Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Bad Image / .NET Framework Initialization Errors


  • This topic is locked This topic is locked
19 replies to this topic

#1 waifi

waifi

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:43 AM

Posted 29 July 2015 - 09:27 AM

I'm not quite sure if the errors are part of the same problem or two separate things.

I started getting the Bad Image error about a month or two ago. It started for me when I tried to run Sims 3. I thought nothing much of it, other than perhaps sims just not working for me (as it does that sometimes).

The next program that I got the error for was puu.sh, a screen printing program I installed quite a while ago. Never had problems with it prior to the this. (I've since then uninstalled puush and began using another program for screen capturing)

 

Currently I am getting the bad image error upon start up for the driver that allows my Wacom tablet to run. 

I'd be greatly happy if someone could help be resolve this issue, as I am afraid doing so on my own will cause even more trouble.

Thanks in advance!

 

 

Screenshots of error  messages under the cut

Spoiler

 



BC AdBot (Login to Remove)

 


#2 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,163 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:07:43 PM

Posted 31 July 2015 - 09:57 AM

Hello waifi and welcome to BleepingComputer!             :)

 

My name is Sirawit and I'm here to help you.

 

Please note that I'm currently in training and my fixes need to be approved first, that may delay our fix a bit, but I will normally reply back in 24 hours.

 

If I don't reply after 3 days, feel free to PM me.              :)

==========================================================================

Some points for you to keep in mind:

  • Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
  • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Do not attach logs or use code boxes, just copy and paste the text.
  • Periodically update me on the condition of your computer, and provide detail in every post.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 3 days I will bump the topic, if you didn't reply in next 3 days we assume it has been abandoned and I will close it.
  • Once things seem to be working again, please do not abandon the thread. I will give an "all-clean" message at the very end with some additional information on how to stay malware-free.
  • Lastly, I would like to remind you that most members here are volunteers, and sometimes "real life" can get in the way of our malware hunt. I will notify you if I know I will need to be away for longer than 48 hours.

==========================================================================

 

FRST Scan from NORMAL or SAFE mode:

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system, download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right-click FRST then click "Run as administrator" (XP users: click run after receipt of Windows Security Warning - Open File).
  • When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • When finished, it will produce a log called FRST.txt in the same directory the tool was run from.
  • Please copy and paste the log in your next reply.

Note 2: The first time the tool is run it generates another log (Addition.txt - also located in the same directory the tool was run from). Please also paste that, along with the FRST.txt into your next reply.

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#3 waifi

waifi
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:43 AM

Posted 31 July 2015 - 11:29 AM

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-07-2015

Ran by Cookie (administrator) on PRIMROSE (31-07-2015 11:15:36)
Running from C:\Users\Cookie\Desktop
Loaded Profiles: Cookie (Available Profiles: Cookie)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Cookie\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2011-12-05] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-07-22] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-30] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-07-23] (Adobe Systems Incorporated)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53753984 2015-07-18] (Skype Technologies S.A.)
HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [876728 2015-07-03] (Adobe Systems Incorporated)
HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\...\Run: [SaferBrowserIsDefault] => "C:\Program Files (x86)\Safer Technologies\Safer Browser\Application\SaferBrowserProtector.exe" --force-protect
HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\...\Run: [Spotify Web Helper] => C:\Users\Cookie\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017848 2015-07-24] (Spotify Ltd)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-30] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [MOBK] -> {3c3f3c1a-9153-7c05-f938-622e7003894d} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll [2010-04-13] (McAfee, Inc.)
ShellIconOverlayIdentifiers: [MOBK2] -> {e6ea1d7d-144e-b977-98c4-84c53c1a69d0} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll [2010-04-13] (McAfee, Inc.)
ShellIconOverlayIdentifiers: [MOBK3] -> {b4caf489-1eec-c617-49ad-8d7088598c06} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll [2010-04-13] (McAfee, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\Software\Microsoft\Internet Explorer\Main,Start Page = https://bing.com/
HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=SNYVDF&pc=MASA&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1094553120-1280462464-1800685640-1005 -> DefaultScope {CB2E59E2-2B90-4798-A629-320BB47F5B07} URL = 
SearchScopes: HKU\S-1-5-21-1094553120-1280462464-1800685640-1005 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1094553120-1280462464-1800685640-1005 -> {6D6F304F-AF28-406D-B745-9785E8E5147E} URL = https://search.yahoo.com/search?fr=mcafee&type=A010US0&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-1094553120-1280462464-1800685640-1005 -> {C34B8A7A-C0EF-47D0-B685-6959EBDEDB20} URL = http://www.bing.com/search?q={searchTerms}&form=OSDSRC
SearchScopes: HKU\S-1-5-21-1094553120-1280462464-1800685640-1005 -> {CB2E59E2-2B90-4798-A629-320BB47F5B07} URL = 
BHO: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} ->  No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-30] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO-x32: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} ->  No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-17] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-30] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-17] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1094553120-1280462464-1800685640-1005 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-1094553120-1280462464-1800685640-1005 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{166D7C5D-6325-43D4-AAE3-35E05BB0AB20}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D947AE83-A299-498B-838E-A676D44E6EBC}: [DhcpNameServer] 172.26.38.1 172.26.38.2
 
FireFox:
========
FF ProfilePath: C:\Users\Cookie\AppData\Roaming\Mozilla\Firefox\Profiles\jzjr3rq3.default-1395267277049
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.1 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-23] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-05-14] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.8.22 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2014-04-12] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.8 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2014-03-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.8 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-03-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.8 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2014-03-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.8.22 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-04-12] (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.6 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.1 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-23] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin HKU\S-1-5-21-1094553120-1280462464-1800685640-1005: @citrixonline.com/appdetectorplugin -> C:\Users\Cookie\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-11-06] (Citrix Online)
FF Plugin HKU\S-1-5-21-1094553120-1280462464-1800685640-1005: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Cookie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-05-11] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1094553120-1280462464-1800685640-1005: pokki.com/PokkiDownloadHelper -> C:\Users\Cookie\AppData\Local\Pokki\Download Helper\npPokkiDownloadHelper.1.2.0.78.dll No File
FF Plugin HKU\S-1-5-21-1094553120-1280462464-1800685640-1005: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2014-04-12] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2014-04-12] (RealPlayer Cloud)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2013-10-27]
FF Extension: Flash Video Downloader - YouTube HD Downloader [4K] - C:\Users\Cookie\AppData\Roaming\Mozilla\Firefox\Profiles\jzjr3rq3.default-1395267277049\Extensions\artur.dubovoy@gmail.com [2015-07-10]
FF Extension: Page Source - C:\Users\Cookie\AppData\Roaming\Mozilla\Firefox\Profiles\jzjr3rq3.default-1395267277049\Extensions\{12ca4747-8b0c-4010-8a96-3c310b50b89b} [2015-07-10]
FF Extension: Adblock Plus - C:\Users\Cookie\AppData\Roaming\Mozilla\Firefox\Profiles\jzjr3rq3.default-1395267277049\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-26]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-23]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-23]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-04-12]
FF HKLM-x32\...\Firefox\Extensions: [{0FAA5C82-A094-4541-8811-D3361F972A81}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-20]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2015-04-08]
 
Chrome: 
=======
CHR Profile: C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-02]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2015-04-15]
CHR Extension: (Duolingo on the Web) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-04-15]
CHR Extension: (Google Docs) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-02]
CHR Extension: (Google Drive) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-15]
CHR Extension: (2draw.net) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcbkcbpbaolcoekgamlnbfalkagjpooi [2015-04-15]
CHR Extension: (YouTube) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-15]
CHR Extension: (Adblock Plus) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-15]
CHR Extension: (Add to Amazon Wish List) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2015-07-22]
CHR Extension: (Google Search) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-15]
CHR Extension: (Gmail Offline) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-04-15]
CHR Extension: (Google Calendar) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-04-15]
CHR Extension: (Google Sheets) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-02]
CHR Extension: (XKit) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2015-04-15]
CHR Extension: (AdBlock) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-04-15]
CHR Extension: (Avast Online Security) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-20]
CHR Extension: (Little Alchemy) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2015-04-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-16]
CHR Extension: (Polyvore Clipper) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\liilchbbmdohoilfeonmdpcbhpekaiac [2015-07-28]
CHR Extension: (BetterGaia) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmgjagdflhhfjflolfalapokbplfldna [2015-04-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-06]
CHR Extension: (Gmail) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-15]
CHR Profile: C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-26]
CHR Extension: (Google Docs) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-26]
CHR Extension: (Google Drive) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-26]
CHR Extension: (YouTube) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-26]
CHR Extension: (Google Search) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-26]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-01-26]
CHR Extension: (Avast SafePrice) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-01-26]
CHR Extension: (Google Sheets) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-26]
CHR Extension: (SiteAdvisor) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-01-26]
CHR Extension: (Bookmark Manager) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16]
CHR Extension: (Avast Online Security) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-26]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-05]
CHR Extension: (Social Anywhere) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mnmkabhkheikmcfieenfbfhikpigjldi [2015-01-26]
CHR Extension: (Google Wallet) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-26]
CHR Extension: (Gmail) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-26]
CHR Profile: C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-26]
CHR Extension: (Google Docs) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-26]
CHR Extension: (Google Drive) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-26]
CHR Extension: (YouTube) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-26]
CHR Extension: (Google Search) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-26]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-01-26]
CHR Extension: (Avast SafePrice) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-01-26]
CHR Extension: (Google Sheets) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-26]
CHR Extension: (Avast Online Security) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-26]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-26]
CHR Extension: (Gmail) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-26]
CHR Profile: C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Google Slides) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-22]
CHR Extension: (Google Docs) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-22]
CHR Extension: (Google Drive) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-22]
CHR Extension: (YouTube) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-22]
CHR Extension: (Google Search) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-22]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-02-22]
CHR Extension: (Avast SafePrice) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-02-22]
CHR Extension: (Google Sheets) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-22]
CHR Extension: (Avast Online Security) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-22]
CHR Extension: (RealPlayer Downloader) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2015-02-22]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-20]
CHR Extension: (Google Wallet) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-22]
CHR Extension: (Gmail) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-22]
CHR Profile: C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4
CHR Extension: (Google Slides) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-25]
CHR Extension: (Google Docs) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-25]
CHR Extension: (Google Drive) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-25]
CHR Extension: (YouTube) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-25]
CHR Extension: (Google Search) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-25]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-03-25]
CHR Extension: (Avast SafePrice) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-03-25]
CHR Extension: (Google Sheets) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-25]
CHR Extension: (Avast Online Security) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-25]
CHR Extension: (RealPlayer Downloader) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2015-03-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25]
CHR Extension: (Google Wallet) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-25]
CHR Extension: (Gmail) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-25]
CHR Profile: C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5
CHR Extension: (Google Slides) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-25]
CHR Extension: (Google Docs) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-25]
CHR Extension: (Google Drive) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-25]
CHR Extension: (YouTube) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-25]
CHR Extension: (Google Search) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-25]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-03-25]
CHR Extension: (Avast SafePrice) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-03-25]
CHR Extension: (Google Sheets) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-25]
CHR Extension: (Avast Online Security) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-25]
CHR Extension: (RealPlayer Downloader) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2015-03-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-25]
CHR Extension: (Gmail) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-25]
CHR Profile: C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6
CHR Extension: (Google Slides) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-25]
CHR Extension: (Google Docs) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-25]
CHR Extension: (Google Drive) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-25]
CHR Extension: (YouTube) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-25]
CHR Extension: (Google Search) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-25]
CHR Extension: (Google Sheets) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-25]
CHR Extension: (XKit) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2015-03-29]
CHR Extension: (Avast Online Security) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25]
CHR Extension: (Google Wallet) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-25]
CHR Extension: (Gmail) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-25]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-17]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-03-15]
CHR HKLM-x32\...\Chrome\Extension: [mnmkabhkheikmcfieenfbfhikpigjldi] - C:\Users\Cookie\AppData\Local\Social Anywhere\Chrome\Social Anywhere.crx [Not Found]
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-30] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-07-30] (AVAST Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation)
S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2361344 2011-03-29] (Realsil Microelectronics Inc.) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MOBKbackup; C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [231224 2010-04-13] (McAfee, Inc.)
R2 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2013-04-07] (NETGEAR)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation)
S4 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [53248 2012-02-09] (Digital Delivery Networks, Inc.) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-05-12] (Electronic Arts)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-03-15] ()
R2 RealPlayer Cloud Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141848 2014-04-12] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-03-20] () [File not signed]
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S4 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S4 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
S4 VUAgent; C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [1021112 2011-03-30] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [672024 2015-02-26] (Wacom Technology, Corp.)
U4 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
S3 SwitchBoard; "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [X]
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-30] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-07-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-30] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454016 2015-07-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-30] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-07-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-30] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-07-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-30] (AVAST Software)
R3 bbcap; C:\Windows\System32\DRIVERS\bbcap.sys [4608 2013-01-09] (Windows ® Codename Longhorn DDK provider)
S3 KINONI_Wave; C:\Windows\System32\drivers\kinonivad.sys [23040 2013-02-26] (Windows ® Win 7 DDK provider)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [49304 2014-12-28] (Visicom Media Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35992 2014-12-28] (Visicom Media Inc.)
R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [66040 2010-04-13] (Mozy, Inc.)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-05-10] (Apple Inc.) [File not signed]
R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2013-06-13] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [X]
S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-31 11:15 - 2015-07-31 11:16 - 00047638 _____ C:\Users\Cookie\Desktop\FRST.txt
2015-07-31 11:15 - 2015-07-31 11:15 - 00000000 ____D C:\FRST
2015-07-31 11:11 - 2015-07-31 11:11 - 02168832 _____ (Farbar) C:\Users\Cookie\Desktop\FRST64.exe
2015-07-30 19:17 - 2015-07-30 19:17 - 13095136 _____ (Microsoft Corporation) C:\Users\Cookie\Downloads\Silverlight_x64.exe
2015-07-30 15:12 - 2015-07-30 15:12 - 00000000 ____D C:\Users\Cookie\AppData\Roaming\WTablet
2015-07-30 07:36 - 2015-07-30 07:36 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-07-30 07:35 - 2015-07-30 07:35 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-07-30 07:34 - 2015-07-30 07:34 - 00454016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-07-30 07:09 - 2015-07-30 07:09 - 00003352 ____N C:\bootsqm.dat
2015-07-30 07:06 - 2015-07-30 07:06 - 00000000 __SHD C:\found.009
2015-07-28 19:44 - 2015-07-28 19:44 - 00043494 _____ C:\Users\Cookie\AppData\Local\Tempdivxcfc1
2015-07-28 19:36 - 2015-07-28 19:37 - 05477824 _____ C:\Users\Cookie\Downloads\Record54.aiff
2015-07-28 08:38 - 2015-07-28 08:38 - 00001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-07-27 19:10 - 2015-07-27 19:10 - 00000000 __SHD C:\found.008
2015-07-24 12:36 - 2015-07-24 12:37 - 00017257 _____ C:\Users\Cookie\Downloads\default.htm
2015-07-19 07:49 - 2015-07-19 07:50 - 00065536 _____ C:\Windows\ocsetup_uninstall_OEMHelpCustomization.etl
2015-07-19 07:49 - 2015-07-19 07:50 - 00028693 _____ C:\Windows\ocsetup_cbs_uninstall_OEMHelpCustomization.txt
2015-07-18 07:43 - 2015-07-31 11:07 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-18 07:43 - 2015-07-18 07:43 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-09 09:25 - 2015-07-19 07:40 - 00000000 ____D C:\Program Files\TabletPlugins
2015-07-09 09:25 - 2015-07-19 07:40 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2015-07-09 09:25 - 2015-07-09 09:25 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet
2015-07-09 09:25 - 2014-10-25 15:52 - 00015160 _____ (Wacom Technology) C:\Windows\system32\Drivers\wacomrouterfilter.sys
2015-07-09 09:24 - 2015-07-09 09:25 - 00000000 ____D C:\Program Files\Tablet
2015-07-09 09:24 - 2015-02-26 17:16 - 02029336 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2015-07-09 09:24 - 2015-02-26 17:16 - 01990936 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Touch_Tablet.dll
2015-07-09 09:24 - 2015-02-26 17:16 - 01863960 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2015-07-09 09:24 - 2015-02-26 17:16 - 01626392 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
2015-07-09 09:24 - 2015-02-26 17:16 - 01618712 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Tablet.dll
2015-07-09 09:24 - 2015-02-26 17:16 - 01612056 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll
2015-07-09 09:24 - 2015-02-26 17:16 - 01497368 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2015-07-09 09:24 - 2014-10-25 15:52 - 00100664 _____ (Wacom Technology) C:\Windows\system32\Drivers\wachidrouter.sys
2015-07-09 09:10 - 2015-07-09 09:12 - 150622864 _____ C:\Users\Cookie\Downloads\WacomTablet_6.3.11-4a.exe
2015-07-08 15:29 - 2015-07-25 18:35 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-07-08 15:29 - 2015-07-18 07:44 - 00003888 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-07-08 15:29 - 2015-07-18 07:43 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-08 15:29 - 2015-07-18 07:43 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-08 02:08 - 2015-07-08 02:08 - 00253196 _____ C:\Users\Cookie\AppData\Local\Tempdivx4049
2015-07-04 10:16 - 2015-07-04 10:16 - 00248320 ____H C:\Windows\system32\mlfcache.dat
2015-07-04 10:03 - 2015-07-04 10:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-04 10:02 - 2015-07-04 10:03 - 00000000 ____D C:\Program Files\iTunes
2015-07-04 10:02 - 2015-07-04 10:02 - 00000000 ____D C:\Program Files\iPod
2015-07-04 10:02 - 2015-07-04 10:02 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-04 09:48 - 2015-07-04 09:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-07-04 09:48 - 2015-07-04 09:48 - 00000000 ____D C:\Program Files (x86)\QuickTime
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-07-31 11:15 - 2012-05-14 22:25 - 00000000 ____D C:\Users\Cookie\AppData\Roaming\Skype
2015-07-31 11:12 - 2012-05-23 15:39 - 00000000 ___RD C:\Users\Cookie\Desktop\Desktop WIP
2015-07-31 11:05 - 2012-05-14 10:09 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{546FD215-9506-4D7C-BA5B-ECD4B5012BD8}
2015-07-31 11:02 - 2013-07-13 19:59 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce802d6eb99993.job
2015-07-31 10:50 - 2009-07-14 00:13 - 00778834 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-31 10:43 - 2015-06-21 21:45 - 00000390 _____ C:\Windows\Tasks\update-sys.job
2015-07-31 10:06 - 2009-07-13 23:45 - 00021200 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-31 10:06 - 2009-07-13 23:45 - 00021200 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-31 10:04 - 2012-05-14 15:30 - 00000000 ____D C:\Users\Cookie\AppData\Local\Adobe
2015-07-31 10:02 - 2012-05-09 18:04 - 01180443 _____ C:\Windows\WindowsUpdate.log
2015-07-31 09:58 - 2012-05-19 09:33 - 00000000 ____D C:\Users\Cookie\AppData\Local\CrashDumps
2015-07-31 09:57 - 2014-07-20 17:51 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-31 09:56 - 2015-06-21 21:45 - 00000390 _____ C:\Windows\Tasks\update-S-1-5-21-1094553120-1280462464-1800685640-1005.job
2015-07-31 09:56 - 2013-01-01 09:35 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-31 09:55 - 2009-07-13 23:51 - 00333680 _____ C:\Windows\setupact.log
2015-07-31 09:54 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-31 09:53 - 2012-05-17 08:57 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-07-31 09:53 - 2012-05-17 08:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-07-30 19:18 - 2012-05-17 08:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-07-30 17:13 - 2012-05-15 00:11 - 00000000 ____D C:\Users\Cookie\AppData\Roaming\Spotify
2015-07-30 14:29 - 2012-05-15 08:29 - 00000000 ____D C:\Users\Cookie\AppData\Local\Spotify
2015-07-30 07:40 - 2010-11-20 22:47 - 00930188 _____ C:\Windows\PFRO.log
2015-07-30 07:36 - 2014-07-20 17:51 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-07-30 07:36 - 2014-07-20 17:51 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-07-30 07:36 - 2014-07-20 17:51 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-07-30 07:36 - 2014-07-20 17:51 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-07-30 07:36 - 2014-07-20 17:51 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-07-30 07:36 - 2014-07-20 17:51 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-07-30 07:36 - 2014-07-20 17:51 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-07-30 07:35 - 2014-08-17 06:52 - 00028144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2015-07-30 07:35 - 2014-07-20 17:51 - 01048856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-07-30 07:28 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-28 19:46 - 2014-11-27 13:08 - 00003364 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1094553120-1280462464-1800685640-1005
2015-07-28 19:46 - 2014-11-27 13:08 - 00003232 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1094553120-1280462464-1800685640-1005
2015-07-28 15:10 - 2012-05-30 19:04 - 00000000 ____D C:\Users\Cookie\Documents\sai
2015-07-28 08:37 - 2012-05-09 18:46 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-28 08:29 - 2015-03-23 13:14 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-24 10:25 - 2012-05-14 22:25 - 00000000 ____D C:\ProgramData\Skype
2015-07-24 10:15 - 2015-03-23 12:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-24 09:05 - 2012-05-14 21:32 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-07-23 10:17 - 2014-01-24 03:44 - 00001456 _____ C:\Users\Cookie\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-07-19 09:51 - 2012-05-09 18:21 - 00000000 ____D C:\Program Files\Sony
2015-07-19 07:49 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Help
2015-07-19 07:47 - 2012-05-09 18:10 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-19 07:43 - 2012-10-09 23:02 - 00000000 ____D C:\Program Files\Windows Live
2015-07-19 07:43 - 2012-05-09 19:15 - 00000000 ____D C:\Program Files (x86)\Windows Live
2015-07-19 07:36 - 2012-05-09 18:17 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-18 19:25 - 2015-05-04 10:00 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-07-18 18:48 - 2015-05-04 08:16 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-18 18:11 - 2015-01-23 19:43 - 00003072 ___SH C:\Users\Cookie\Thumbs.db
2015-07-17 08:54 - 2014-01-31 08:38 - 00000000 ____D C:\ProgramData\Oracle
2015-07-17 08:49 - 2014-08-22 19:58 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-17 08:48 - 2014-08-22 19:59 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-16 13:49 - 2013-09-29 08:57 - 00000000 ____D C:\Users\Cookie\AppData\Local\Procaster
2015-07-16 09:06 - 2014-01-30 18:10 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-15 18:57 - 2013-07-13 19:59 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1ce802d6eb99993
2015-07-15 18:57 - 2013-01-01 09:35 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 10:58 - 2015-04-08 10:19 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2015-07-15 10:58 - 2015-04-08 10:19 - 00001997 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2015-07-15 10:51 - 2014-12-27 07:28 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-14 09:15 - 2013-02-16 20:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-13 20:34 - 2014-04-11 14:47 - 00001027 _____ C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk
2015-07-13 20:34 - 2014-04-11 14:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LINE
2015-07-13 09:34 - 2014-08-15 23:11 - 00000033 _____ C:\Users\Cookie\AppData\Roaming\AdobeWLCMCache.dat
2015-07-08 15:17 - 2013-01-01 09:22 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2015-07-04 10:02 - 2012-08-14 16:20 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-04 10:01 - 2015-06-18 12:04 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-07-01 14:19 - 2015-05-04 08:15 - 00001066 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-01 14:19 - 2015-05-04 08:15 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
 
==================== Files in the root of some directories =======
 
2013-04-15 12:17 - 2013-07-14 21:53 - 0000132 _____ () C:\Users\Cookie\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-08-15 23:11 - 2015-07-13 09:34 - 0000033 _____ () C:\Users\Cookie\AppData\Roaming\AdobeWLCMCache.dat
2013-07-13 21:43 - 2013-07-13 22:07 - 0001661 _____ () C:\Users\Cookie\AppData\Roaming\net.telestream.producer.xml
2012-05-15 22:10 - 2014-03-17 18:47 - 0001456 _____ () C:\Users\Cookie\AppData\Local\Adobe Save for Web 12.0 Prefs
2014-01-24 03:44 - 2015-07-23 10:17 - 0001456 _____ () C:\Users\Cookie\AppData\Local\Adobe Save for Web 13.0 Prefs
2013-03-10 19:42 - 2013-03-10 19:42 - 0000774 _____ () C:\Users\Cookie\AppData\Local\recently-used.xbel
2015-07-08 02:08 - 2015-07-08 02:08 - 0253196 _____ () C:\Users\Cookie\AppData\Local\Tempdivx4049
2015-07-28 19:44 - 2015-07-28 19:44 - 0043494 _____ () C:\Users\Cookie\AppData\Local\Tempdivxcfc1
2015-06-21 21:45 - 2015-06-21 21:45 - 0000003 _____ () C:\Users\Cookie\AppData\Local\updater.log
2015-06-21 21:45 - 2015-06-21 21:45 - 0000424 _____ () C:\Users\Cookie\AppData\Local\UserProducts.xml
2013-01-17 20:02 - 2013-01-17 20:02 - 0000057 _____ () C:\ProgramData\Ament.ini
1999-07-06 19:00 - 1999-07-06 19:00 - 0000006 __RSH () C:\ProgramData\F2BDD61C-7F20-44BD-A1DB-F510E492AB22
2012-11-19 15:02 - 2013-05-30 13:35 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2012-05-09 18:04 - 2012-05-09 18:04 - 0000226 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
 
Some files in TEMP:
====================
C:\Users\Cookie\AppData\Local\Temp\1ace7xts.dll
C:\Users\Cookie\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Cookie\AppData\Local\Temp\nvStInst.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-07-24 09:40
 
==================== End of log ============================
 
Addition.txt
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-07-2015
Ran by Cookie (2015-07-31 11:16:51)
Running from C:\Users\Cookie\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1094553120-1280462464-1800685640-500 - Administrator - Disabled)
Cookie (S-1-5-21-1094553120-1280462464-1800685640-1005 - Administrator - Enabled) => C:\Users\Cookie
Guest (S-1-5-21-1094553120-1280462464-1800685640-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1094553120-1280462464-1800685640-1007 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Connect 9 Add-in (HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\...\Adobe Connect 9 Add-in) (Version: 11,9,949,0 - Adobe Systems Incorporated)
Adobe ConnectNow Add-in (HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\...\Adobe ConnectNow Add-in) (Version:  - )
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.2.0.129 - Adobe Systems Incorporated)
Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.1.0 - Adobe Systems Incorporated)
Adobe InDesign CC 2015 (HKLM-x32\...\{DBFD0312-6E55-1014-8952-E78D43BC0147}) (Version: 11.0.1.105 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2015 (HKLM-x32\...\{38C72D42-0672-43B1-9E05-E7631684F9A1}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Adobe Support Advisor (HKLM-x32\...\AdobeSupportAdvisor.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 1.6.0.20110628 - Adobe Systems Incorporated)
Adobe Touch App Plugins (HKLM-x32\...\{1EC083EE-5B76-4A2A-B95A-CAF460AA29D6}) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Update Manager CS4 (HKLM-x32\...\Adobe_bdaf081c056f11a250e72a7a345a96c) (Version: 6.0.0 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Apple Application Support (32-bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Manager for VAIO (HKLM-x32\...\Application Manager for VAIO) (Version:  - )
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.392 - ArcSoft)
Autodesk SketchBook Pro 6.0.1 (HKLM-x32\...\{783C27F9-EF0B-4B81-8464-8592AE8CB5B8}) (Version: 6.01.0000 - Autodesk)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
BB FlashBack Express (HKLM-x32\...\BB FlashBack Express) (Version: 4.1.1.2498 - Blueberry)
Blender (HKLM\...\Blender) (Version: 2.63-release - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Citrix Online Launcher (HKLM-x32\...\{F17C3DC2-2ACA-4B0E-BDBF-ACE61B14E7CD}) (Version: 1.0.183 - Citrix)
CloudAlpaca 1.5 (HKLM-x32\...\CloudAlpaca_is1) (Version: 1.5 - Medibang)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.0.53 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.70 - DivX, LLC)
Firestorm SecondLife and OpenSim viewer (Version: 4.7.45325 - Phoenix Viewer Project) Hidden
Firestorm-Betax64 x64 (HKLM-x32\...\{97166652-349c-48f1-a024-fa8539c5cb47}) (Version: 4.7.45325 - Phoenix Firestorm Project Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
HP Deskjet 3510 series Basic Device Software (HKLM\...\{7F20F2D1-C425-4432-96BA-EBD0C2181493}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3510 series Help (HKLM-x32\...\{97C1C98D-6AE5-4C71-9B00-EBBD9E014450}) (Version: 28.0.0 - Hewlett Packard)
HP Deskjet 3510 series Product Improvement Study (HKLM\...\{791D3241-C6A4-417F-82E6-00543B6E5012}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{4046F74A-28F8-48C6-A5D3-2AFC472574C1}) (Version: 12.2.0.145 - Apple Inc.)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
join.me (HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\...\JoinMe) (Version: 1.14.0.141 - LogMeIn, Inc.)
jZip (HKLM-x32\...\jZip) (Version:  - Bandoo Media Inc.) <==== ATTENTION
Lightshot-5.2.1.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.1.1 - Skillbrains)
LINE (HKLM-x32\...\LINE) (Version: 4.1.0.421 - LINE Corporation)
Livestream Procaster (HKLM-x32\...\{68E4C751-272B-44E1-94C7-4E1FDC40F7DA}) (Version: 20.3.25 - Procaster)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
ManyCam 4.1.1 (HKLM-x32\...\ManyCam) (Version: 4.1.1 - Visicom Media Inc.)
McAfee Online Backup (Version: 1.16.4.0 - McAfee, Inc.) Hidden
McAfee Online Backup (x32 Version:  - McAfee, Inc.) Hidden
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version:  - Microsoft)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NETGEAR Genie (HKLM-x32\...\NETGEAR Genie) (Version: 2.2.28.24.exe  - NETGEAR Inc.)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Oasis2Service (HKLM-x32\...\{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}) (Version: 1.0.1 - DDNi)
OOBE (x32 Version: 11.2.1.10 - Sony Corporation) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PMB (x32 Version: 5.5.02.12220 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010 - Sony Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
RealDownloader (x32 Version: 17.0.8 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
Safer Updater (x32 Version: 1.1.0.6 - Safer Technologies, Inc.) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.102 - Skype Technologies S.A.)
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
Spotify (HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\...\Spotify) (Version: 1.0.10.107.gd0dfca3a - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TEGAKI Messenger (HKLM-x32\...\{2179F23D-EAE1-4A94-B987-01A7E50E4222}) (Version: 1.3.1 - pipa.jp)
The Sims・3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.10.1 - Electronic Arts)
The Sims™ 3 Create a Pattern Tool (HKLM-x32\...\{44EAFE3D-09A9-4478-A2BF-0EED22F4E49F}) (Version: 1.0.0 - Electronic Arts)
The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
ToneSync for Windows (HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\...\c2c9648a374f64d1) (Version: 1.2.3.309 - Zedge Europe AS)
Unity Web Player (HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\...\UnityWebPlayer) (Version: 5.0.2f1 - Unity Technologies ApS)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
VAIO - Media Gallery (x32 Version: 1.5.0.16020 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition Plug-in (x32 Version: 1.6.01.06110 - Sony Corporation) Hidden
VAIO - Remote Keyboard (x32 Version: 1.0.1.03020 - Sony Corporation) Hidden
VAIO - Remote Play with PlayStation®3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
VAIO Control Center (x32 Version: 4.5.0.03040 - Sony Corporation) Hidden
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (x32 Version: 1.1.1.12200 - Sony Corporation) Hidden
VAIO Event Service (x32 Version: 5.5.0.03040 - Sony Corporation) Hidden
VAIO Gate (x32 Version: 2.3.0.11090 - Sony Corporation) Hidden
VAIO Gate Default (x32 Version: 2.4.0.03240 - Sony Corporation) Hidden
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Improvement (x32 Version: 1.0.0.14150 - Sony Corporation) Hidden
VAIO Manual (x32 Version: 2.0.0.02250 - Sony Corporation) Hidden
VAIO Quick Web Access (x32 Version: 1.4.5.3 - Sony Corporation) Hidden
VAIO Sample Contents (x32 Version: 1.4.0.09010 - Sony Corporation) Hidden
VAIO Satisfaction Survey. (x32 Version: 3.0 - Sony Electronics Inc.) Hidden
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.5.0.02280 - Sony Corporation)
VAIO Transfer Support (x32 Version: 1.4.0.14230 - Sony Corporation) Hidden
VAIO Update (x32 Version: 5.4.0.15300 - Sony Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Vista Shortcut Manager (HKLM-x32\...\{47609E69-4C5E-48B1-A889-24C6B82B5C04}) (Version: 2.0 - Frameworkx)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.4.0.0 - Azureus Software, Inc.)
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.11-4 - Wacom Technology Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1094553120-1280462464-1800685640-1005_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Cookie\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-1094553120-1280462464-1800685640-1005_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Cookie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1094553120-1280462464-1800685640-1005_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Cookie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1094553120-1280462464-1800685640-1005_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files (x86)\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-1094553120-1280462464-1800685640-1005_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Cookie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1094553120-1280462464-1800685640-1005_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Cookie\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points =========================
 
17-03-2015 08:59:55 avast! antivirus system restore point
17-03-2015 09:03:23 Device Driver Package Install: Avast Network Service
24-03-2015 12:16:41 Scheduled Checkpoint
26-03-2015 10:34:15 Device Driver Package Install: Visicom Media Inc. Imaging devices
26-03-2015 10:36:09 Device Driver Package Install: Visicom Media Inc. Sound, video and game controllers
02-04-2015 08:08:45 avast! antivirus system restore point
02-04-2015 08:16:14 Device Driver Package Install: Avast Network Service
02-04-2015 08:16:15 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
02-04-2015 08:18:20 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
02-04-2015 08:19:01 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
02-04-2015 08:19:45 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
02-04-2015 09:23:03 Installed iTunes
09-04-2015 17:20:58 Scheduled Checkpoint
18-04-2015 19:10:23 Scheduled Checkpoint
21-04-2015 11:08:36 Installed iTunes
22-04-2015 07:44:05 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
22-04-2015 07:45:59 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
22-04-2015 07:46:56 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
22-04-2015 07:47:34 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
26-04-2015 19:13:58 Installed Livestream Producer
27-04-2015 12:59:56 avast! antivirus system restore point
27-04-2015 13:02:50 Device Driver Package Install: Avast Network Service
28-04-2015 13:04:53 Removed Livestream Producer
03-05-2015 08:24:47 avast! antivirus system restore point
03-05-2015 08:34:58 avast! antivirus system restore point
09-05-2015 09:03:48 Firestorm-Betax64 x64
17-05-2015 09:13:19 Scheduled Checkpoint
24-05-2015 10:41:26 Scheduled Checkpoint
04-06-2015 19:15:51 Scheduled Checkpoint
13-06-2015 17:48:49 Scheduled Checkpoint
14-06-2015 21:45:01 Removed Java 8 Update 45
17-06-2015 08:04:38 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501
17-06-2015 08:06:15 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
17-06-2015 08:07:13 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
17-06-2015 08:08:20 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
25-06-2015 11:26:51 Scheduled Checkpoint
04-07-2015 18:31:19 Scheduled Checkpoint
12-07-2015 10:03:20 Scheduled Checkpoint
19-07-2015 07:42:20 Windows Live Essentials
19-07-2015 07:43:06 WLSetup
19-07-2015 07:44:19 Removed puush
19-07-2015 07:47:08 Removed VAIO Care
19-07-2015 07:47:53 Removed VAIO Help and Support
19-07-2015 07:49:33 Windows Modules Installer
28-07-2015 14:12:00 Scheduled Checkpoint
30-07-2015 07:33:30 avast! antivirus system restore point
30-07-2015 07:38:22 Device Driver Package Install: Avast Network Service
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0D37E2DB-02A4-4D00-B16C-38F8AECD646F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {11BEC8F9-89FD-480C-9EDF-806B75BC54DE} - System32\Tasks\HPCustParticipation HP Deskjet 3510 series => C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {18CD240A-5346-4F15-84DF-36D7775FA0CA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {1AFF38D0-972B-4750-A243-29EA2DE40DAD} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\Sony\VAIO Update 5\ShellExeProxy.exe [2011-03-30] (Sony Corporation)
Task: {20B8DFEF-F9D4-4B2E-8264-45FF4481BFE8} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1094553120-1280462464-1800685640-1005 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-03-20] (RealNetworks, Inc.)
Task: {21B7CDCA-0C3D-424B-A84A-818ECD6D9E2B} - System32\Tasks\{967C4E63-161F-4B0E-8B9D-83A8ECF89107} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe
Task: {266EF299-0A78-482A-9A99-6DD0EB5A12F5} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe [2015-07-18] (Adobe Systems Incorporated)
Task: {2A9ABA1B-23B6-4277-897D-295EBB89120A} - System32\Tasks\{F0D894B9-3283-4C3F-B7DA-81F4A1A47F8A} => C:\Program Files (x86)\Livestream Procaster\Procaster.exe [2013-01-30] ()
Task: {3405B40F-124B-4FDB-A608-311794C319BB} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-11-16] (Sony Corporation)
Task: {34CB14DE-F76F-4068-AA1B-9108E5BB050B} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1094553120-1280462464-1800685640-1005 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-03-20] (RealNetworks, Inc.)
Task: {3943AA08-1C11-4A49-BF22-3EF969008C50} - System32\Tasks\AdobeAAMUpdater-1.0-Primrose-Cookie => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-07-22] (Adobe Systems Incorporated)
Task: {53BA2F99-2BE8-42A1-927B-48E1BA94CE1F} - System32\Tasks\{F0F3CD32-187C-40DE-87D2-F34CBB1DED54} => C:\Program Files (x86)\Livestream Procaster\Procaster.exe [2013-01-30] ()
Task: {57FADB79-24D2-4F20-B408-5C842FD26CEE} - System32\Tasks\HP AR Program Upload - 516980076f954649934c0ac0820b5310ac018f845d814d5488a61f8d0e9a7e30 => C:\Program Files\HP\HP Deskjet 3510 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {5B2498C6-4FEC-4BC5-B085-F2012A46C5C6} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)
Task: {5CEF12EB-576E-48FB-A40E-2C2E9282571F} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1094553120-1280462464-1800685640-1005 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-03-20] (RealNetworks, Inc.)
Task: {5FCD224C-F7CE-486D-A7B1-4E7C0B26F592} - System32\Tasks\HP AR Program Upload - c67b40b973894c41a535ed573b50d2bc336259fbcaf04d9eba664c6643cb304f => C:\Program Files\HP\HP Deskjet 3510 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {62B862B9-A172-4BDD-8C88-1070AB1A9F1F} - System32\Tasks\{705BAA83-4469-47BF-A1E2-EE3BE47C42F3} => Chrome.exe http://ui.skype.com/ui/0/5.9.0.115/en/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {62DC174B-A6E0-4B0B-A62E-B7808DD34EA2} - System32\Tasks\GoogleUpdateTaskMachineUA1ce802d6eb99993 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-01] (Google Inc.)
Task: {66F8FBE9-47C7-43C7-8E42-B438EEF15407} - System32\Tasks\{37A21CA5-2272-4379-A7A9-D2611F95BA0E} => Chrome.exe http://ui.skype.com/ui/0/5.9.0.115/en/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {6DDB5D8F-4926-4DBF-B31D-0E0B1B7462E6} - System32\Tasks\HP AR Program Upload - 6fc1772bdf274c7eab82ddfa432498d10cfb48e4728844c0aba435ed6f8a0092 => C:\Program Files\HP\HP Deskjet 3510 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {7A068313-D3A1-4BBD-AB86-2D1F40777CB3} - System32\Tasks\update-S-1-5-21-1094553120-1280462464-1800685640-1005 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {7A104177-F183-4D3E-8BB9-F261648ED2DE} - System32\Tasks\{BFC53F30-FF69-4675-8483-F8D6DE6F05C5} => C:\Program Files (x86)\Livestream Procaster\Procaster.exe [2013-01-30] ()
Task: {7A867688-F2B3-43D2-ABAC-8BF436FE340A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-30] (AVAST Software)
Task: {847138EF-DA4D-43BA-8045-7972D15AF8C2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {850507A1-DDB6-4DA6-973A-0929A6F0D4D2} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {8703B92F-FCDE-4A79-B48F-409C19DC713E} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update 5 => C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe [2011-03-30] (Sony Corporation)
Task: {888B5B53-FEC8-438E-A158-A30D10E82FA3} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-11-28] ()
Task: {8B8A7637-087B-4385-B342-A3C0837A6309} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe
Task: {8E6F2616-D5C4-4D66-AA1A-5A47B22A795A} - System32\Tasks\HP AR Program Upload - 404a52ad6646440aaad85603ab5debb1d65127a021b444cc977f2461029089f9 => C:\Program Files\HP\HP Deskjet 3510 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {8F30A157-B9DB-4719-A03E-B0EEC52DBA63} - System32\Tasks\HP AR Program Upload - 5ba79ea7880646d09be37ee6bfb0a56026de806ffdf649c5962b89d8fe9016ee => C:\Program Files\HP\HP Deskjet 3510 series\bin\HPRewards.exe [2012-10-17] (TODO: <Company name>)
Task: {A9148448-52AD-4192-A618-3CC67CA05F24} - System32\Tasks\{70861142-7A34-4C70-A74F-8A9FEEBB08B8} => C:\Users\Cookie\Documents\PhotoshopPortable\PhotoshopCS6Portable.exe
Task: {AE4F4DBA-A90B-4B6F-A4C4-022299E34EC6} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1094553120-1280462464-1800685640-1005 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-03-15] (RealNetworks, Inc.)
Task: {AF2E4A3D-34AF-401D-9C1A-E0335A5CB73E} - System32\Tasks\{BAF53369-21C5-41AA-A916-359312D4F759} => C:\Program Files (x86)\Livestream Procaster\Procaster.exe [2013-01-30] ()
Task: {B8BD78AA-ADFD-49E4-9279-0A8670288506} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1094553120-1280462464-1800685640-1005 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-03-15] (RealNetworks, Inc.)
Task: {BD0F7842-2ABD-4F7B-ABCB-61455D2B750B} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {BEFEC33F-7C23-42BB-A74A-3976AA87B29E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {C2F8040E-6471-4DB2-BED5-346667C6D293} - System32\Tasks\{F65F235A-1BBA-4FC0-BD72-D70692267D86} => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat.exe
Task: {C37CBE71-FB53-4C5B-A288-6D6D8F4FA7B1} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1094553120-1280462464-1800685640-1005 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-03-20] (RealNetworks, Inc.)
Task: {CC3CF4A3-712A-4327-957B-4FD4F59465D8} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-11-16] (Sony Corporation)
Task: {D1F0B61A-99AD-45C5-9FEC-BE2AD02F77A5} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1094553120-1280462464-1800685640-1005 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-03-15] (RealNetworks, Inc.)
Task: {D8710E70-9217-49A6-A960-87D49EA55D2D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-18] (Adobe Systems Incorporated)
Task: {D8F77642-A486-403F-ADAB-5BD8EA315628} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {EF3DB04C-D935-4A44-9FBA-6CC899BCFCEC} - System32\Tasks\SaferUpdateTaskSCUD => C:\Program Files (x86)\Safer Technologies\Updater\SaferUpdater.exe [2015-05-18] (Safer Technologies, Inc.)
Task: {F705D8A1-83B0-41E1-A307-012D497B3EB5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-01] (Google Inc.)
Task: {F834F610-C4DB-4183-83D8-8A86E8C51C61} - System32\Tasks\{95B92885-1488-456A-B2B4-C286946B7DE8} => C:\Program Files (x86)\Livestream Procaster\Procaster.exe [2013-01-30] ()
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce802d6eb99993.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-1094553120-1280462464-1800685640-1005.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2014-12-28 20:24 - 2014-12-13 03:03 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-07-22 01:02 - 2015-07-22 01:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2011-03-17 00:07 - 2011-03-17 00:07 - 04297568 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-15 03:18 - 2014-03-15 03:18 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-03-20 21:13 - 2014-03-20 21:13 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2015-07-09 09:24 - 2015-02-26 17:16 - 01356568 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2010-04-13 20:11 - 2010-04-13 20:11 - 00083256 _____ () C:\Program Files (x86)\McAfee Online Backup\librs2.dll
2015-07-30 07:35 - 2015-07-30 07:35 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-30 07:35 - 2015-07-30 07:35 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-30 19:13 - 2015-07-30 19:13 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15073005\algo.dll
2015-07-31 10:00 - 2015-07-31 10:00 - 02959872 _____ () C:\Program Files\AVAST Software\Avast\defs\15073101\algo.dll
2011-03-17 00:11 - 2011-03-17 00:11 - 04297568 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-04-12 14:28 - 2014-04-12 14:28 - 00869976 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Plugins\cldplin.dll
2015-05-04 10:00 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-05-04 10:00 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-05-04 10:00 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-03-17 09:01 - 2015-03-17 09:01 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-07-29 18:06 - 2015-07-25 03:46 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\libglesv2.dll
2015-07-29 18:06 - 2015-07-25 03:46 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\libegl.dll
2015-07-29 18:06 - 2015-07-25 03:46 - 16308040 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: ACDaemon => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: IconMan_R => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: McAfee SiteAdvisor Service => 2
MSCONFIG\Services: mcmscsvc => 2
MSCONFIG\Services: McNaiAnn => 2
MSCONFIG\Services: McNASvc => 2
MSCONFIG\Services: McODS => 3
MSCONFIG\Services: McOobeSv => 2
MSCONFIG\Services: McProxy => 2
MSCONFIG\Services: MSK80Service => 2
MSCONFIG\Services: NVSvc => 2
MSCONFIG\Services: Oasis2Service => 2
MSCONFIG\Services: PMBDeviceInfoProvider => 2
MSCONFIG\Services: SampleCollector => 2
MSCONFIG\Services: SOHCImp => 3
MSCONFIG\Services: SOHDs => 3
MSCONFIG\Services: SpfService => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: uCamMonitor => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: VAIO Event Service => 2
MSCONFIG\Services: VCFw => 3
MSCONFIG\Services: VcmIAlzMgr => 3
MSCONFIG\Services: VcmINSMgr => 3
MSCONFIG\Services: VcmXmlIfHelper => 3
MSCONFIG\Services: VCService => 3
MSCONFIG\Services: VSNService => 2
MSCONFIG\Services: VUAgent => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^RealPlayer Cloud Service UI.lnk => C:\Windows\pss\RealPlayer Cloud Service UI.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TEGAKI Messenger.lnk => C:\Windows\pss\TEGAKI Messenger.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Cookie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^debug.log => C:\Windows\pss\debug.log.Startup
MSCONFIG\startupfolder: C:^Users^Cookie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP Deskjet 3510 series (Network).lnk => C:\Windows\pss\Monitor Ink Alerts - HP Deskjet 3510 series (Network).lnk.Startup
MSCONFIG\startupfolder: C:^Users^Cookie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Apoint => %ProgramFiles%\Apoint\Apoint.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: cAudioFilterAgent => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EA Core => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
MSCONFIG\startupreg: Facebook Update => "C:\Users\Cookie\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Google Update => "C:\Users\Cookie\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: instanteyedropper => "C:\Program Files (x86)\InstantEyedropper\InstantEyedropper.exe"
MSCONFIG\startupreg: ISBMgr.exe => "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: ManyCam => "C:\Program Files (x86)\ManyCam\ManyCam.exe" --silent
MSCONFIG\startupreg: mcpltui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: NETGEARGenie => "C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -redirect
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Cookie\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
MSCONFIG\startupreg: ZedgeToneSync => C:\Users\Cookie\AppData\Local\Apps\2.0\Data\6VLJOYZB.T9G\QXHV7H0L.NRZ\zedg..tion_4cd56dcfd1799009_0001.0002_ea3f01849f5e16c3\Data\ZedgeToneSync.appref-ms -startup
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{6E946954-AB25-440F-B3C6-478F854A448F}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{A0B1F1DB-6247-4B52-84EB-2905CA5C350E}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{74C64461-9731-4A7F-9752-89DDBBE11744}] => (Allow) C:\Program Files\Sony\VAIO Care\SelfHealUpdate.exe
FirewallRules: [{23C0BE5B-1095-4513-B64A-CF5CA2326EB1}] => (Allow) C:\Program Files\Sony\VAIO Care\SelfHealUpdate.exe
FirewallRules: [{6203ACD8-4802-4FBB-B6C2-9885E3F79A70}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOCareMain.exe
FirewallRules: [{F36FE4AC-1CF0-4B84-8DDD-D2366028D5BC}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOCareMain.exe
FirewallRules: [{06AC9C06-1FFD-4204-B049-A169493B7E1D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{C9431627-42D6-4930-9DA3-BB5B63338330}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7BE7C667-F4BC-4E5A-8DC9-422AE46FB38E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{64F267F8-C6CC-4F90-B676-6118C4BE8CE6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E307A73A-DA5A-489A-9DAD-FC1B2B0FC358}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3393DDC8-2B14-4E1A-A231-1FA0B22B088A}] => (Allow) LPort=443
FirewallRules: [{D1E97173-3702-4DC1-BAD4-9759C8E6F333}] => (Allow) LPort=443
FirewallRules: [{A2612A39-851E-4679-8287-C3889B9B6805}] => (Allow) LPort=37674
FirewallRules: [{652A7740-5193-4AB9-B5A3-E1F011F4FB68}] => (Allow) LPort=37674
FirewallRules: [{AD76505C-53A8-49B5-AAE1-313C42618C6A}] => (Allow) LPort=37675
FirewallRules: [{EFED8744-A455-4749-B340-8AC6E3FDA972}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{30472CF6-762A-4A8F-903E-DD8CFA575DD6}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [TCP Query User{D7DB847C-1627-40C2-8067-37B06B18027F}C:\users\cookie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\cookie\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{9A0FC67C-F56C-4C05-9ADB-AD0484075A07}C:\users\cookie\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\cookie\appdata\roaming\spotify\spotify.exe
FirewallRules: [{0E8F48CA-0D06-403D-A541-BBC3FA7CDF30}] => (Allow) C:\Users\Cookie\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{C3E33F93-F1F8-4C83-82F3-EC5DDFDC2097}] => (Allow) C:\Users\Cookie\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
FirewallRules: [{4E56B8AD-8933-44A8-B22B-E21D77C166F2}] => (Allow) C:\Users\Cookie\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{CF997529-F0F4-4189-B2AD-A8CA1267FF4A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{566DFF44-98C0-4964-8F3A-02AE306B0AB5}] => (Allow) LPort=2869
FirewallRules: [{F7559E7F-979F-4589-BCA0-EF9DA9B7D578}] => (Allow) LPort=1900
FirewallRules: [{5E780C03-30CE-4BB3-9249-E4AE9FDB5E7F}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\DeviceSetup.exe
FirewallRules: [{1E083D0D-E91E-49E8-95DB-2D94913B9A74}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{CB09010C-2F7D-424E-B767-8346F5894444}] => (Allow) C:\Program Files\HP\HP Deskjet 3510 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{2CBB3858-26E9-4980-8DEF-565D75B8848E}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe
FirewallRules: [{39F0AB85-C23C-47BA-889E-F48AEBD308D4}] => (Allow) C:\Program Files (x86)\Naver\LINE\Line.exe
FirewallRules: [TCP Query User{2A050A2D-9301-4F5B-800D-FD479B22231F}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [UDP Query User{418C7603-B4DA-4077-A133-33B1D682ECB4}C:\program files (x86)\netgear genie\bin\netgeargenie.exe] => (Allow) C:\program files (x86)\netgear genie\bin\netgeargenie.exe
FirewallRules: [{C75029BD-5BDC-4D87-BC82-0AF52E5773A6}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{B7A4D36D-7E6D-4790-82DC-517AC6262CD4}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{0460D2C1-AF3D-48DB-8EBD-DE58985C32E3}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [{F63F7E3E-A468-4949-B6BF-6B1482BC4C21}] => (Allow) C:\ProgramData\EmailNotifier\EmailNotifier.exe
FirewallRules: [{FF448C4C-D874-485F-AB95-BAE57B3ACF57}] => (Allow) C:\ProgramData\EmailNotifier\EmailNotifier.exe
FirewallRules: [{9BC3389C-C7E3-46C0-A002-C16150010A23}] => (Allow) C:\Program Files (x86)\ManyCam\ManyCam.exe
FirewallRules: [{4BB07623-763B-4F43-BFB1-371FB0824B9D}] => (Allow) C:\Program Files (x86)\ManyCam\ManyCam.exe
FirewallRules: [{1DC3A40C-D934-4847-8D40-3DC6F9AB6F77}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{CB5F4083-7148-4672-BCAA-EB93470E962B}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [TCP Query User{0F3AFB0B-9BB8-41DD-8810-E8A477AF15E1}C:\users\cookie\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\cookie\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{63059E8F-5546-4EB0-B203-52FD4B31E019}C:\users\cookie\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\cookie\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C6CE2522-9ABA-413E-A4C4-C0BA33F212C5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{218B1398-B791-40EF-AF00-137CBF438D7E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A709EA2F-11D9-4248-B966-16D7AAC611D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{A4FC2BAB-74C8-495B-BF01-8C524B43F858}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{1B408FA7-6E68-44DF-9971-1FA54E13395B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8177EEB5-90A2-49CD-BF13-61D82588329C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{04325317-07EE-4327-94A8-BF83867B2981}C:\program files (x86)\naver\line\line.exe] => (Allow) C:\program files (x86)\naver\line\line.exe
FirewallRules: [UDP Query User{DE071CE5-5843-4C00-A0E1-AB5BE86F960A}C:\program files (x86)\naver\line\line.exe] => (Allow) C:\program files (x86)\naver\line\line.exe
FirewallRules: [{FEBE2612-9CA6-42C0-AF84-0753D7EEDA6A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B8CEF61D-356C-4240-8FA6-DDA614CD35EC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8025F5CF-E2B3-4C5F-9221-867204146257}C:\program files\firestorm-betax64\slvoice.exe] => (Allow) C:\program files\firestorm-betax64\slvoice.exe
FirewallRules: [UDP Query User{B3DB7AC1-B5EC-4144-AE9F-B17A15931B86}C:\program files\firestorm-betax64\slvoice.exe] => (Allow) C:\program files\firestorm-betax64\slvoice.exe
FirewallRules: [TCP Query User{16C4F0AF-1576-4B06-84F4-CB54BC5B9FAB}C:\program files\firestorm-betax64\slvoice.exe] => (Block) C:\program files\firestorm-betax64\slvoice.exe
FirewallRules: [UDP Query User{DE1CBFAF-49EC-460B-8EFA-38C6B4DD35A7}C:\program files\firestorm-betax64\slvoice.exe] => (Block) C:\program files\firestorm-betax64\slvoice.exe
FirewallRules: [{9EA00B96-8F16-4D57-9F6D-B143176403AC}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{727DF571-1A19-4F8A-9EA4-5FCFDDB22759}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/31/2015 10:02:49 AM) (Source: WTabletServicePro) (EventID: 1) (User: )
Description: Prefs: Failed to get user path
 
Error: (07/31/2015 10:02:43 AM) (Source: WTabletServicePro) (EventID: 1) (User: )
Description: Prefs: Failed to get user path
 
Error: (07/31/2015 09:58:30 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {e8dfef2f-ebe7-4f25-8101-748d0e1ffc62}
 
Error: (07/31/2015 09:58:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Creative Cloud.exe, version: 3.2.0.129, time stamp: 0x55b0d540
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process id: 0x4d0
Faulting application start time: 0xCreative Cloud.exe0
Faulting application path: Creative Cloud.exe1
Faulting module path: Creative Cloud.exe2
Report Id: Creative Cloud.exe3
 
Error: (07/31/2015 09:57:26 AM) (Source: ESENT) (EventID: 439) (User: )
Description: Windows (4652) Windows: Unable to write a shadowed header for file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk. Error -1032.
 
Error: (07/31/2015 09:57:26 AM) (Source: ESENT) (EventID: 490) (User: )
Description: Windows (4652) Windows: An attempt to open the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).
 
Error: (07/31/2015 09:56:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/30/2015 07:12:37 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {794560f9-f419-42b9-8405-37838856ffae}
 
Error: (07/30/2015 07:11:23 PM) (Source: WTabletServicePro) (EventID: 1) (User: )
Description: Prefs: Failed to get user path
 
Error: (07/30/2015 07:11:17 PM) (Source: WTabletServicePro) (EventID: 1) (User: )
Description: Prefs: Failed to get user path
 
 
System errors:
=============
Error: (07/31/2015 09:56:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 
%%1053
 
Error: (07/31/2015 09:56:43 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
 
Error: (07/31/2015 09:55:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 
%%1053
 
Error: (07/31/2015 09:55:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
 
Error: (07/30/2015 07:15:52 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.
 
Error: (07/30/2015 07:51:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Image Acquisition (WIA) service failed to start due to the following error: 
%%1053
 
Error: (07/30/2015 07:51:15 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Image Acquisition (WIA) service to connect.
 
Error: (07/30/2015 07:50:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error: 
%%1053
 
Error: (07/30/2015 07:50:43 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
 
Error: (07/30/2015 07:47:34 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Software Protection service terminated with the following error: 
%%19
 
 
Microsoft Office:
=========================
Error: (07/31/2015 10:02:49 AM) (Source: WTabletServicePro) (EventID: 1) (User: )
Description: Prefs: Failed to get user path
 
Error: (07/31/2015 10:02:43 AM) (Source: WTabletServicePro) (EventID: 1) (User: )
Description: Prefs: Failed to get user path
 
Error: (07/31/2015 09:58:30 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {e8dfef2f-ebe7-4f25-8101-748d0e1ffc62}
 
Error: (07/31/2015 09:58:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Creative Cloud.exe3.2.0.12955b0d540unknown0.0.0.000000000c0000005000000004d001d0cba144d13536C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exeunknown8ccfd05f-3794-11e5-9726-f0bf9706ec6e
 
Error: (07/31/2015 09:57:26 AM) (Source: ESENT) (EventID: 439) (User: )
Description: Windows4652Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk-1032
 
Error: (07/31/2015 09:57:26 AM) (Source: ESENT) (EventID: 490) (User: )
Description: Windows4652Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.
 
Error: (07/31/2015 09:56:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (07/30/2015 07:12:37 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {794560f9-f419-42b9-8405-37838856ffae}
 
Error: (07/30/2015 07:11:23 PM) (Source: WTabletServicePro) (EventID: 1) (User: )
Description: Prefs: Failed to get user path
 
Error: (07/30/2015 07:11:17 PM) (Source: WTabletServicePro) (EventID: 1) (User: )
Description: Prefs: Failed to get user path
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 68%
Total physical RAM: 4077.86 MB
Available physical RAM: 1291.36 MB
Total Virtual: 8153.9 MB
Available Virtual: 4568.65 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:287.06 GB) (Free:39.14 GB) NTFS
Drive g: (TOSHIBA EXT) (Fixed) (Total:465.76 GB) (Free:325.67 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: CB356F4F)
Partition 1: (Not Active) - (Size=10.9 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=287.1 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 3234CFA2)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
 
==================== End of log ============================


#4 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,163 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:07:43 PM

Posted 02 August 2015 - 12:06 AM

Hi waifi.

 

Sorry, I missed a notification for your topic. I will reply as soon as possible.

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#5 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,163 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:07:43 PM

Posted 02 August 2015 - 09:03 AM

Hi waifi.

 

We need to remove programs using "Programs and Features"

Click the "Start" orb on the taskbar, and then click the "Control Panel" button.

  • If you use Category mode, click on Uninstall a Program.
  • If you use Icons mode, click on Program and Features.

A list of programs installed will be "populated" (this may take a bit of time).
If they exist, uninstall the following by clicking on the below entries and selecting "Remove":

jZip 

Additional instructions can be found here if needed.

 

------------------

 

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on I agree button.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

-------------

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#6 waifi

waifi
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:43 AM

Posted 02 August 2015 - 10:19 AM

I'm not sure if I did this right. I followed all the steps, but I didn't reach a finish message, and I have no option to select Report. The scan button is grayed out. I was able to click the Log button and this is what I got:

 

--

 

AdwCleaner[R0].txt

 

# AdwCleaner v4.208 - Logfile created 02/08/2015 at 09:51:28
# Updated 09/07/2015 by Xplode
# Database : 2015-08-01.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Cookie - PRIMROSE
# Running from : C:\Users\Cookie\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : mcaudrv_simple
Service Found : ManyCam
 
***** [ Files / Folders ] *****
 
File Found : C:\END
File Found : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml
File Found : C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_isurveys.researchresults.com_0.localstorage
File Found : C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_isurveys.researchresults.com_0.localstorage-journal
File Found : C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
File Found : C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
File Found : C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_survey.researchresults.com_0.localstorage
File Found : C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_survey.researchresults.com_0.localstorage-journal
File Found : C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage
File Found : C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage-journal
File Found : C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.viewpointforum.com_0.localstorage
File Found : C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.viewpointforum.com_0.localstorage-journal
File Found : C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.viewpoints.com_0.localstorage
File Found : C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.viewpoints.com_0.localstorage-journal
File Found : C:\Users\Cookie\AppData\Roaming\AdobeWLCMCache.dat
File Found : C:\Windows\System32\drivers\mcaudrv_x64.sys
File Found : C:\Windows\System32\drivers\mcvidrv.sys
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\Ask
Folder Found : C:\ProgramData\EmailNotifier
Folder Found : C:\Users\Cookie\AppData\Local\apn
Folder Found : C:\Users\Cookie\AppData\Local\PackageAware
Folder Found : C:\Users\Cookie\AppData\Local\Temp\jZip
Folder Found : C:\Users\Cookie\AppData\Roaming\Browser Extensions
Folder Found : C:\Users\Cookie\AppData\Roaming\BrowserExtensions
Folder Found : C:\Users\Cookie\AppData\Roaming\RHEng
Folder Found : C:\Users\Cookie\AppData\Roaming\Tinychat Co
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\PackageAware
 
***** [ Scheduled tasks ] *****
 
Task Found : update-sys
Task Found : update-S-1-5-21-1094553120-1280462464-1800685640-1005
Task Found : update-sys
Task Found : update-S-1-5-21-1094553120-1280462464-1800685640-1005
Task Found : update-sys
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\Classes\MIME\Database\Content Type\application/x-pokkidownloadhelper
Key Found : HKCU\Software\Classes\pokki
Key Found : HKCU\Software\Classes\Pokki.PokkiDownloadHelper
Key Found : HKCU\Software\Classes\Pokki.PokkiDownloadHelper.1
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{22848257-6A2D-4D2A-8D56-C886D25B8B58}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{22848257-6A2D-4D2A-8D56-C886D25B8B58}
Key Found : HKCU\Software\MozillaPlugins\pokki.com/PokkiDownloadHelper
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\systweak
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\systweak
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Found : HKLM\SOFTWARE\DeviceVM
Key Found : HKLM\SOFTWARE\Email Notifier
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : [x64] HKLM\SOFTWARE\DeviceVM
Key Found : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16611
 
 
-\\ Mozilla Firefox v39.0 (x86 en-US)
 
[jzjr3rq3.default-1395267277049] - Line Found : user_pref("extensions.fvd_single.surfcanyon.ramp.start_time", "1395882104185");
 
-\\ Google Chrome v44.0.2403.125
 
 
*************************
 
AdwCleaner[R0].txt - [5323 bytes] - [02/08/2015 09:51:28]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5382 bytes] ##########

Edited by waifi, 02 August 2015 - 10:21 AM.


#7 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,163 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:07:43 PM

Posted 03 August 2015 - 10:33 AM

Hi waifi.

 

Double click on AdwCleaner.exe to run the tool again. Vista/Windows 7/8 users right-click and select Run As Administrator

  • The tool will start to update the database, please wait a bit.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

-------------

 

After the scan has been completed, please create a new FRST log for me.

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#8 waifi

waifi
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:43 AM

Posted 03 August 2015 - 11:06 AM

AdwCleaner[S0].txt

 

# AdwCleaner v4.208 - Logfile created 03/08/2015 at 10:58:49

# Updated 09/07/2015 by Xplode
# Database : 2015-08-01.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Cookie - PRIMROSE
# Running from : C:\Users\Cookie\Desktop\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
Service Deleted : mcaudrv_simple
[#] Service Deleted : ManyCam
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\EmailNotifier
Folder Deleted : C:\Users\Cookie\AppData\Local\Temp\jZip
Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\PackageAware
Folder Deleted : C:\Users\Cookie\AppData\Local\apn
Folder Deleted : C:\Users\Cookie\AppData\Local\PackageAware
Folder Deleted : C:\Users\Cookie\AppData\Roaming\Browser Extensions
Folder Deleted : C:\Users\Cookie\AppData\Roaming\Tinychat Co
Folder Deleted : C:\Users\Cookie\AppData\Roaming\RHEng
Folder Deleted : C:\Users\Cookie\AppData\Roaming\BrowserExtensions
File Deleted : C:\END
File Deleted : C:\Windows\System32\drivers\mcaudrv_x64.sys
File Deleted : C:\Windows\System32\drivers\mcvidrv.sys
File Deleted : C:\Users\Cookie\AppData\Roaming\AdobeWLCMCache.dat
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\yahoo.xml
File Deleted : C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_isurveys.researchresults.com_0.localstorage
File Deleted : C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_isurveys.researchresults.com_0.localstorage-journal
File Deleted : C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
File Deleted : C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
File Deleted : C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_survey.researchresults.com_0.localstorage
File Deleted : C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_survey.researchresults.com_0.localstorage-journal
File Deleted : C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage
File Deleted : C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage-journal
File Deleted : C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.viewpointforum.com_0.localstorage
File Deleted : C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.viewpointforum.com_0.localstorage-journal
File Deleted : C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.viewpoints.com_0.localstorage
File Deleted : C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.viewpoints.com_0.localstorage-journal
 
***** [ Scheduled tasks ] *****
 
Task Deleted : update-sys
Task Deleted : update-S-1-5-21-1094553120-1280462464-1800685640-1005
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKCU\Software\MozillaPlugins\pokki.com/PokkiDownloadHelper
Key Deleted : HKCU\Software\Classes\MIME\Database\Content Type\application/x-pokkidownloadhelper
Key Deleted : HKCU\Software\Classes\Pokki.PokkiDownloadHelper
Key Deleted : HKCU\Software\Classes\Pokki.PokkiDownloadHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{22848257-6A2D-4D2A-8D56-C886D25B8B58}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{22848257-6A2D-4D2A-8D56-C886D25B8B58}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKLM\SOFTWARE\DeviceVM
Key Deleted : HKLM\SOFTWARE\Email Notifier
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM
Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v10.0.9200.16611
 
 
-\\ Mozilla Firefox v39.0 (x86 en-US)
 
[jzjr3rq3.default-1395267277049\prefs.js] - Line Deleted : user_pref("extensions.fvd_single.surfcanyon.ramp.start_time", "1395882104185");
 
-\\ Google Chrome v44.0.2403.125
 
 
*************************
 
AdwCleaner[R0].txt - [5485 bytes] - [02/08/2015 09:51:28]
AdwCleaner[R1].txt - [5544 bytes] - [03/08/2015 10:55:39]
AdwCleaner[S0].txt - [5300 bytes] - [03/08/2015 10:58:49]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5359  bytes] ##########

Edited by waifi, 03 August 2015 - 11:10 AM.


#9 waifi

waifi
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:43 AM

Posted 03 August 2015 - 11:09 AM

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
Ran by Cookie (administrator) on PRIMROSE (03-08-2015 11:07:07)
Running from C:\Users\Cookie\Desktop
Loaded Profiles: Cookie (Available Profiles: Cookie)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Cookie\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2011-12-05] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-07-22] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-30] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-07-23] (Adobe Systems Incorporated)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53753984 2015-07-18] (Skype Technologies S.A.)
HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [876728 2015-07-03] (Adobe Systems Incorporated)
HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\...\Run: [SaferBrowserIsDefault] => "C:\Program Files (x86)\Safer Technologies\Safer Browser\Application\SaferBrowserProtector.exe" --force-protect
HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\...\Run: [Spotify Web Helper] => C:\Users\Cookie\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017848 2015-07-24] (Spotify Ltd)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-30] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [MOBK] -> {3c3f3c1a-9153-7c05-f938-622e7003894d} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll [2010-04-13] (McAfee, Inc.)
ShellIconOverlayIdentifiers: [MOBK2] -> {e6ea1d7d-144e-b977-98c4-84c53c1a69d0} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll [2010-04-13] (McAfee, Inc.)
ShellIconOverlayIdentifiers: [MOBK3] -> {b4caf489-1eec-c617-49ad-8d7088598c06} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll [2010-04-13] (McAfee, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\Software\Microsoft\Internet Explorer\Main,Start Page = https://bing.com/
HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1094553120-1280462464-1800685640-1005 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1094553120-1280462464-1800685640-1005 -> {6D6F304F-AF28-406D-B745-9785E8E5147E} URL = https://search.yahoo.com/search?fr=mcafee&type=A010US0&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-1094553120-1280462464-1800685640-1005 -> {C34B8A7A-C0EF-47D0-B685-6959EBDEDB20} URL = http://www.bing.com/search?q={searchTerms}&form=OSDSRC
SearchScopes: HKU\S-1-5-21-1094553120-1280462464-1800685640-1005 -> {CB2E59E2-2B90-4798-A629-320BB47F5B07} URL = 
BHO: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} ->  No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-30] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
BHO-x32: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} ->  No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-17] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-30] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-17] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1094553120-1280462464-1800685640-1005 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-1094553120-1280462464-1800685640-1005 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{166D7C5D-6325-43D4-AAE3-35E05BB0AB20}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D947AE83-A299-498B-838E-A676D44E6EBC}: [DhcpNameServer] 172.26.38.1 172.26.38.2
 
FireFox:
========
FF ProfilePath: C:\Users\Cookie\AppData\Roaming\Mozilla\Firefox\Profiles\jzjr3rq3.default-1395267277049
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.1 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-23] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-05-14] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.8.22 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2014-04-12] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.8 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2014-03-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.8 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-03-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.8 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2014-03-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.8.22 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-04-12] (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.6 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.1 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-23] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin HKU\S-1-5-21-1094553120-1280462464-1800685640-1005: @citrixonline.com/appdetectorplugin -> C:\Users\Cookie\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-11-06] (Citrix Online)
FF Plugin HKU\S-1-5-21-1094553120-1280462464-1800685640-1005: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Cookie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-05-11] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1094553120-1280462464-1800685640-1005: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2014-04-12] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2014-04-12] (RealPlayer Cloud)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2013-10-27]
FF Extension: Flash Video Downloader - YouTube HD Downloader [4K] - C:\Users\Cookie\AppData\Roaming\Mozilla\Firefox\Profiles\jzjr3rq3.default-1395267277049\Extensions\artur.dubovoy@gmail.com [2015-07-10]
FF Extension: Page Source - C:\Users\Cookie\AppData\Roaming\Mozilla\Firefox\Profiles\jzjr3rq3.default-1395267277049\Extensions\{12ca4747-8b0c-4010-8a96-3c310b50b89b} [2015-07-10]
FF Extension: Adblock Plus - C:\Users\Cookie\AppData\Roaming\Mozilla\Firefox\Profiles\jzjr3rq3.default-1395267277049\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-26]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-23]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-23]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-04-12]
FF HKLM-x32\...\Firefox\Extensions: [{0FAA5C82-A094-4541-8811-D3361F972A81}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-20]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2015-04-08]
 
Chrome: 
=======
CHR Profile: C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-02]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2015-04-15]
CHR Extension: (Duolingo on the Web) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-04-15]
CHR Extension: (Google Docs) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-02]
CHR Extension: (Google Drive) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-15]
CHR Extension: (2draw.net) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcbkcbpbaolcoekgamlnbfalkagjpooi [2015-04-15]
CHR Extension: (YouTube) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-15]
CHR Extension: (Adblock Plus) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-15]
CHR Extension: (Add to Amazon Wish List) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2015-07-22]
CHR Extension: (Google Search) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-15]
CHR Extension: (Gmail Offline) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-04-15]
CHR Extension: (Google Calendar) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-04-15]
CHR Extension: (Google Sheets) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-02]
CHR Extension: (XKit) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2015-04-15]
CHR Extension: (AdBlock) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-04-15]
CHR Extension: (SwagButton) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngocbkfmikdgphklgmmehbjjlfgdemm [2015-07-31]
CHR Extension: (Avast Online Security) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-20]
CHR Extension: (Little Alchemy) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2015-04-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-16]
CHR Extension: (Polyvore Clipper) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\liilchbbmdohoilfeonmdpcbhpekaiac [2015-07-28]
CHR Extension: (BetterGaia) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmgjagdflhhfjflolfalapokbplfldna [2015-04-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-06]
CHR Extension: (Gmail) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-15]
CHR Profile: C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-26]
CHR Extension: (Google Docs) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-26]
CHR Extension: (Google Drive) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-26]
CHR Extension: (YouTube) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-26]
CHR Extension: (Google Search) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-26]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-01-26]
CHR Extension: (Avast SafePrice) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-01-26]
CHR Extension: (Google Sheets) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-26]
CHR Extension: (SiteAdvisor) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-01-26]
CHR Extension: (Bookmark Manager) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16]
CHR Extension: (Avast Online Security) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-26]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-05]
CHR Extension: (Social Anywhere) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mnmkabhkheikmcfieenfbfhikpigjldi [2015-01-26]
CHR Extension: (Google Wallet) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-26]
CHR Extension: (Gmail) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-26]
CHR Profile: C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-26]
CHR Extension: (Google Docs) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-26]
CHR Extension: (Google Drive) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-26]
CHR Extension: (YouTube) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-26]
CHR Extension: (Google Search) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-26]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-01-26]
CHR Extension: (Avast SafePrice) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-01-26]
CHR Extension: (Google Sheets) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-26]
CHR Extension: (Avast Online Security) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-26]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-26]
CHR Extension: (Gmail) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-26]
CHR Profile: C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Google Slides) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-22]
CHR Extension: (Google Docs) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-22]
CHR Extension: (Google Drive) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-22]
CHR Extension: (YouTube) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-22]
CHR Extension: (Google Search) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-22]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-02-22]
CHR Extension: (Avast SafePrice) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-02-22]
CHR Extension: (Google Sheets) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-22]
CHR Extension: (Avast Online Security) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-22]
CHR Extension: (RealPlayer Downloader) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2015-02-22]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-20]
CHR Extension: (Google Wallet) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-22]
CHR Extension: (Gmail) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-22]
CHR Profile: C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4
CHR Extension: (Google Slides) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-25]
CHR Extension: (Google Docs) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-25]
CHR Extension: (Google Drive) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-25]
CHR Extension: (YouTube) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-25]
CHR Extension: (Google Search) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-25]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-03-25]
CHR Extension: (Avast SafePrice) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-03-25]
CHR Extension: (Google Sheets) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-25]
CHR Extension: (Avast Online Security) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-25]
CHR Extension: (RealPlayer Downloader) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2015-03-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25]
CHR Extension: (Google Wallet) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-25]
CHR Extension: (Gmail) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-25]
CHR Profile: C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5
CHR Extension: (Google Slides) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-25]
CHR Extension: (Google Docs) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-25]
CHR Extension: (Google Drive) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-25]
CHR Extension: (YouTube) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-25]
CHR Extension: (Google Search) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-25]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-03-25]
CHR Extension: (Avast SafePrice) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-03-25]
CHR Extension: (Google Sheets) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-25]
CHR Extension: (Avast Online Security) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-25]
CHR Extension: (RealPlayer Downloader) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2015-03-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-25]
CHR Extension: (Gmail) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-25]
CHR Profile: C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6
CHR Extension: (Google Slides) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-25]
CHR Extension: (Google Docs) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-25]
CHR Extension: (Google Drive) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-25]
CHR Extension: (YouTube) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-25]
CHR Extension: (Google Search) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-25]
CHR Extension: (Google Sheets) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-25]
CHR Extension: (XKit) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2015-03-29]
CHR Extension: (Avast Online Security) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25]
CHR Extension: (Google Wallet) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-25]
CHR Extension: (Gmail) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-25]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-17]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-03-15]
CHR HKLM-x32\...\Chrome\Extension: [mnmkabhkheikmcfieenfbfhikpigjldi] - C:\Users\Cookie\AppData\Local\Social Anywhere\Chrome\Social Anywhere.crx [Not Found]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-30] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-07-30] (AVAST Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation)
S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2361344 2011-03-29] (Realsil Microelectronics Inc.) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MOBKbackup; C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [231224 2010-04-13] (McAfee, Inc.)
R2 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2013-04-07] (NETGEAR)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation)
S4 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [53248 2012-02-09] (Digital Delivery Networks, Inc.) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-05-12] (Electronic Arts)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-03-15] ()
R2 RealPlayer Cloud Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141848 2014-04-12] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-03-20] () [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S4 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S4 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
S4 VUAgent; C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [1021112 2011-03-30] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [672024 2015-02-26] (Wacom Technology, Corp.)
U4 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
S3 SwitchBoard; "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-30] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-07-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-30] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454016 2015-07-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-30] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-07-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-30] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-07-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-30] (AVAST Software)
R3 bbcap; C:\Windows\System32\DRIVERS\bbcap.sys [4608 2013-01-09] (Windows ® Codename Longhorn DDK provider)
S3 KINONI_Wave; C:\Windows\System32\drivers\kinonivad.sys [23040 2013-02-26] (Windows ® Win 7 DDK provider)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [66040 2010-04-13] (Mozy, Inc.)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-05-10] (Apple Inc.) [File not signed]
R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2013-06-13] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [X]
S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-03 11:07 - 2015-08-03 11:07 - 00000000 ____D C:\Users\Cookie\Desktop\FRST-OlderVersion
2015-08-02 09:51 - 2015-08-03 10:59 - 00000000 ____D C:\AdwCleaner
2015-08-02 09:49 - 2015-08-02 09:49 - 02248704 _____ C:\Users\Cookie\Desktop\AdwCleaner.exe
2015-08-01 18:44 - 2015-08-01 18:44 - 00000000 ____D C:\Users\Cookie\AppData\Roaming\WTablet
2015-07-31 11:16 - 2015-07-31 11:17 - 00061802 _____ C:\Users\Cookie\Desktop\Addition.txt
2015-07-31 11:15 - 2015-08-03 11:07 - 00047546 _____ C:\Users\Cookie\Desktop\FRST.txt
2015-07-31 11:15 - 2015-08-03 11:07 - 00000000 ____D C:\FRST
2015-07-31 11:11 - 2015-08-03 11:07 - 02169856 _____ (Farbar) C:\Users\Cookie\Desktop\FRST64.exe
2015-07-30 19:17 - 2015-07-30 19:17 - 13095136 _____ (Microsoft Corporation) C:\Users\Cookie\Downloads\Silverlight_x64.exe
2015-07-30 07:36 - 2015-07-30 07:36 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-07-30 07:35 - 2015-07-30 07:35 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-07-30 07:34 - 2015-07-30 07:34 - 00454016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-07-30 07:09 - 2015-07-30 07:09 - 00003352 ____N C:\bootsqm.dat
2015-07-30 07:06 - 2015-07-30 07:06 - 00000000 __SHD C:\found.009
2015-07-28 19:44 - 2015-07-28 19:44 - 00043494 _____ C:\Users\Cookie\AppData\Local\Tempdivxcfc1
2015-07-28 19:36 - 2015-07-28 19:37 - 05477824 _____ C:\Users\Cookie\Downloads\Record54.aiff
2015-07-28 08:38 - 2015-07-28 08:38 - 00001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-07-27 19:10 - 2015-07-27 19:10 - 00000000 __SHD C:\found.008
2015-07-24 12:36 - 2015-07-24 12:37 - 00017257 _____ C:\Users\Cookie\Downloads\default.htm
2015-07-19 07:49 - 2015-07-19 07:50 - 00065536 _____ C:\Windows\ocsetup_uninstall_OEMHelpCustomization.etl
2015-07-19 07:49 - 2015-07-19 07:50 - 00028693 _____ C:\Windows\ocsetup_cbs_uninstall_OEMHelpCustomization.txt
2015-07-18 07:43 - 2015-08-03 11:07 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-18 07:43 - 2015-07-18 07:43 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-09 09:25 - 2015-07-19 07:40 - 00000000 ____D C:\Program Files\TabletPlugins
2015-07-09 09:25 - 2015-07-19 07:40 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2015-07-09 09:25 - 2015-07-09 09:25 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet
2015-07-09 09:25 - 2014-10-25 15:52 - 00015160 _____ (Wacom Technology) C:\Windows\system32\Drivers\wacomrouterfilter.sys
2015-07-09 09:24 - 2015-07-09 09:25 - 00000000 ____D C:\Program Files\Tablet
2015-07-09 09:24 - 2015-02-26 17:16 - 02029336 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2015-07-09 09:24 - 2015-02-26 17:16 - 01990936 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Touch_Tablet.dll
2015-07-09 09:24 - 2015-02-26 17:16 - 01863960 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2015-07-09 09:24 - 2015-02-26 17:16 - 01626392 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
2015-07-09 09:24 - 2015-02-26 17:16 - 01618712 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Tablet.dll
2015-07-09 09:24 - 2015-02-26 17:16 - 01612056 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll
2015-07-09 09:24 - 2015-02-26 17:16 - 01497368 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2015-07-09 09:24 - 2014-10-25 15:52 - 00100664 _____ (Wacom Technology) C:\Windows\system32\Drivers\wachidrouter.sys
2015-07-09 09:10 - 2015-07-09 09:12 - 150622864 _____ C:\Users\Cookie\Downloads\WacomTablet_6.3.11-4a.exe
2015-07-08 15:29 - 2015-08-01 18:35 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-07-08 15:29 - 2015-07-18 07:44 - 00003888 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-07-08 15:29 - 2015-07-18 07:43 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-08 15:29 - 2015-07-18 07:43 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-08 02:08 - 2015-07-08 02:08 - 00253196 _____ C:\Users\Cookie\AppData\Local\Tempdivx4049
2015-07-04 10:16 - 2015-07-04 10:16 - 00248320 ____H C:\Windows\system32\mlfcache.dat
2015-07-04 10:03 - 2015-07-04 10:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-04 10:02 - 2015-07-04 10:03 - 00000000 ____D C:\Program Files\iTunes
2015-07-04 10:02 - 2015-07-04 10:02 - 00000000 ____D C:\Program Files\iPod
2015-07-04 10:02 - 2015-07-04 10:02 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-04 09:48 - 2015-07-04 09:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-07-04 09:48 - 2015-07-04 09:48 - 00000000 ____D C:\Program Files (x86)\QuickTime
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-03 11:07 - 2012-05-09 18:04 - 01196187 _____ C:\Windows\WindowsUpdate.log
2015-08-03 11:06 - 2012-05-14 10:09 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{546FD215-9506-4D7C-BA5B-ECD4B5012BD8}
2015-08-03 11:05 - 2012-05-14 22:25 - 00000000 ____D C:\Users\Cookie\AppData\Roaming\Skype
2015-08-03 11:02 - 2013-07-13 19:59 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce802d6eb99993.job
2015-08-03 11:01 - 2013-01-01 09:35 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-03 11:01 - 2012-05-19 09:33 - 00000000 ____D C:\Users\Cookie\AppData\Local\CrashDumps
2015-08-03 11:01 - 2009-07-13 23:51 - 00335472 _____ C:\Windows\setupact.log
2015-08-03 11:00 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-03 10:36 - 2009-07-13 23:45 - 00021200 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-03 10:36 - 2009-07-13 23:45 - 00021200 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-03 10:34 - 2012-05-14 15:30 - 00000000 ____D C:\Users\Cookie\AppData\Local\Adobe
2015-08-03 10:23 - 2010-11-20 22:47 - 00932940 _____ C:\Windows\PFRO.log
2015-08-02 22:49 - 2012-05-15 08:29 - 00000000 ____D C:\Users\Cookie\AppData\Local\Spotify
2015-08-02 21:53 - 2012-05-15 00:11 - 00000000 ____D C:\Users\Cookie\AppData\Roaming\Spotify
2015-08-01 21:09 - 2014-01-24 03:44 - 00001456 _____ C:\Users\Cookie\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-07-31 20:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-31 11:12 - 2012-05-23 15:39 - 00000000 ___RD C:\Users\Cookie\Desktop\Desktop WIP
2015-07-31 10:50 - 2009-07-14 00:13 - 00778834 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-31 09:57 - 2014-07-20 17:51 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-31 09:53 - 2012-05-17 08:57 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-07-31 09:53 - 2012-05-17 08:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-07-30 19:18 - 2012-05-17 08:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-07-30 07:36 - 2014-07-20 17:51 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-07-30 07:36 - 2014-07-20 17:51 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-07-30 07:36 - 2014-07-20 17:51 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-07-30 07:36 - 2014-07-20 17:51 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-07-30 07:36 - 2014-07-20 17:51 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-07-30 07:36 - 2014-07-20 17:51 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-07-30 07:36 - 2014-07-20 17:51 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-07-30 07:35 - 2014-08-17 06:52 - 00028144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2015-07-30 07:35 - 2014-07-20 17:51 - 01048856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-07-28 19:46 - 2014-11-27 13:08 - 00003364 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1094553120-1280462464-1800685640-1005
2015-07-28 19:46 - 2014-11-27 13:08 - 00003232 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1094553120-1280462464-1800685640-1005
2015-07-28 15:10 - 2012-05-30 19:04 - 00000000 ____D C:\Users\Cookie\Documents\sai
2015-07-28 08:37 - 2012-05-09 18:46 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-28 08:29 - 2015-03-23 13:14 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-24 10:25 - 2012-05-14 22:25 - 00000000 ____D C:\ProgramData\Skype
2015-07-24 10:15 - 2015-03-23 12:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-24 09:05 - 2012-05-14 21:32 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-07-19 09:51 - 2012-05-09 18:21 - 00000000 ____D C:\Program Files\Sony
2015-07-19 07:49 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Help
2015-07-19 07:47 - 2012-05-09 18:10 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-19 07:43 - 2012-10-09 23:02 - 00000000 ____D C:\Program Files\Windows Live
2015-07-19 07:43 - 2012-05-09 19:15 - 00000000 ____D C:\Program Files (x86)\Windows Live
2015-07-19 07:36 - 2012-05-09 18:17 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-18 19:25 - 2015-05-04 10:00 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-07-18 18:48 - 2015-05-04 08:16 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-18 18:11 - 2015-01-23 19:43 - 00003072 ___SH C:\Users\Cookie\Thumbs.db
2015-07-17 08:54 - 2014-01-31 08:38 - 00000000 ____D C:\ProgramData\Oracle
2015-07-17 08:49 - 2014-08-22 19:58 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-17 08:48 - 2014-08-22 19:59 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-16 13:49 - 2013-09-29 08:57 - 00000000 ____D C:\Users\Cookie\AppData\Local\Procaster
2015-07-16 09:06 - 2014-01-30 18:10 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-15 18:57 - 2013-07-13 19:59 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1ce802d6eb99993
2015-07-15 18:57 - 2013-01-01 09:35 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 10:58 - 2015-04-08 10:19 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2015-07-15 10:58 - 2015-04-08 10:19 - 00001997 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2015-07-15 10:51 - 2014-12-27 07:28 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-14 09:15 - 2013-02-16 20:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-13 20:34 - 2014-04-11 14:47 - 00001027 _____ C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk
2015-07-13 20:34 - 2014-04-11 14:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LINE
2015-07-08 15:17 - 2013-01-01 09:22 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2015-07-04 10:02 - 2012-08-14 16:20 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-07-04 10:01 - 2015-06-18 12:04 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
 
==================== Files in the root of some directories =======
 
2013-04-15 12:17 - 2013-07-14 21:53 - 0000132 _____ () C:\Users\Cookie\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-07-13 21:43 - 2013-07-13 22:07 - 0001661 _____ () C:\Users\Cookie\AppData\Roaming\net.telestream.producer.xml
2012-05-15 22:10 - 2014-03-17 18:47 - 0001456 _____ () C:\Users\Cookie\AppData\Local\Adobe Save for Web 12.0 Prefs
2014-01-24 03:44 - 2015-08-01 21:09 - 0001456 _____ () C:\Users\Cookie\AppData\Local\Adobe Save for Web 13.0 Prefs
2013-03-10 19:42 - 2013-03-10 19:42 - 0000774 _____ () C:\Users\Cookie\AppData\Local\recently-used.xbel
2015-07-08 02:08 - 2015-07-08 02:08 - 0253196 _____ () C:\Users\Cookie\AppData\Local\Tempdivx4049
2015-07-28 19:44 - 2015-07-28 19:44 - 0043494 _____ () C:\Users\Cookie\AppData\Local\Tempdivxcfc1
2015-06-21 21:45 - 2015-06-21 21:45 - 0000003 _____ () C:\Users\Cookie\AppData\Local\updater.log
2015-06-21 21:45 - 2015-06-21 21:45 - 0000424 _____ () C:\Users\Cookie\AppData\Local\UserProducts.xml
2013-01-17 20:02 - 2013-01-17 20:02 - 0000057 _____ () C:\ProgramData\Ament.ini
1999-07-06 19:00 - 1999-07-06 19:00 - 0000006 __RSH () C:\ProgramData\F2BDD61C-7F20-44BD-A1DB-F510E492AB22
2012-11-19 15:02 - 2013-05-30 13:35 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2012-05-09 18:04 - 2012-05-09 18:04 - 0000226 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
 
Some files in TEMP:
====================
C:\Users\Cookie\AppData\Local\Temp\Quarantine.exe
C:\Users\Cookie\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-07-24 09:40
 
==================== End of log ============================


#10 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,163 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:07:43 PM

Posted 05 August 2015 - 06:35 AM

Hi waifi.

 

We need to run a fix with FRST:

  • Please download the attached fixlist.txt file and save it to the same location as FRST
    Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
    [attachment=168369:fixlist.txt]
  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply

==========

 

After the fix has been completed, please create a new FRST log for me.

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#11 waifi

waifi
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:43 AM

Posted 05 August 2015 - 09:04 AM

Fixlog.txt

 

Fix result of Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
Ran by Cookie (2015-08-05 08:38:44) Run:1
Running from C:\Users\Cookie\Desktop
Loaded Profiles: Cookie (Available Profiles: Cookie)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\...\Run: [SaferBrowserIsDefault] => "C:\Program Files (x86)\Safer Technologies\Safer Browser\Application\SaferBrowserProtector.exe" --force-protect
CHR HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR Extension: (Avast SafePrice) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-01-26]
CHR Extension: (Avast SafePrice) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-01-26]
CHR Extension: (Avast SafePrice) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-02-22]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mnmkabhkheikmcfieenfbfhikpigjldi] - C:\Users\Cookie\AppData\Local\Social Anywhere\Chrome\Social Anywhere.crx [Not Found]
EmptyTemp:
*****************
 
Processes closed successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\Software\Microsoft\Windows\CurrentVersion\Run\\SaferBrowserIsDefault => value removed successfully
"HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\SOFTWARE\Policies\Google" => key removed successfully
C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => moved successfully.
C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => moved successfully.
C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mnmkabhkheikmcfieenfbfhikpigjldi" => key removed successfully
EmptyTemp: => 3 GB temporary data Removed.
 
 
The system needed a reboot.. 
 
==== End of Fixlog 08:45:35 ====

 

--

 

FRST.txt

 
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
Ran by Cookie (administrator) on PRIMROSE (05-08-2015 08:54:10)
Running from C:\Users\Cookie\Desktop
Loaded Profiles: Cookie (Available Profiles: Cookie)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NETGEAR) C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Users\Cookie\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Spotify Ltd) C:\Users\Cookie\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe
(Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2011-12-05] (Alps Electric Co., Ltd.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-07-22] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-30] (AVAST Software)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-07-23] (Adobe Systems Incorporated)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53753984 2015-07-18] (Skype Technologies S.A.)
HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [876728 2015-07-03] (Adobe Systems Incorporated)
HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\...\Run: [Spotify Web Helper] => C:\Users\Cookie\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017848 2015-07-24] (Spotify Ltd)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-07-22] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-30] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [MOBK] -> {3c3f3c1a-9153-7c05-f938-622e7003894d} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll [2010-04-13] (McAfee, Inc.)
ShellIconOverlayIdentifiers: [MOBK2] -> {e6ea1d7d-144e-b977-98c4-84c53c1a69d0} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll [2010-04-13] (McAfee, Inc.)
ShellIconOverlayIdentifiers: [MOBK3] -> {b4caf489-1eec-c617-49ad-8d7088598c06} => C:\Program Files (x86)\McAfee Online Backup\MOBKshell.dll [2010-04-13] (McAfee, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\Software\Microsoft\Internet Explorer\Main,Start Page = https://bing.com/
HKU\S-1-5-21-1094553120-1280462464-1800685640-1005\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1094553120-1280462464-1800685640-1005 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1094553120-1280462464-1800685640-1005 -> {6D6F304F-AF28-406D-B745-9785E8E5147E} URL = https://search.yahoo.com/search?fr=mcafee&type=A010US0&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-1094553120-1280462464-1800685640-1005 -> {C34B8A7A-C0EF-47D0-B685-6959EBDEDB20} URL = http://www.bing.com/search?q={searchTerms}&form=OSDSRC
SearchScopes: HKU\S-1-5-21-1094553120-1280462464-1800685640-1005 -> {CB2E59E2-2B90-4798-A629-320BB47F5B07} URL = 
BHO: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} ->  No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-30] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
BHO-x32: No Name -> {3049C3E9-B461-4BC5-8870-4C09146192CA} ->  No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2012-08-16] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-17] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-30] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-17] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1094553120-1280462464-1800685640-1005 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-1094553120-1280462464-1800685640-1005 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-07-03] (Adobe Systems Incorporated)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{166D7C5D-6325-43D4-AAE3-35E05BB0AB20}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{D947AE83-A299-498B-838E-A676D44E6EBC}: [DhcpNameServer] 172.26.38.1 172.26.38.2
 
FireFox:
========
FF ProfilePath: C:\Users\Cookie\AppData\Roaming\Mozilla\Firefox\Profiles\jzjr3rq3.default-1395267277049
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.1 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-23] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-05-14] (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.8.22 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2014-04-12] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.8 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2014-03-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.8 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-03-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.8 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2014-03-15] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.8.22 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-04-12] (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.6 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.1 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-23] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin HKU\S-1-5-21-1094553120-1280462464-1800685640-1005: @citrixonline.com/appdetectorplugin -> C:\Users\Cookie\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2013-11-06] (Citrix Online)
FF Plugin HKU\S-1-5-21-1094553120-1280462464-1800685640-1005: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Cookie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-05-11] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1094553120-1280462464-1800685640-1005: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2014-04-12] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-07-04] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2014-04-12] (RealPlayer Cloud)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2013-10-27]
FF Extension: Flash Video Downloader - YouTube HD Downloader [4K] - C:\Users\Cookie\AppData\Roaming\Mozilla\Firefox\Profiles\jzjr3rq3.default-1395267277049\Extensions\artur.dubovoy@gmail.com [2015-07-10]
FF Extension: Page Source - C:\Users\Cookie\AppData\Roaming\Mozilla\Firefox\Profiles\jzjr3rq3.default-1395267277049\Extensions\{12ca4747-8b0c-4010-8a96-3c310b50b89b} [2015-07-10]
FF Extension: Adblock Plus - C:\Users\Cookie\AppData\Roaming\Mozilla\Firefox\Profiles\jzjr3rq3.default-1395267277049\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-26]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-23]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-03-23]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-04-12]
FF HKLM-x32\...\Firefox\Extensions: [{0FAA5C82-A094-4541-8811-D3361F972A81}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-20]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2015-04-08]
 
Chrome: 
=======
CHR Profile: C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-02]
CHR Extension: (BIODIGITAL HUMAN) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak [2015-04-15]
CHR Extension: (Duolingo on the Web) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2015-04-15]
CHR Extension: (Google Docs) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-02]
CHR Extension: (Google Drive) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-15]
CHR Extension: (2draw.net) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcbkcbpbaolcoekgamlnbfalkagjpooi [2015-04-15]
CHR Extension: (YouTube) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-15]
CHR Extension: (Adblock Plus) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-15]
CHR Extension: (Add to Amazon Wish List) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2015-07-22]
CHR Extension: (Google Search) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-15]
CHR Extension: (Gmail Offline) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2015-04-15]
CHR Extension: (Google Calendar) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-04-15]
CHR Extension: (Google Sheets) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-02]
CHR Extension: (XKit) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2015-04-15]
CHR Extension: (AdBlock) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-04-15]
CHR Extension: (SwagButton) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngocbkfmikdgphklgmmehbjjlfgdemm [2015-07-31]
CHR Extension: (Avast Online Security) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-20]
CHR Extension: (Little Alchemy) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2015-04-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-16]
CHR Extension: (Polyvore Clipper) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\liilchbbmdohoilfeonmdpcbhpekaiac [2015-07-28]
CHR Extension: (BetterGaia) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmgjagdflhhfjflolfalapokbplfldna [2015-04-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-06]
CHR Extension: (Gmail) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-15]
CHR Profile: C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-26]
CHR Extension: (Google Docs) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-26]
CHR Extension: (Google Drive) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-26]
CHR Extension: (YouTube) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-26]
CHR Extension: (Google Search) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-26]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-01-26]
CHR Extension: (Google Sheets) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-26]
CHR Extension: (SiteAdvisor) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-01-26]
CHR Extension: (Bookmark Manager) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16]
CHR Extension: (Avast Online Security) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-26]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-05]
CHR Extension: (Social Anywhere) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mnmkabhkheikmcfieenfbfhikpigjldi [2015-01-26]
CHR Extension: (Google Wallet) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-26]
CHR Extension: (Gmail) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-26]
CHR Profile: C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-26]
CHR Extension: (Google Docs) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-26]
CHR Extension: (Google Drive) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-26]
CHR Extension: (YouTube) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-26]
CHR Extension: (Google Search) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-26]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-01-26]
CHR Extension: (Google Sheets) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-26]
CHR Extension: (Avast Online Security) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-01-26]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-05]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-26]
CHR Extension: (Gmail) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-26]
CHR Profile: C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3
CHR Extension: (Google Slides) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-22]
CHR Extension: (Google Docs) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-22]
CHR Extension: (Google Drive) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-22]
CHR Extension: (YouTube) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-22]
CHR Extension: (Google Search) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-22]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-02-22]
CHR Extension: (Google Sheets) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-22]
CHR Extension: (Avast Online Security) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-22]
CHR Extension: (RealPlayer Downloader) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2015-02-22]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-20]
CHR Extension: (Google Wallet) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-22]
CHR Extension: (Gmail) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-22]
CHR Profile: C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4
CHR Extension: (Google Slides) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-25]
CHR Extension: (Google Docs) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-25]
CHR Extension: (Google Drive) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-25]
CHR Extension: (YouTube) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-25]
CHR Extension: (Google Search) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-25]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-03-25]
CHR Extension: (Avast SafePrice) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-03-25]
CHR Extension: (Google Sheets) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-25]
CHR Extension: (Avast Online Security) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-25]
CHR Extension: (RealPlayer Downloader) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2015-03-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25]
CHR Extension: (Google Wallet) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-25]
CHR Extension: (Gmail) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-25]
CHR Profile: C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5
CHR Extension: (Google Slides) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-25]
CHR Extension: (Google Docs) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-25]
CHR Extension: (Google Drive) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-25]
CHR Extension: (YouTube) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-25]
CHR Extension: (Google Search) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-25]
CHR Extension: (Adobe Acrobat - Create PDF) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-03-25]
CHR Extension: (Avast SafePrice) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-03-25]
CHR Extension: (Google Sheets) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-25]
CHR Extension: (Avast Online Security) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-25]
CHR Extension: (RealPlayer Downloader) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2015-03-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-25]
CHR Extension: (Gmail) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-25]
CHR Profile: C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6
CHR Extension: (Google Slides) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-25]
CHR Extension: (Google Docs) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-25]
CHR Extension: (Google Drive) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-25]
CHR Extension: (YouTube) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-25]
CHR Extension: (Google Search) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-25]
CHR Extension: (Google Sheets) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-25]
CHR Extension: (XKit) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2015-03-29]
CHR Extension: (Avast Online Security) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-25]
CHR Extension: (Google Wallet) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-25]
CHR Extension: (Gmail) - C:\Users\Cookie\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-25]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx [2014-08-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-17]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-03-15]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-30] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109008 2015-07-30] (AVAST Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation)
S4 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2361344 2011-03-29] (Realsil Microelectronics Inc.) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MOBKbackup; C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [231224 2010-04-13] (McAfee, Inc.)
R2 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2013-04-07] (NETGEAR)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation)
S4 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [53248 2012-02-09] (Digital Delivery Networks, Inc.) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-05-12] (Electronic Arts)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-03-15] ()
R2 RealPlayer Cloud Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141848 2014-04-12] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-03-20] () [File not signed]
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S4 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S4 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
S4 VUAgent; C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [1021112 2011-03-30] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [672024 2015-02-26] (Wacom Technology, Corp.)
U4 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]
S3 SwitchBoard; "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-30] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-07-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-30] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [454016 2015-07-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-30] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-07-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-30] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-07-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-30] (AVAST Software)
R3 bbcap; C:\Windows\System32\DRIVERS\bbcap.sys [4608 2013-01-09] (Windows ® Codename Longhorn DDK provider)
S3 KINONI_Wave; C:\Windows\System32\drivers\kinonivad.sys [23040 2013-02-26] (Windows ® Win 7 DDK provider)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R1 MOBKFilter; C:\Windows\System32\DRIVERS\MOBK.sys [66040 2010-04-13] (Mozy, Inc.)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-05-10] (Apple Inc.) [File not signed]
R2 NPF; C:\Windows\system32\drivers\npf.sys [35344 2013-06-13] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
S3 wacommousefilter; system32\DRIVERS\wacommousefilter.sys [X]
S3 wacomvhid; system32\DRIVERS\wacomvhid.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-03 11:07 - 2015-08-03 11:07 - 00000000 ____D C:\Users\Cookie\Desktop\FRST-OlderVersion
2015-08-02 09:51 - 2015-08-03 10:59 - 00000000 ____D C:\AdwCleaner
2015-08-02 09:49 - 2015-08-02 09:49 - 02248704 _____ C:\Users\Cookie\Desktop\AdwCleaner.exe
2015-08-01 18:44 - 2015-08-01 18:44 - 00000000 ____D C:\Users\Cookie\AppData\Roaming\WTablet
2015-07-31 11:16 - 2015-07-31 11:17 - 00061802 _____ C:\Users\Cookie\Desktop\Addition.txt
2015-07-31 11:15 - 2015-08-05 08:54 - 00044947 _____ C:\Users\Cookie\Desktop\FRST.txt
2015-07-31 11:15 - 2015-08-05 08:54 - 00000000 ____D C:\FRST
2015-07-31 11:11 - 2015-08-03 11:07 - 02169856 _____ (Farbar) C:\Users\Cookie\Desktop\FRST64.exe
2015-07-30 19:17 - 2015-07-30 19:17 - 13095136 _____ (Microsoft Corporation) C:\Users\Cookie\Downloads\Silverlight_x64.exe
2015-07-30 07:36 - 2015-07-30 07:36 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-07-30 07:35 - 2015-07-30 07:35 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-07-30 07:34 - 2015-07-30 07:34 - 00454016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-07-30 07:06 - 2015-07-30 07:06 - 00000000 __SHD C:\found.009
2015-07-28 19:44 - 2015-07-28 19:44 - 00043494 _____ C:\Users\Cookie\AppData\Local\Tempdivxcfc1
2015-07-28 19:36 - 2015-07-28 19:37 - 05477824 _____ C:\Users\Cookie\Downloads\Record54.aiff
2015-07-28 08:38 - 2015-07-28 08:38 - 00001109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-07-27 19:10 - 2015-07-27 19:10 - 00000000 __SHD C:\found.008
2015-07-24 12:36 - 2015-07-24 12:37 - 00017257 _____ C:\Users\Cookie\Downloads\default.htm
2015-07-19 07:49 - 2015-07-19 07:50 - 00065536 _____ C:\Windows\ocsetup_uninstall_OEMHelpCustomization.etl
2015-07-19 07:49 - 2015-07-19 07:50 - 00028693 _____ C:\Windows\ocsetup_cbs_uninstall_OEMHelpCustomization.txt
2015-07-18 07:43 - 2015-08-05 00:07 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-18 07:43 - 2015-07-18 07:43 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-09 09:25 - 2015-07-19 07:40 - 00000000 ____D C:\Program Files\TabletPlugins
2015-07-09 09:25 - 2015-07-19 07:40 - 00000000 ____D C:\Program Files (x86)\TabletPlugins
2015-07-09 09:25 - 2015-07-09 09:25 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom Tablet
2015-07-09 09:25 - 2014-10-25 15:52 - 00015160 _____ (Wacom Technology) C:\Windows\system32\Drivers\wacomrouterfilter.sys
2015-07-09 09:24 - 2015-07-09 09:25 - 00000000 ____D C:\Program Files\Tablet
2015-07-09 09:24 - 2015-02-26 17:16 - 02029336 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2015-07-09 09:24 - 2015-02-26 17:16 - 01990936 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wacom_Touch_Tablet.dll
2015-07-09 09:24 - 2015-02-26 17:16 - 01863960 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2015-07-09 09:24 - 2015-02-26 17:16 - 01626392 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
2015-07-09 09:24 - 2015-02-26 17:16 - 01618712 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Tablet.dll
2015-07-09 09:24 - 2015-02-26 17:16 - 01612056 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wacom_Touch_Tablet.dll
2015-07-09 09:24 - 2015-02-26 17:16 - 01497368 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2015-07-09 09:24 - 2014-10-25 15:52 - 00100664 _____ (Wacom Technology) C:\Windows\system32\Drivers\wachidrouter.sys
2015-07-09 09:10 - 2015-07-09 09:12 - 150622864 _____ C:\Users\Cookie\Downloads\WacomTablet_6.3.11-4a.exe
2015-07-08 15:29 - 2015-08-01 18:35 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-07-08 15:29 - 2015-07-18 07:44 - 00003888 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-07-08 15:29 - 2015-07-18 07:43 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-08 15:29 - 2015-07-18 07:43 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-08 02:08 - 2015-07-08 02:08 - 00253196 _____ C:\Users\Cookie\AppData\Local\Tempdivx4049
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-05 08:55 - 2012-05-14 10:09 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{546FD215-9506-4D7C-BA5B-ECD4B5012BD8}
2015-08-05 08:53 - 2012-05-14 22:25 - 00000000 ____D C:\Users\Cookie\AppData\Roaming\Skype
2015-08-05 08:52 - 2012-05-19 09:33 - 00000000 ____D C:\Users\Cookie\AppData\Local\CrashDumps
2015-08-05 08:49 - 2013-01-01 09:35 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-05 08:49 - 2009-07-13 23:51 - 00336312 _____ C:\Windows\setupact.log
2015-08-05 08:48 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-05 08:46 - 2012-05-09 18:04 - 01211833 _____ C:\Windows\WindowsUpdate.log
2015-08-05 08:45 - 2009-07-13 23:45 - 00021200 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-05 08:45 - 2009-07-13 23:45 - 00021200 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-05 08:32 - 2014-07-20 17:51 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-05 00:20 - 2012-05-15 08:29 - 00000000 ____D C:\Users\Cookie\AppData\Local\Spotify
2015-08-05 00:17 - 2012-05-15 00:11 - 00000000 ____D C:\Users\Cookie\AppData\Roaming\Spotify
2015-08-05 00:02 - 2013-07-13 19:59 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce802d6eb99993.job
2015-08-04 13:30 - 2012-05-14 15:30 - 00000000 ____D C:\Users\Cookie\AppData\Local\Adobe
2015-08-03 14:30 - 2014-04-11 14:47 - 00001027 _____ C:\ProgramData\Microsoft\Windows\Start Menu\LINE.lnk
2015-08-03 14:30 - 2014-04-11 14:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LINE
2015-08-03 10:23 - 2010-11-20 22:47 - 00932940 _____ C:\Windows\PFRO.log
2015-08-01 21:09 - 2014-01-24 03:44 - 00001456 _____ C:\Users\Cookie\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-07-31 20:18 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-31 11:12 - 2012-05-23 15:39 - 00000000 ___RD C:\Users\Cookie\Desktop\Desktop WIP
2015-07-31 10:50 - 2009-07-14 00:13 - 00778834 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-31 09:53 - 2012-05-17 08:57 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-07-31 09:53 - 2012-05-17 08:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-07-30 19:18 - 2012-05-17 08:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-07-30 07:36 - 2014-07-20 17:51 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-07-30 07:36 - 2014-07-20 17:51 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-07-30 07:36 - 2014-07-20 17:51 - 00150672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-07-30 07:36 - 2014-07-20 17:51 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-07-30 07:36 - 2014-07-20 17:51 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-07-30 07:36 - 2014-07-20 17:51 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-07-30 07:36 - 2014-07-20 17:51 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-07-30 07:35 - 2014-08-17 06:52 - 00028144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2015-07-30 07:35 - 2014-07-20 17:51 - 01048856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-07-28 19:46 - 2014-11-27 13:08 - 00003364 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1094553120-1280462464-1800685640-1005
2015-07-28 19:46 - 2014-11-27 13:08 - 00003232 _____ C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1094553120-1280462464-1800685640-1005
2015-07-28 15:10 - 2012-05-30 19:04 - 00000000 ____D C:\Users\Cookie\Documents\sai
2015-07-28 08:37 - 2012-05-09 18:46 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-28 08:29 - 2015-03-23 13:14 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-24 10:25 - 2012-05-14 22:25 - 00000000 ____D C:\ProgramData\Skype
2015-07-24 10:15 - 2015-03-23 12:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-24 09:05 - 2012-05-14 21:32 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-07-19 09:51 - 2012-05-09 18:21 - 00000000 ____D C:\Program Files\Sony
2015-07-19 07:49 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Help
2015-07-19 07:47 - 2012-05-09 18:10 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-19 07:43 - 2012-10-09 23:02 - 00000000 ____D C:\Program Files\Windows Live
2015-07-19 07:43 - 2012-05-09 19:15 - 00000000 ____D C:\Program Files (x86)\Windows Live
2015-07-19 07:36 - 2012-05-09 18:17 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-18 19:25 - 2015-05-04 10:00 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-07-18 18:48 - 2015-05-04 08:16 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-18 18:11 - 2015-01-23 19:43 - 00003072 ___SH C:\Users\Cookie\Thumbs.db
2015-07-17 08:54 - 2014-01-31 08:38 - 00000000 ____D C:\ProgramData\Oracle
2015-07-17 08:49 - 2014-08-22 19:58 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-17 08:48 - 2014-08-22 19:59 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-16 13:49 - 2013-09-29 08:57 - 00000000 ____D C:\Users\Cookie\AppData\Local\Procaster
2015-07-16 09:06 - 2014-01-30 18:10 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-15 18:57 - 2013-07-13 19:59 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1ce802d6eb99993
2015-07-15 18:57 - 2013-01-01 09:35 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 10:58 - 2015-04-08 10:19 - 00002453 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2015-07-15 10:58 - 2015-04-08 10:19 - 00001997 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2015-07-15 10:51 - 2014-12-27 07:28 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-14 09:15 - 2013-02-16 20:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-08 15:17 - 2013-01-01 09:22 - 00000000 ____D C:\Windows\SysWOW64\Adobe
 
==================== Files in the root of some directories =======
 
2013-04-15 12:17 - 2013-07-14 21:53 - 0000132 _____ () C:\Users\Cookie\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-07-13 21:43 - 2013-07-13 22:07 - 0001661 _____ () C:\Users\Cookie\AppData\Roaming\net.telestream.producer.xml
2012-05-15 22:10 - 2014-03-17 18:47 - 0001456 _____ () C:\Users\Cookie\AppData\Local\Adobe Save for Web 12.0 Prefs
2014-01-24 03:44 - 2015-08-01 21:09 - 0001456 _____ () C:\Users\Cookie\AppData\Local\Adobe Save for Web 13.0 Prefs
2013-03-10 19:42 - 2013-03-10 19:42 - 0000774 _____ () C:\Users\Cookie\AppData\Local\recently-used.xbel
2015-07-08 02:08 - 2015-07-08 02:08 - 0253196 _____ () C:\Users\Cookie\AppData\Local\Tempdivx4049
2015-07-28 19:44 - 2015-07-28 19:44 - 0043494 _____ () C:\Users\Cookie\AppData\Local\Tempdivxcfc1
2015-06-21 21:45 - 2015-06-21 21:45 - 0000003 _____ () C:\Users\Cookie\AppData\Local\updater.log
2015-06-21 21:45 - 2015-06-21 21:45 - 0000424 _____ () C:\Users\Cookie\AppData\Local\UserProducts.xml
2013-01-17 20:02 - 2013-01-17 20:02 - 0000057 _____ () C:\ProgramData\Ament.ini
1999-07-06 19:00 - 1999-07-06 19:00 - 0000006 __RSH () C:\ProgramData\F2BDD61C-7F20-44BD-A1DB-F510E492AB22
2012-11-19 15:02 - 2013-05-30 13:35 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2012-05-09 18:04 - 2012-05-09 18:04 - 0000226 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-03 20:02
 
==================== End of log ============================


#12 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,163 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:07:43 PM

Posted 06 August 2015 - 02:09 PM

Hi waifi.

 

How does your machine running? Did you get the error popup again?

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#13 waifi

waifi
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:43 AM

Posted 06 August 2015 - 02:22 PM

Hi waifi.

 

How does your machine running? Did you get the error popup again?

 

Thank you.

 

I haven't gotten it as a random popup again, but I tried to open one of the programs that I was receiving the error from, and I got it.

I am still not able to open Sims 3.

 

c3TAlfK.png

 

C9Uuvqi.png
 



#14 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,163 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:07:43 PM

Posted 08 August 2015 - 05:17 AM

Hi waifi.

 

We need to reinstall .Net Framework 4.0.

 

Please go to Control Panel > Programs and Features, then please find the programs called Microsoft .NET Framework 4 Client Profile and 

Microsoft .NET Framework 4 Extended, please uninstall both of them.

 

Then please download Microsoft .Net framework 4.0 Standalone Setup and install it by following the on-screen instructions.

 

After the installation has been done, please try your applications again, did you get the popup again?

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#15 waifi

waifi
  • Topic Starter

  • Members
  • 44 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:43 AM

Posted 08 August 2015 - 08:02 AM

So after uninstalling and then reinstalling, I tried launching the program and I got this error message:

 

BfwD6Mn.png

 

I selected debug, but nothing happened.

After the program closed itself out, I tried opening it again and all seems to be well now.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users