader No Task File <==== ATTENTION
Task: {C768588A-D567-4A61-BE25-B66A86FD6D32} - System32\Tasks\YTAUpdate => C:\Program Files (x86)\YouTube Accelerator\Updater.exe [2014-08-23] (Goobzo) <==== ATTENTION
Task: {F51462E8-DCA7-43E5-BF64-7826DB2FF229} - System32\Tasks\YTAUpdate_logon => C:\Program Files (x86)\YouTube Accelerator\Updater.exe [2014-08-23] (Goobzo) <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\Users\VTHAI68\AppData\Local\Temporary Internet Files:5tNdTyI9mqN4DpjO2QNkza5LK

End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\BlockAndSurf => value deleted successfully.
HKU\S-1-5-21-2090149351-3478286336-2442695903-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir => value deleted successfully.
"C:\PROGRA~2\SEARCH~2\Datamngr\x64\mgrldr.dll" => Value Data removed successfully.
C:\Users\VTHAI68\AppData\Roaming\Dropbox\bin\Dropbox.exe not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => Key deleted successfully.
"HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => Key deleted successfully.
"HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => Key deleted successfully.
"HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4" => Key deleted successfully.
"HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" => Key not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-2090149351-3478286336-2442695903-1000\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-2090149351-3478286336-2442695903-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}" => Key deleted successfully.
"HKCR\CLSID\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2001}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A25AC313-DD19-4238-ACA2-401D6BEE4321}" => Key deleted successfully.
"HKCR\CLSID\{A25AC313-DD19-4238-ACA2-401D6BEE4321}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}" => Key not found.
"HKU\S-1-5-21-2090149351-3478286336-2442695903-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
"HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3352F334-A389-4004-A026-3A161A0C69A7}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{3352F334-A389-4004-A026-3A161A0C69A7}" => Key not found.
HKU\S-1-5-21-2090149351-3478286336-2442695903-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EEE6C35B-6118-11DC-9C72-001320C79847} => value deleted successfully.
"HKCR\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}" => Key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.updatepm.com/PriceMeterLiveUpdate Update;version=3" => Key deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@tools.updatepm.com/PriceMeterLiveUpdate Update;version=9" => Key deleted successfully.
Chrome HomePage deleted successfully.
C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ppGoogleNaClPluginChrome.dll not found.
C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL not found.
C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll not found.
C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll not found.
C:\Windows\system32\Macromed\Flash\NPSWF32.dll not found.
C:\Users\VTHAI68\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jgjgoboealkonoikjklgigbgconjnfbc" => Key deleted successfully.
"C:\Users\VTHAI68\AppData\Local\CRE\jgjgoboealkonoikjklgigbgconjnfbc.crx" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof" => Key deleted successfully.
"C:\Users\VTHAI68\AppData\Local\Torch\Plugins\TorchPlugin.crx" => File/Directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj" => Key deleted successfully.
C:\Users\VTHAI68\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetNT.crx => Moved successfully.
YouTubeAcceleratorService => Service stopped successfully.
YouTubeAcceleratorService => Service deleted successfully.
IntcAzAudAddService => Service deleted successfully.
SMUpdd => Service deleted successfully.
"C:\Users\VTHAI68\AppData\Local\CRE\jgjgoboealkonoikjklgigbgconjnfbc.crx" => File/Directory not found.
"C:\Users\VTHAI68\AppData\Local\Torch" => File/Directory not found.
C:\Users\VTHAI68\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4917FBE7-C208-4523-9BD7-A8BBCEC0C1FD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4917FBE7-C208-4523-9BD7-A8BBCEC0C1FD}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PastaQuotes" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{74688CD2-BB39-432B-8C9B-786ACF71BCE4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{74688CD2-BB39-432B-8C9B-786ACF71BCE4}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BackgroundContainer Startup Task" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{808E3B4B-B5CE-4B6C-877A-B27603839C29}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{808E3B4B-B5CE-4B6C-877A-B27603839C29}" => Key deleted successfully.
C:\Windows\System32\Tasks\LaunchSignup => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BC632E7B-B8EA-411F-A6AA-B86918993BB2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC632E7B-B8EA-411F-A6AA-B86918993BB2}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\pricemeterdownloader" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C768588A-D567-4A61-BE25-B66A86FD6D32}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C768588A-D567-4A61-BE25-B66A86FD6D32}" => Key deleted successfully.
C:\Windows\System32\Tasks\YTAUpdate => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTAUpdate" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F51462E8-DCA7-43E5-BF64-7826DB2FF229}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F51462E8-DCA7-43E5-BF64-7826DB2FF229}" => Key deleted successfully.
C:\Windows\System32\Tasks\YTAUpdate_logon => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTAUpdate_logon" => Key deleted successfully.
C:\ProgramData\Temp => ":56E2E879" ADS removed successfully.
"C:\Users\VTHAI68\AppData\Local\Temporary Internet Files" => ":5tNdTyI9mqN4DpjO2QNkza5LK" ADS not found.

The system needed a reboot.

==== End of Fixlog ====



#6 wenkmt

wenkmt
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 09 December 2014 - 12:07 PM

The result from running the Tweaking.com Window Repair.

 

This is what I have done, that may have a misstep, please comment,  - Thanks.

 

In the Step 4 after the Start Repairs Click Start.  I did not Unselect All button and Click the Start button! In the 1st attempt.   I noticed the mistake  and  Unselect All  then Start after selecting the advised ones.

 

I did not see any error messages saved.

 

But I did copy the log and posted here bellow before I Restart the notebook.  - Thanks

 

 

===============================

 

Log:
Tweaking.com - Windows Repair v2.10.2
--------------------------------------------------------------------------------

System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Home Premium
OS Architecture: 64-bit
OS Version: 6.1.7601
OS Service Pack: Service Pack 1
Computer Name: VTHAI68-PC
Windows Drive: C:\
Windows Path: C:\Windows
Program Files: C:\Program Files
Program Files (x86): C:\Program Files (x86)
Current Profile: C:\Users\VTHAI68
Current Profile SID: S-1-5-21-2090149351-3478286336-2442695903-1000
Current Profile Classes: S-1-5-21-2090149351-3478286336-2442695903-1000_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\VTHAI68\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:43:02

Process Count: 105
Commit Total: 2.03 GB
Commit Limit: 15.56 GB
Commit Peak: 3.45 GB
Handle Count: 24018
Kernel Total: 506.40 MB
Kernel Paged: 415.88 MB
Kernel Non Paged: 90.52 MB
System Cache: 3.04 GB
Thread Count: 958
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 7.78 GB
Memory Used: 1.96 GB(25.1959%)
Memory Avail.: 5.82 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 7.78 GB
Memory Used: 1.71 GB(21.9546%)
Memory Avail.: 6.07 GB
--------------------------------------------------------------------------------

Starting Repairs...
   Started at (12/8/2014 2:41:23 PM)

13 - Repair Winsock & DNS Cache
   Start (12/8/2014 2:41:26 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/8/2014 2:41:44 PM)

14 - Remove Temp Files
   Start (12/8/2014 2:41:44 PM)
   Running Repair Under System Account
   Done (12/8/2014 2:42:03 PM)

15 - Repair Proxy Settings
   Start (12/8/2014 2:42:03 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/8/2014 2:42:05 PM)

Cleaning up empty logs...

All Selected Repairs Done.
   Done at (12/8/2014 2:42:05 PM)
   Total Repair Time: 00:00:45

...YOU MUST RESTART YOUR SYSTEM...



#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,223 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:18 AM

Posted 09 December 2014 - 02:26 PM

How is the computer running now?

#8 wenkmt

wenkmt
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 09 December 2014 - 04:35 PM

Thanks nasdaq, still not good, same problem of unable to change the proxy.



#9 wenkmt

wenkmt
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 09 December 2014 - 08:52 PM

Hello nasdaq.

 

Thanks for continuous assistance.

 

Since it did not work and I proceed to turn off the Wi-Fi and shut down the system.  I don't leave it on when proxy is hijacked.

 

While shutting down, It did window update installation asking not to unplug the system..... and updated 11 updates....

 

It restarted the system..... and Applying the updates..... Starting Windows ....  Preparing to configure Windows to 100% - Do not turn off your computer....

 

Back to log in and log into the admin account and try to access the internet....

 

- Still Not connecting

 

I tried to change the proxy and it is still there... no changes will take effective in the proxy

 

Hope this information help.

 

Thanks

 

Wen



#10 nasdaq

nasdaq

  • Malware Response Team
  • 38,223 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:18 AM

Posted 10 December 2014 - 08:00 AM

Please run the Tweaking.com tool one more time

Click the Unselect All button then select just the items below

Repair Proxy Settings
Repair Winsock & DNS Cache
Remove Temp Files


Click the Start button and let the process run to completion. Copy any error messages into Notepad, Save it on your Desktop. ( Reboot if asked to do so)
Please copy and paste the Contents of this file on your next reply.

How is it now?

#11 nasdaq

nasdaq

  • Malware Response Team
  • 38,223 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:18 AM

Posted 16 December 2014 - 10:08 AM

Are you still with me?

#12 wenkmt

wenkmt
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 16 December 2014 - 03:40 PM

Yes, nasdaq, just finish again running the tweaking.com and here are the files.....

 

chkdsk.log

 

Microsoft Windows [Version 6.1.7601]
Copyright © 2009 Microsoft Corporation.  All rights reserved.

C:\Users\VTHAI68\Desktop>CD /D C:\

C:\>chkdsk C:
The type of the file system is NTFS.
The volume is in use by another process. Chkdsk
might report errors when no corruption is present.
Volume label is OS.

WARNING!  F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
9 percent complete. (296961 of 306432 file records processed)    
306432 file records processed.                                        

File verification completed.
  1219 large file records processed.                                  

  0 bad file records processed.                                    

  0 EA records processed.                                          

92 reparse records processed.                                     

CHKDSK is verifying indexes (stage 2 of 3)...
46 percent complete. (309978 of 398868 index entries processed)   
Index entry CHKDSK.EXE-496676BC.pf in index $I30 of file 6527 is incorrect.
Index entry CHKDSK~1.PF in index $I30 of file 6527 is incorrect.
51 percent complete. (352149 of 398868 index entries processed)   
398868 index entries processed.                                       

Index verification completed.

Errors found.  CHKDSK cannot continue in read-only mode.

C:\>

 

chkdsk_full_log.txt file

 

Microsoft Windows [Version 6.1.7601]
Copyright © 2009 Microsoft Corporation.  All rights reserved.

C:\Users\VTHAI68\Desktop>CD /D C:\

C:\>chkdsk C:
The type of the file system is NTFS.
The volume is in use by another process. Chkdsk
might report errors when no corruption is present.
Volume label is OS.

WARNING!  F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
 0 percent complete. (0 of 306432 file records processed)    
 0 percent complete. (4865 of 306432 file records processed)    
 0 percent complete. (12289 of 306432 file records processed)    
 0 percent complete. (21249 of 306432 file records processed)    
 0 percent complete. (28929 of 306432 file records processed)    
 1 percent complete. (30644 of 306432 file records processed)    
 1 percent complete. (41074 of 306432 file records processed)    
 1 percent complete. (45569 of 306432 file records processed)    
 1 percent complete. (53581 of 306432 file records processed)    
 2 percent complete. (61287 of 306432 file records processed)    
 2 percent complete. (73729 of 306432 file records processed)    
 2 percent complete. (75603 of 306432 file records processed)    
 2 percent complete. (82945 of 306432 file records processed)    
 3 percent complete. (91930 of 306432 file records processed)    
 3 percent complete. (103425 of 306432 file records processed)    
 3 percent complete. (119041 of 306432 file records processed)    
 4 percent complete. (122573 of 306432 file records processed)    
 4 percent complete. (143873 of 306432 file records processed)    
 4 percent complete. (147201 of 306432 file records processed)    
 5 percent complete. (153216 of 306432 file records processed)    
 5 percent complete. (163841 of 306432 file records processed)    
 5 percent complete. (174471 of 306432 file records processed)    
 6 percent complete. (183860 of 306432 file records processed)    
 6 percent complete. (189697 of 306432 file records processed)    
 6 percent complete. (203521 of 306432 file records processed)    
 7 percent complete. (214503 of 306432 file records processed)    
 7 percent complete. (228865 of 306432 file records processed)    
 7 percent complete. (236460 of 306432 file records processed)    
 7 percent complete. (242049 of 306432 file records processed)    
 8 percent complete. (245146 of 306432 file records processed)    
 8 percent complete. (257281 of 306432 file records processed)    
 8 percent complete. (272958 of 306432 file records processed)    
 9 percent complete. (275789 of 306432 file records processed)    
 9 percent complete. (296961 of 306432 file records processed)    
  306432 file records processed.                                        

File verification completed.
  1219 large file records processed.                                  

  0 bad file records processed.                                    

  0 EA records processed.                                          

  92 reparse records processed.                                     

CHKDSK is verifying indexes (stage 2 of 3)...
11 percent complete. (8032 of 398868 index entries processed)   
12 percent complete. (16500 of 398868 index entries processed)   
13 percent complete. (24969 of 398868 index entries processed)   
14 percent complete. (33437 of 398868 index entries processed)   
15 percent complete. (41905 of 398868 index entries processed)   
16 percent complete. (50374 of 398868 index entries processed)   
17 percent complete. (58842 of 398868 index entries processed)   
18 percent complete. (67310 of 398868 index entries processed)   
19 percent complete. (75779 of 398868 index entries processed)   
20 percent complete. (84247 of 398868 index entries processed)   
21 percent complete. (92716 of 398868 index entries processed)   
22 percent complete. (101184 of 398868 index entries processed)   
23 percent complete. (109652 of 398868 index entries processed)   
24 percent complete. (118121 of 398868 index entries processed)   
25 percent complete. (126589 of 398868 index entries processed)   
26 percent complete. (135057 of 398868 index entries processed)   
27 percent complete. (143526 of 398868 index entries processed)   
28 percent complete. (151994 of 398868 index entries processed)   
29 percent complete. (160462 of 398868 index entries processed)   
30 percent complete. (168931 of 398868 index entries processed)   
31 percent complete. (177399 of 398868 index entries processed)   
32 percent complete. (185868 of 398868 index entries processed)   
33 percent complete. (194336 of 398868 index entries processed)   
34 percent complete. (202804 of 398868 index entries processed)   
35 percent complete. (211273 of 398868 index entries processed)   
36 percent complete. (219741 of 398868 index entries processed)   
37 percent complete. (228209 of 398868 index entries processed)   
38 percent complete. (236678 of 398868 index entries processed)   
39 percent complete. (245146 of 398868 index entries processed)   
40 percent complete. (253614 of 398868 index entries processed)   
41 percent complete. (262083 of 398868 index entries processed)   
42 percent complete. (270551 of 398868 index entries processed)   
43 percent complete. (279020 of 398868 index entries processed)   
44 percent complete. (287488 of 398868 index entries processed)   
45 percent complete. (295956 of 398868 index entries processed)   
46 percent complete. (304425 of 398868 index entries processed)   
46 percent complete. (306444 of 398868 index entries processed)   
46 percent complete. (306666 of 398868 index entries processed)   
46 percent complete. (306850 of 398868 index entries processed)   
46 percent complete. (307277 of 398868 index entries processed)   
46 percent complete. (307583 of 398868 index entries processed)   
46 percent complete. (307782 of 398868 index entries processed)   
46 percent complete. (308453 of 398868 index entries processed)   
46 percent complete. (308976 of 398868 index entries processed)   
46 percent complete. (309254 of 398868 index entries processed)   
46 percent complete. (309581 of 398868 index entries processed)   
46 percent complete. (309865 of 398868 index entries processed)   
46 percent complete. (309978 of 398868 index entries processed)   
Index entry CHKDSK.EXE-496676BC.pf in index $I30 of file 6527 is incorrect.
Index entry CHKDSK~1.PF in index $I30 of file 6527 is incorrect.
46 percent complete. (310125 of 398868 index entries processed)   
46 percent complete. (310282 of 398868 index entries processed)   
46 percent complete. (310701 of 398868 index entries processed)   
46 percent complete. (310925 of 398868 index entries processed)   
46 percent complete. (311273 of 398868 index entries processed)   
46 percent complete. (311524 of 398868 index entries processed)   
46 percent complete. (311828 of 398868 index entries processed)   
46 percent complete. (311910 of 398868 index entries processed)   
46 percent complete. (312069 of 398868 index entries processed)   
46 percent complete. (312668 of 398868 index entries processed)   
46 percent complete. (312840 of 398868 index entries processed)   
47 percent complete. (312893 of 398868 index entries processed)   
47 percent complete. (313648 of 398868 index entries processed)   
47 percent complete. (313918 of 398868 index entries processed)   
47 percent complete. (314430 of 398868 index entries processed)   
47 percent complete. (314864 of 398868 index entries processed)   
47 percent complete. (315705 of 398868 index entries processed)   
47 percent complete. (315878 of 398868 index entries processed)   
47 percent complete. (316347 of 398868 index entries processed)   
47 percent complete. (316628 of 398868 index entries processed)   
47 percent complete. (316950 of 398868 index entries processed)   
47 percent complete. (317186 of 398868 index entries processed)   
47 percent complete. (317378 of 398868 index entries processed)   
47 percent complete. (317620 of 398868 index entries processed)   
47 percent complete. (317764 of 398868 index entries processed)   
47 percent complete. (318055 of 398868 index entries processed)   
47 percent complete. (318334 of 398868 index entries processed)   
47 percent complete. (318501 of 398868 index entries processed)   
47 percent complete. (318836 of 398868 index entries processed)   
47 percent complete. (319346 of 398868 index entries processed)   
47 percent complete. (319693 of 398868 index entries processed)   
47 percent complete. (320000 of 398868 index entries processed)   
47 percent complete. (320386 of 398868 index entries processed)   
47 percent complete. (321161 of 398868 index entries processed)   
48 percent complete. (321361 of 398868 index entries processed)   
48 percent complete. (321963 of 398868 index entries processed)   
48 percent complete. (322359 of 398868 index entries processed)   
48 percent complete. (322364 of 398868 index entries processed)   
48 percent complete. (323060 of 398868 index entries processed)   
48 percent complete. (323523 of 398868 index entries processed)   
48 percent complete. (323837 of 398868 index entries processed)   
48 percent complete. (324078 of 398868 index entries processed)   
48 percent complete. (324311 of 398868 index entries processed)   
48 percent complete. (324975 of 398868 index entries processed)   
48 percent complete. (325384 of 398868 index entries processed)   
48 percent complete. (326140 of 398868 index entries processed)   
48 percent complete. (326576 of 398868 index entries processed)   
48 percent complete. (327089 of 398868 index entries processed)   
48 percent complete. (327410 of 398868 index entries processed)   
48 percent complete. (327986 of 398868 index entries processed)   
48 percent complete. (328373 of 398868 index entries processed)   
48 percent complete. (328960 of 398868 index entries processed)   
48 percent complete. (329279 of 398868 index entries processed)   
48 percent complete. (329533 of 398868 index entries processed)   
49 percent complete. (329830 of 398868 index entries processed)   
49 percent complete. (329860 of 398868 index entries processed)   
49 percent complete. (329920 of 398868 index entries processed)   
49 percent complete. (330071 of 398868 index entries processed)   
49 percent complete. (330234 of 398868 index entries processed)   
49 percent complete. (330511 of 398868 index entries processed)   
49 percent complete. (330776 of 398868 index entries processed)   
49 percent complete. (330931 of 398868 index entries processed)   
49 percent complete. (331224 of 398868 index entries processed)   
49 percent complete. (331361 of 398868 index entries processed)   
49 percent complete. (331409 of 398868 index entries processed)   
49 percent complete. (331864 of 398868 index entries processed)   
49 percent complete. (332055 of 398868 index entries processed)   
49 percent complete. (332276 of 398868 index entries processed)   
49 percent complete. (332547 of 398868 index entries processed)   
49 percent complete. (332841 of 398868 index entries processed)   
49 percent complete. (333184 of 398868 index entries processed)   
49 percent complete. (333815 of 398868 index entries processed)   
49 percent complete. (334158 of 398868 index entries processed)   
49 percent complete. (334551 of 398868 index entries processed)   
49 percent complete. (335165 of 398868 index entries processed)   
49 percent complete. (335510 of 398868 index entries processed)   
49 percent complete. (335977 of 398868 index entries processed)   
49 percent complete. (336003 of 398868 index entries processed)   
49 percent complete. (336034 of 398868 index entries processed)   
49 percent complete. (336113 of 398868 index entries processed)   
49 percent complete. (336535 of 398868 index entries processed)   
49 percent complete. (337056 of 398868 index entries processed)   
49 percent complete. (337162 of 398868 index entries processed)   
49 percent complete. (337575 of 398868 index entries processed)   
49 percent complete. (337876 of 398868 index entries processed)   
49 percent complete. (338021 of 398868 index entries processed)   
50 percent complete. (338298 of 398868 index entries processed)   
50 percent complete. (338521 of 398868 index entries processed)   
50 percent complete. (338806 of 398868 index entries processed)   
50 percent complete. (339264 of 398868 index entries processed)   
50 percent complete. (339677 of 398868 index entries processed)   
50 percent complete. (339951 of 398868 index entries processed)   
50 percent complete. (340297 of 398868 index entries processed)   
50 percent complete. (340536 of 398868 index entries processed)   
50 percent complete. (340699 of 398868 index entries processed)   
50 percent complete. (340764 of 398868 index entries processed)   
50 percent complete. (340836 of 398868 index entries processed)   
50 percent complete. (340994 of 398868 index entries processed)   
50 percent complete. (341223 of 398868 index entries processed)   
50 percent complete. (341634 of 398868 index entries processed)   
50 percent complete. (341832 of 398868 index entries processed)   
50 percent complete. (342243 of 398868 index entries processed)   
50 percent complete. (342518 of 398868 index entries processed)   
50 percent complete. (342890 of 398868 index entries processed)   
50 percent complete. (343023 of 398868 index entries processed)   
50 percent complete. (343183 of 398868 index entries processed)   
50 percent complete. (343361 of 398868 index entries processed)   
50 percent complete. (343585 of 398868 index entries processed)   
50 percent complete. (343720 of 398868 index entries processed)   
50 percent complete. (343859 of 398868 index entries processed)   
50 percent complete. (344013 of 398868 index entries processed)   
50 percent complete. (344563 of 398868 index entries processed)   
50 percent complete. (344947 of 398868 index entries processed)   
50 percent complete. (345104 of 398868 index entries processed)   
50 percent complete. (345209 of 398868 index entries processed)   
50 percent complete. (345507 of 398868 index entries processed)   
50 percent complete. (345838 of 398868 index entries processed)   
50 percent complete. (346060 of 398868 index entries processed)   
50 percent complete. (346487 of 398868 index entries processed)   
50 percent complete. (346671 of 398868 index entries processed)   
50 percent complete. (346737 of 398868 index entries processed)   
51 percent complete. (346767 of 398868 index entries processed)   
51 percent complete. (347171 of 398868 index entries processed)   
51 percent complete. (347402 of 398868 index entries processed)   
51 percent complete. (347620 of 398868 index entries processed)   
51 percent complete. (347846 of 398868 index entries processed)   
51 percent complete. (348069 of 398868 index entries processed)   
51 percent complete. (348448 of 398868 index entries processed)   
51 percent complete. (348637 of 398868 index entries processed)   
51 percent complete. (348850 of 398868 index entries processed)   
51 percent complete. (349161 of 398868 index entries processed)   
51 percent complete. (349510 of 398868 index entries processed)   
51 percent complete. (349907 of 398868 index entries processed)   
51 percent complete. (350210 of 398868 index entries processed)   
51 percent complete. (350417 of 398868 index entries processed)   
51 percent complete. (350563 of 398868 index entries processed)   
51 percent complete. (350811 of 398868 index entries processed)   
51 percent complete. (351168 of 398868 index entries processed)   
51 percent complete. (351332 of 398868 index entries processed)   
51 percent complete. (351711 of 398868 index entries processed)   
51 percent complete. (352002 of 398868 index entries processed)   
51 percent complete. (352149 of 398868 index entries processed)   
  398868 index entries processed.                                       

Index verification completed.

Errors found.  CHKDSK cannot continue in read-only mode.

C:\>

 

 

Repair_winsock_and_DNS_Chache.txt

 

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

Ok.

Reseting Interface, OK!
Reseting Route, OK!
Restart the computer to complete this action.

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

The following command was not found: int 6to4 reset all.
There's no user specified settings to be reset.

There's no user specified settings to be reset.

The following command was not found: int isatap reset all.

Reset of all TCP parameters OK!
Ok.

The following command was not found: int teredo reset all.

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

Windows IP Configuration

Registration of the DNS resource records for all adapters of this computer has been initiated. Any errors will be reported in the Event Viewer in 15 minutes.

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

Ok.

Reseting Interface, OK!
Restart the computer to complete this action.

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

The following command was not found: int 6to4 reset all.
There's no user specified settings to be reset.

There's no user specified settings to be reset.

The following command was not found: int isatap reset all.

Reset of all TCP parameters OK!
Ok.

The following command was not found: int teredo reset all.

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

Windows IP Configuration

Registration of the DNS resource records for all adapters of this computer has been initiated. Any errors will be reported in the Event Viewer in 15 minutes.

 

Remov_Temp_Files

 

Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\AdobeARM.log
C:\Users\VTHAI68\AppData\Local\Temp\FXSAPIDebugLogFile.txt
The process cannot access the file because it is being used by another process.
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\hpqddusr.log
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\JavaDeployReg.log
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\jusched.log
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\oobelib.log
C:\Users\VTHAI68\AppData\Local\Temp\PDApp.log
The process cannot access the file because it is being used by another process.
C:\Users\VTHAI68\AppData\Local\Temp\qtsingleapp-Google-875a-1-lockfile
The process cannot access the file because it is being used by another process.
C:\Users\VTHAI68\AppData\Local\Temp\~DF4A307DA19AFCE074.TMP
The process cannot access the file because it is being used by another process.
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\~DF8DB2789689EF1A37.TMP
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\Low\JavaDeployReg.log
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\bz2.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\gdi32.dll
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\hashobjs_ext.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\kernel32.dll
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\main.exe.manifest
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\mfc90.dll
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\mfc90u.dll
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\mfcm90.dll
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\mfcm90u.dll
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\msvcp100.dll
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\msvcr100.dll
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\psapi.dll
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\pyexpat.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\pysqlite2._sqlite.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\python27.dll
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\pythoncom27.dll
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\PyWinTypes27.dll
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\select.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\shell32.dll
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\unicodedata.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\win32api.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\win32com.shell.shell.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\win32crypt.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\win32event.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\win32evtlog.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\win32file.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\win32gui.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\win32inet.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\win32pdh.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\win32pipe.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\win32process.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\win32profile.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\win32security.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\win32trace.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\win32ts.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\win32ui.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\win32wnet.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\windows._lib_cacheinvalidation.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\wx._animate.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\wx._controls_.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\wx._core_.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\wx._gdi_.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\wx._html2.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\wx._misc_.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\wx._windows_.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\wx._wizard.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\wxbase294u_net_vc90.dll
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\wxbase294u_vc90.dll
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\wxmsw294u_adv_vc90.dll
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\wxmsw294u_core_vc90.dll
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\wxmsw294u_html_vc90.dll
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\wxmsw294u_webview_vc90.dll
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\_ctypes.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\_elementtree.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\_hashlib.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\_multiprocessing.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\_socket.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\_ssl.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\_win32sysloader.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\chrome_ext\com.google.drive.nativeproxy.json.template
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\fonts\OpenSans-Light.ttf
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\fonts\Roboto-Bold.ttf
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\fonts\Roboto-Regular.ttf
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\fonts\Roboto-Thin.ttf
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\ar\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\bg\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\bn\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\ca\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\cs\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\da\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\de\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\el\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\en\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\en_GB\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\en_US\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\es\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\fi\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\fil\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\fr\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\gu\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\he\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\hi\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\hr\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\hu\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\id\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\it\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\ja\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\kn\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\ko\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\lt\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\lv\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\ml\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\mr\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\nl\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\no\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\pl\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\pt\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\pt_BR\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\pt_PT\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\ro\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\ru\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\sk\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\sl\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\sr\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\sv\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\ta\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\te\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\th\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\tr\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\uk\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\vi\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\zh\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\zh-Hans\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\zh-Hant\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\zh_CN\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\zh_HK\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\i18n\locale\zh_TW\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\docs.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-gdoc16.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-gdoc256.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-gdoc32.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-gdoc48.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-gdraw16.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-gdraw256.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-gdraw32.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-gdraw48.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-gform16.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-gform256.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-gform32.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-gform48.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-glink16.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-glink256.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-glink32.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-glink48.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-gsheet16.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-gsheet256.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-gsheet32.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-gsheet48.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-gslides16.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-gslides256.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-gslides32.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-gslides48.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-photos-logo.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-sync16.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-sync16.xpm
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-sync256.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-sync32.xpm
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\drive-sync64.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\exclaim.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\file.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\folder-mac.icns
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\folder-winseven.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\folder-winxp.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\folder.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\gdoc.icns
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\gdoc.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\gdraw.icns
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\gdraw.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\gform.icns
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\gform.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\glink.icns
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\glink.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\gnote.icns
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\gnote.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\gscript.icns
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\gscript.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\gsheet.icns
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\gsheet.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\gslides.icns
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\gslides.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\gtable.icns
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\gtable.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\image_resources.py
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\image_resources.pyo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate1-inverse.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate1-inverse_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate1.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate1_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate2-inverse.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate2-inverse_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate2.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate2_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate3-inverse.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate3-inverse_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate3.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate3_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate4-inverse.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate4-inverse_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate4.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate4_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate5-inverse.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate5-inverse_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate5.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate5_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate6-inverse.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate6-inverse_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate6.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate6_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate7-inverse.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate7-inverse_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate7.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate7_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate8-inverse.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate8-inverse_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate8.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-animate8_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-error-inverse.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-error-inverse_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-error.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-error_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-inactive-inverse.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-inactive-inverse_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-inactive.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-inactive_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-normal-inverse.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-normal-inverse_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-normal.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-normal_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-pause-inverse_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-paused-inverse.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-paused-inverse_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-paused.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\mac-paused_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_backups.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_backups_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_check.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_check_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_create.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_create_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_docs_16.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_down-arrow.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_down-arrow_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_drive-logo.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_drive-logo_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_error.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_error_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_file_32.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_folder.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_folder_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_folder_32.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_google-logo-gray.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_google-logo-gray_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_link.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_link_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_settings.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_settings_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_share.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_share_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_sheets_16.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_slides_16.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_sm_warning_red.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_sm_warning_red_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_sm_warning_yellow.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_sm_warning_yellow_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_sync-paused.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_sync.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_sync_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_sync_anim.gif
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_sync_anim_2x.gif
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_sync_anim_grey.gif
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_up-arrow.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_up-arrow_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_warning.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_warning_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_warning_color.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_warning_color_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_web.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\menu_web_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\setup_drive_folder_lin.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\setup_drive_folder_mac.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\setup_drive_folder_win.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\setup_mobile_bottom.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\setup_mobile_right.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\setup_right_click_mac.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\setup_right_click_win.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\setup_taskbar_lin.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\setup_taskbar_mac.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\setup_taskbar_win.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\setup_welcome.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\sharedfolder-mac.icns
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\sharedfolder-winseven.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\sharedfolder-winxp.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\shareguyicon.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\sheets.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\slides.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\sync.icns
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\sync.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\sync.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\sync_128.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\sync_menu_done.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\sync_menu_done_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\sync_menu_error.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\sync_menu_error_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\sync_menu_syncing.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\sync_menu_syncing_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\toprighticon.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\warning-hdpi_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\warning_128.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\warning_256.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\warning_64.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\win-animate1.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\win-animate2.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\win-animate3.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\win-animate4.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\win-animate5.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\win-animate6.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\win-animate7.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\win-animate8.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\win-normal.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\win7-error.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\win7-inactive.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\win7-paused.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\winxp-error.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\winxp-inactive.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\winxp-paused.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\__init__.py
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\__init__.pyo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\overlays\Blacklisted.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\overlays\Shared.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\overlays\Synced.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\images\overlays\Syncing.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\js\XMLHttpRequest.js
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\resources\mime\drive.mime.types
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI3082\support\gen_py\__init__.py
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\bz2.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\gdi32.dll
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\hashobjs_ext.pyd
Access is denied.
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\kernel32.dll
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\main.exe.manifest
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\mfc90.dll
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\mfc90u.dll
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\mfcm90.dll
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\mfcm90u.dll
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\msvcp100.dll
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\msvcr100.dll
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\psapi.dll
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\pyexpat.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\pysqlite2._sqlite.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\python27.dll
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\pythoncom27.dll
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\PyWinTypes27.dll
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\select.pyd
Access is denied.
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\shell32.dll
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\unicodedata.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\win32api.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\win32com.shell.shell.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\win32crypt.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\win32event.pyd
Access is denied.
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\win32evtlog.pyd
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\win32file.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\win32gui.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\win32inet.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\win32pdh.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\win32pipe.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\win32process.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\win32profile.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\win32security.pyd
Access is denied.
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\win32trace.pyd
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\win32ts.pyd
Access is denied.
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\win32ui.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\win32wnet.pyd
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\windows._lib_cacheinvalidation.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\wx._animate.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\wx._controls_.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\wx._core_.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\wx._gdi_.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\wx._html2.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\wx._misc_.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\wx._windows_.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\wx._wizard.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\wxbase294u_net_vc90.dll
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\wxbase294u_vc90.dll
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\wxmsw294u_adv_vc90.dll
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\wxmsw294u_core_vc90.dll
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\wxmsw294u_html_vc90.dll
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\wxmsw294u_webview_vc90.dll
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\_ctypes.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\_elementtree.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\_hashlib.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\_multiprocessing.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\_socket.pyd
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\_ssl.pyd
Access is denied.
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\_win32sysloader.pyd
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\chrome_ext\com.google.drive.nativeproxy.json.template
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\fonts\OpenSans-Light.ttf
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\fonts\Roboto-Bold.ttf
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\fonts\Roboto-Regular.ttf
Access is denied.
C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\fonts\Roboto-Thin.ttf
Access is denied.
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\ar\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\bg\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\bn\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\ca\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\cs\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\da\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\de\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\el\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\en\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\en_GB\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\en_US\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\es\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\fi\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\fil\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\fr\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\gu\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\he\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\hi\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\hr\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\hu\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\id\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\it\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\ja\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\kn\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\ko\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\lt\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\lv\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\ml\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\mr\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\nl\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\no\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\pl\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\pt\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\pt_BR\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\pt_PT\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\ro\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\ru\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\sk\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\sl\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\sr\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\sv\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\ta\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\te\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\th\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\tr\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\uk\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\vi\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\zh\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\zh-Hans\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\zh-Hant\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\zh_CN\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\zh_HK\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\i18n\locale\zh_TW\LC_MESSAGES\syncclient.mo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\docs.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-gdoc16.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-gdoc256.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-gdoc32.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-gdoc48.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-gdraw16.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-gdraw256.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-gdraw32.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-gdraw48.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-gform16.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-gform256.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-gform32.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-gform48.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-glink16.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-glink256.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-glink32.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-glink48.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-gsheet16.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-gsheet256.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-gsheet32.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-gsheet48.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-gslides16.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-gslides256.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-gslides32.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-gslides48.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-photos-logo.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-sync16.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-sync16.xpm
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-sync256.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-sync32.xpm
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\drive-sync64.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\exclaim.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\file.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\folder-mac.icns
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\folder-winseven.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\folder-winxp.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\folder.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\gdoc.icns
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\gdoc.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\gdraw.icns
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\gdraw.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\gform.icns
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\gform.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\glink.icns
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\glink.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\gnote.icns
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\gnote.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\gscript.icns
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\gscript.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\gsheet.icns
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\gsheet.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\gslides.icns
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\gslides.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\gtable.icns
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\gtable.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\image_resources.py
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\image_resources.pyo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate1-inverse.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate1-inverse_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate1.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate1_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate2-inverse.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate2-inverse_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate2.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate2_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate3-inverse.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate3-inverse_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate3.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate3_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate4-inverse.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate4-inverse_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate4.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate4_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate5-inverse.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate5-inverse_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate5.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate5_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate6-inverse.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate6-inverse_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate6.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate6_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate7-inverse.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate7-inverse_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate7.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate7_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate8-inverse.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate8-inverse_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate8.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-animate8_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-error-inverse.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-error-inverse_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-error.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-error_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-inactive-inverse.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-inactive-inverse_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-inactive.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-inactive_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-normal-inverse.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-normal-inverse_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-normal.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-normal_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-pause-inverse_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-paused-inverse.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-paused-inverse_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-paused.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\mac-paused_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_backups.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_backups_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_check.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_check_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_create.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_create_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_docs_16.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_down-arrow.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_down-arrow_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_drive-logo.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_drive-logo_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_error.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_error_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_file_32.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_folder.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_folder_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_folder_32.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_google-logo-gray.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_google-logo-gray_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_link.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_link_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_settings.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_settings_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_share.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_share_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_sheets_16.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_slides_16.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_sm_warning_red.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_sm_warning_red_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_sm_warning_yellow.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_sm_warning_yellow_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_sync-paused.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_sync.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_sync_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_sync_anim.gif
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_sync_anim_2x.gif
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_sync_anim_grey.gif
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_up-arrow.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_up-arrow_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_warning.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_warning_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_warning_color.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_warning_color_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_web.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\menu_web_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\setup_drive_folder_lin.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\setup_drive_folder_mac.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\setup_drive_folder_win.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\setup_mobile_bottom.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\setup_mobile_right.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\setup_right_click_mac.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\setup_right_click_win.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\setup_taskbar_lin.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\setup_taskbar_mac.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\setup_taskbar_win.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\setup_welcome.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\sharedfolder-mac.icns
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\sharedfolder-winseven.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\sharedfolder-winxp.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\shareguyicon.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\sheets.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\slides.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\sync.icns
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\sync.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\sync.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\sync_128.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\sync_menu_done.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\sync_menu_done_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\sync_menu_error.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\sync_menu_error_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\sync_menu_syncing.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\sync_menu_syncing_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\toprighticon.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\warning-hdpi_2x.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\warning_128.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\warning_256.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\warning_64.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\win-animate1.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\win-animate2.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\win-animate3.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\win-animate4.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\win-animate5.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\win-animate6.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\win-animate7.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\win-animate8.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\win-normal.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\win7-error.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\win7-inactive.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\win7-paused.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\winxp-error.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\winxp-inactive.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\winxp-paused.png
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\__init__.py
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\__init__.pyo
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\overlays\Blacklisted.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\overlays\Shared.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\overlays\Synced.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\images\overlays\Syncing.ico
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\js\XMLHttpRequest.js
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\resources\mime\drive.mime.types
Deleted file - C:\Users\VTHAI68\AppData\Local\Temp\_MEI39042\support\gen_py\__init__.py
Deleted file - C:\Windows\Temp\hpqddsvc.log
Deleted file - C:\Windows\Temp\lpksetup-20141215-182458-0.log
Deleted file - C:\Windows\Temp\lpksetup-20141215-184846-0.log
Deleted file - C:\Windows\Temp\lpksetup-20141215-190342-0.log
Deleted file - C:\Windows\Temp\MpCmdRun.log
Deleted file - C:\Windows\Temp\Silverlight0.log
Deleted file - C:\Windows\Temp\SilverlightMSI.log
Deleted file - C:\Windows\Temp\temp62786.bat
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\CompatData_2014_12_16_00_55_05_1_008001ff.xml
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\compatscancache.dat
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\DeviceGroupingRules.xml
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\diagerr.xml
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\diagwrn.xml
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\PreliminaryReport.xml
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\setupact.log
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\setuperr.log
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\TelemetryTransform.xsl
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\WicaDeviceFilters.xml
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\WICA_Devices_VTHAI68-PC.xml
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\WICA_MigXml_VTHAI68-PC.xml
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\WICA_Programs_VTHAI68-PC.xml
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\WICA_QueryAppBlock_VTHAI68-PC.xml
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\WICA_QueryBiosBlock_VTHAI68-PC.xml
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\WICA_QueryDeviceBlock_VTHAI68-PC.xml
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\WICA_SystemReport_VTHAI68-PC.xml
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\WICA_System_VTHAI68-PC.xml
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\WICA_TelemetryReport_VTHAI68-PC.xml
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Windows_TelemetryData.xml
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_00000077bc5499187bd88bf431be0699edc9b841c77d.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000049c365a4a97779934f74dd4bbfcfb601164c859.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_00000886527069105cf11d7fe3ac5af9323f23e1bb43.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_00000a562daa851872151bc598e265fb170b34923555.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_00001338933cfda6acc5980cb45f9d47a2c4fe499a36.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_00001753ba052bec802c21181a00188391510abcad3a.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000176e04397cc8bbcb71993888a5e6c9a0d660acfc.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_000022c7efc8359c69cd6b65d12a50c03c9916c83885.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_000025a227806509dc3d9a46735f44184ce5c4982705.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_00002732c1018e17c949d2190b9814978f915ff1d3dc.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_000032c7b40de0987f9a74d22143a9b6f5373ebf5119.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_00003d693805a481ee7c4c23bf5147948e360156ef74.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_000040c651a20867dfc7c20a54cdaa56686acd7caf40.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000515ed408fbcd744542bf6937587634a23fece918.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_000053e31d694c04b2659493eed30edf1b5ff9585fed.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_00005525a66d7e999ebfe79e9fe850b7bf2ad78f3c97.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000579b64842842b0fb3166516a0bbe89fc1b57ffeb.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_000057a92585c4a6561e770f43a31c80175dd78bb19e.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_000058dff309af9fc8dbd0ce15b4756e8ed07c78ba4f.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000595897c14c71ec6911041afc27323bb2416e436e.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_00005a02f9bfcd2747a099834a25e070ee724900ce5d.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_00006110ec1a5e88b91db03843cec8f32c241888430c.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_000064db3900f6acb9062f8d8fd2f0a64bf70b90e027.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_00006a00f92d75a8e9a22182d8bd7ea66547872e4a4c.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_00006e5761fd8cd7c86de312da1642e2d12220d526df.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000720a0fd1f557b42e2396eebb684f54225a167723.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000737030f0281b3c0d5e64bfcc948ea95a0a38b647.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_00007bcf8b4707385a83c3d9142fd9da431e6bcb46c4.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_00007c7592fe5df0891348fe0a8ac4801f65b6e9527d.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_00007d535443c92aa7172103f756c4b0e1bca43fea7e.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_00007e7093f30c3e851132ddd514b558c93af267ab9d.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_00007ed1a661c7412d290bb4ab989f51acadfab83ace.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000839ab51411bea6049587eb84a711fd0b77c256fd.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_000086675266c2c1212172e6f7672fa8e43bacb0d326.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_000086d9bb5a21b0e1edf658dd1fd35c0e77eacb1fb8.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_00008df5fe01fa8f9db5c45754f5f9fafa065293a1d0.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_000097b57c6fb24687025e800900a9b1eaa0e6b86d27.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_00009ce9a1d940d072208f0465a1b72cb67920c07bb6.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_00009deb30c1032ea8c37bbfc2dc1de634ac81ebf9c7.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000a01a892fd45641b02fbb02d9b972f0966f3e126c.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000bcc5783c4198f8410f23d4f5f2f1b57e46d0669c.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000c549f4509ce270ca90a684557946140d1b6015ca.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000c8ab27163eca884d2a94245fe23725b5ad2966dc.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000cb0601c9620178fbae103a63ebc09240b0ab3f20.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000cdc84023d1ea18d35179e2575f30519c5cd56ce4.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000d2d95173eceefebf299b846de96979153e260916.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000da5e9b354302d4640e931f60771e536372c4fbc0.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000e1ba9b7fe18ceabddf02487221646b6266106756.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000e6794eca01ec2279cd82e4b6c8ac60179700fa03.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000e7949d73b97f8ba948efb2ad8d296e96a63d661d.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000e8b3980f9c51d2529535bc6d62cdbb73a41be492.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000e8d9caeaf7270183378abf2bb62befa52c93a118.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000e959315edbaa95ee4432a19515409ee75a14a21c.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000e97c7a178f2d5610540ad9fd3b979e783f6c0cd7.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000ea9cc0cf5542452a076cee6f83b6a2a1367facef.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000ef49ba617afe14869a31ebd5a769dcde86e7c7d3.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000f0ebe0811bc0e6eb6eefcd139f04bba4c4feae73.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000f20c6603e23bf3aeb0bedae9f7fae89643c0d28d.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000f47f66cc67262b70a886531e5d942c07de6ea4b1.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\appicon_0000f6ae903411bf9ac11e55d36963baac623ce7c04b.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\classicon_{36fc9e60-c465-11cf-8056-444553540000}.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\classicon_{4d36e965-e325-11ce-bfc1-08002be10318}.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\classicon_{4d36e966-e325-11ce-bfc1-08002be10318}.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\classicon_{4d36e967-e325-11ce-bfc1-08002be10318}.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\classicon_{4d36e968-e325-11ce-bfc1-08002be10318}.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\classicon_{4d36e96a-e325-11ce-bfc1-08002be10318}.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\classicon_{4d36e96b-e325-11ce-bfc1-08002be10318}.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\classicon_{4d36e96c-e325-11ce-bfc1-08002be10318}.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\classicon_{4d36e96e-e325-11ce-bfc1-08002be10318}.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\classicon_{4d36e96f-e325-11ce-bfc1-08002be10318}.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\classicon_{4d36e972-e325-11ce-bfc1-08002be10318}.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\classicon_{4d36e97d-e325-11ce-bfc1-08002be10318}.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\classicon_{50127dc3-0f36-415e-a6cc-4cb3be910b65}.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\classicon_{6bdd1fc6-810f-11d0-bec7-08002be2092f}.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\classicon_{72631e54-78a4-11d0-bcf7-00aa00b7b32a}.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\classicon_{eec5ad98-8080-425f-922a-dabf3de3f69a}.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\ID_DVD_PLAYBACK_COMPAT.png
Deleted file - C:\Windows\Temp\CompatTelemetryLogs\Img\ID_SECUREBOOT_INCAPABLE.png

 

Windows_Repair_Log

 

Tweaking.com - Windows Repair v2.10.2
--------------------------------------------------------------------------------

System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Home Premium
OS Architecture: 64-bit
OS Version: 6.1.7601
OS Service Pack: Service Pack 1
Computer Name: VTHAI68-PC
Windows Drive: C:\
Windows Path: C:\Windows
Program Files: C:\Program Files
Program Files (x86): C:\Program Files (x86)
Current Profile: C:\Users\VTHAI68
Current Profile SID: S-1-5-21-2090149351-3478286336-2442695903-1000
Current Profile Classes: S-1-5-21-2090149351-3478286336-2442695903-1000_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\VTHAI68\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 16:59:19

Process Count: 107
Commit Total: 2.12 GB
Commit Limit: 15.56 GB
Commit Peak: 2.40 GB
Handle Count: 24462
Kernel Total: 691.36 MB
Kernel Paged: 537.96 MB
Kernel Non Paged: 153.40 MB
System Cache: 5.85 GB
Thread Count: 1004
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 7.78 GB
Memory Used: 1.99 GB(25.6275%)
Memory Avail.: 5.79 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 7.78 GB
Memory Used: 1.62 GB(20.8704%)
Memory Avail.: 6.16 GB
--------------------------------------------------------------------------------

Starting Repairs...
   Started at (12/16/2014 12:00:58 PM)

13 - Repair Winsock & DNS Cache
   Start (12/16/2014 12:01:01 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/16/2014 12:01:20 PM)

14 - Remove Temp Files
   Start (12/16/2014 12:01:20 PM)
   Running Repair Under System Account
   Done (12/16/2014 12:01:27 PM)

15 - Repair Proxy Settings
   Start (12/16/2014 12:01:27 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/16/2014 12:01:30 PM)

Cleaning up empty logs...

All Selected Repairs Done.
   Done at (12/16/2014 12:01:30 PM)
   Total Repair Time: 00:00:34

...YOU MUST RESTART YOUR SYSTEM...

 

 

 



#13 wenkmt

wenkmt
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 16 December 2014 - 03:42 PM

Thanks nasdaq for your help and sorry I was out for a while...

 

The system still the same with inability to change the proxy setting back.

 

Thanks

 

Wen



#14 nasdaq

nasdaq

  • Malware Response Team
  • 38,223 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:06:18 AM

Posted 17 December 2014 - 09:15 AM

In the Run box type cmd.exe

This will open the DOS menu

type chkdsk c: /f leave the spaces as shown.

Hit the enter key.

Let if finish.

===

Run the Tweaking.com tool one more time.

How is it now?

#15 wenkmt

wenkmt
  • Topic Starter

  • Members
  • 15 posts
  • OFFLINE
  •  
  • Local time:03:18 AM

Posted 17 December 2014 - 04:40 PM

hello nasdaq,

 

I am having problem in going into Command Prompt and run chkdsk c: /f

 

The system does not allow me to do it due to my user type....  It look likes All the Administrative account has been changed to Standard Type.

 

I tried to change the user type - currently as Administrator, but when inside the my account to change the type - It is showing as Standard User Type.

 

I choose the Administrator select, and it does not allow me to change it to Administrative type because I am set as a Standard User and will not allow me the change.

 

Unable to change user type, all Administrator user have become Standard User even though it said it is Administrator after login to User to change status...

 

Hope I am clear with my explanation.

 

 

Thanks

 

Wen






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users