Hi, my computer suddenly stopped being able to download anything.
When I say it won't download anything, I mean not just browser downloads, but also application downloads, anti-virus updates.
My current anti-virus is Kaspersky Anti-Virus.
Windows 7
I've tried:
-deleting cache and cookies from chrome (main browser)
-switching to firefox
-turning on and off anti-virus
-restarting the computer
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
Ran by Cherryckjj (administrator) on CHERRYCKJJ-PC (23-09-2015 15:01:08)
Running from C:\Users\Cherryckjj\Desktop
Loaded Profiles: Cherryckjj (Available Profiles: Cherryckjj)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Affinegy, Inc.) C:\Program Files (x86)\Time Warner Cable\TWC WiFi\AffinegyService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Scarlet.Crush Productions) D:\Emulators\PS2 emu\PCSX2 1.0.0\ScpServer\bin\ScpService.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Send Anywhere\sendanywhere.exe
(Akamai Technologies, Inc.) C:\Users\Cherryckjj\AppData\Local\Akamai\netsession_win.exe
(Mega Limited) C:\Users\Cherryckjj\AppData\Local\MEGAsync\MEGAsync.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Akamai Technologies, Inc.) C:\Users\Cherryckjj\AppData\Local\Akamai\netsession_win.exe
(Affinegy, Inc.) C:\Program Files (x86)\Time Warner Cable\TWC WiFi\TrayApp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Affinegy, Inc.) C:\Program Files (x86)\Time Warner Cable\TWC WiFi\TWC WiFi.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Razer, Inc.) C:\Program Files (x86)\Razer\Core\64bit\RzOvlMon.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\ToolbarUpdater.exe
(Microsoft) C:\Windows\wnavga.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\loggingserver.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Sogou.com Inc.) C:\Program Files (x86)\SogouInput\7.7.0.6390\SogouCloud.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avpui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dfrgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590144 2015-04-22] (Razer Inc.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2567568 2015-08-16] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-07-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DigiDo] => C:\Program Files (x86)\Time Warner Cable\TWC WiFi\TrayApp.exe [1158088 2015-06-16] (Affinegy, Inc.)
HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\...\Run: [ctfmon] => C:\Windows\system32\ctfmon.exe [9728 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\...\Run: [GoogleChromeAutoLaunch_8CFDF07D37CE5E5F3B9804491D6ADF08] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [815944 2015-09-18] (Google Inc.)
HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\...\Run: [SendAnywhere] => C:\Program Files (x86)\Send Anywhere\sendanywhere.exe [4338424 2015-07-31] ()
HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Cherryckjj\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\...\MountPoints2: H - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\...\MountPoints2: {7c147bf9-ee0d-11e4-9754-d43d7e5533ee} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\...\MountPoints2: {7c147bff-ee0d-11e4-9754-d43d7e5533ee} - H:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\...\MountPoints2: {7c147e91-ee0d-11e4-9754-d43d7e5533ee} - H:\HTC_Sync_Manager_PC.exe
AppInit_DLLs-x32: C:\PROGRA~3\{0856E~1\1172~1.1\sefe.dll => No File
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Cherryckjj\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Cherryckjj\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Cherryckjj\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Cherryckjj\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Cherryckjj\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Cherryckjj\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] ()
Startup: C:\Users\Cherryckjj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2015-09-20]
ShortcutTarget: MEGAsync.lnk -> C:\Users\Cherryckjj\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
AutoConfigURL: [HKLM-x32] => file://C:\Windows\system32\Drivers\winpacket.pac
AutoConfigURL: [S-1-5-19] => file://C:\Windows\system32\Drivers\winpacket.pac
AutoConfigURL: [S-1-5-20] => file://C:\Windows\system32\Drivers\winpacket.pac
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{05BD9E34-F03B-47C1-9DC2-6FEC0944002F}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{60A7FF7D-47BC-41E8-8811-75334F76CFC6}: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{688D561C-113E-4669-A1F9-BDC37D44C1EB}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com?cid={3A1A2A65-EC57-4A84-97F9-7D1A245F9877}&mid=59f70ab6364747cd9dc4057438b1da1d-552b5f342637007c4dea6ceb503561ea649e57c8&lang=en&ds=px011&coid=avgtbdispx&cmpid=0615tb&pr=sa&d=2015-05-21 21:43:41&v=18.8.0.179&pid=safeguard&sg=&sap=hp
HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL =
SearchScopes: HKU\S-1-5-21-3730196113-1156908693-4138991567-1000 -> DefaultScope {1E3E820D-4195-4FA7-9075-AA5DB659CB8E} URL = hxxp://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_ir_15_21&cd=2XzuyEtN2Y1L1Qzu0DyEtA0DyB0EyDyDtAtA0E0E0E0DtDyEtN0D0Tzu0StCtBtAyCtN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtAtAzztA0FyC0AtGzzzzyEzztGtA0FyEyEtGzytDzzyCtGyE0FtAtB0FtDzzzztAzzzy0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtD0C0E0F0CyB0EtGtDyBzzzztGyEtCyEtBtGzytCtCzytGzzyCtDyB0FtC0DyDyEyEtD0F2QtN0A0LzuyE&cr=673646921&ir=
SearchScopes: HKU\S-1-5-21-3730196113-1156908693-4138991567-1000 -> {1E3E820D-4195-4FA7-9075-AA5DB659CB8E} URL = hxxp://www.dregol.com/results.php?f=4&q={searchTerms}&a=drg_ir_15_21&cd=2XzuyEtN2Y1L1Qzu0DyEtA0DyB0EyDyDtAtA0E0E0E0DtDyEtN0D0Tzu0StCtBtAyCtN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtAtAzztA0FyC0AtGzzzzyEzztGtA0FyEyEtGzytDzzyCtGyE0FtAtB0FtDzzzztAzzzy0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtD0C0E0F0CyB0EtGtDyBzzzztGyEtCyEtBtGzytCtCzytGzzyCtDyB0FtC0DyDyEyEtD0F2QtN0A0LzuyE&cr=673646921&ir=
SearchScopes: HKU\S-1-5-21-3730196113-1156908693-4138991567-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={3A1A2A65-EC57-4A84-97F9-7D1A245F9877}&mid=59f70ab6364747cd9dc4057438b1da1d-552b5f342637007c4dea6ceb503561ea649e57c8&lang=en&ds=px011&coid=avgtbdispx&cmpid=0615tb&pr=sa&d=2015-05-21 21:43:41&v=18.6.0.922&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3730196113-1156908693-4138991567-1000 -> {c9ab6446-7efc-47fe-966c-dc54324eff9f} URL = hxxps://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=903578&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\x64\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {4A66AD60-A03D-4D01-86F0-5F0F7C0EF1AD} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Glass Bottle -> {88803a01-4125-443b-b869-4062a160ceea} -> C:\Program Files (x86)\Glass Bottle\Extensions\88803a01-4125-443b-b869-4062a160ceea.dll No File
BHO-x32: Content Blocker Plugin -> {93BC2EA7-2F17-4729-948A-D2E03FFB2412} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Safe Money Plugin -> {AB379017-4C03-4E00-8EDF-E6D6AF7CCF82} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\IEExt\ie_plugin.dll [2014-12-23] (Kaspersky Lab ZAO)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.8.0.179\AVG SafeGuard toolbar_toolbar.dll [2015-08-16] (AVG Secure Search)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.8.0\ViProtocol.dll [2015-08-16] (AVG Secure Search)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Cherryckjj\AppData\Roaming\Mozilla\Firefox\Profiles\agosy1rz.default
FF NewTab: hxxp://searchinterneat-a.akamaihd.net/t?eq=U0EeFFhaR1oWHAEVeVhaBQFBDFFCcF8VVQ1FQxhBdQwPTABHFFQSeQsOBVpDRRNBNARaB0tXUUEeGGlxR1dMZllCM0p6Dk0FTVA=
FF DefaultSearchEngine: Yahoo!
FF DefaultSearchEngine.US: Default
FF SelectedSearchEngine: Yahoo!
FF Homepage: hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggXdgBZA11JERhHIQleTA1FFVcOIgwNVhRIFwBCcQAKV10SE1EFIk0FA18DB0VXfWFoKB8fHHJPIUpLI1YFVVlG
FF Keyword.URL: hxxps://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=903578&p=
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-21] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-21] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.8.0\\npsitesafety.dll [No File]
FF Plugin-x32: @kaspersky.com/content_blocker_663BE84DBCC949E88C7600F63CA7F098 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\
[email protected] [2015-04-28] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_07402848C2F6470194F131B0F3DE025E -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\
[email protected] [2015-04-28] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [2015-09-20] (Nexon)
FF Plugin-x32: @qq.com/TXSSO -> C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.94\Bin\npSSOAxCtrlForPTLogin.dll [2013-01-24] (Tencent)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin HKU\S-1-5-21-3730196113-1156908693-4138991567-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Cherryckjj\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Cherryckjj\AppData\Roaming\Mozilla\Firefox\Profiles\agosy1rz.default\user.js [2015-05-21]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF SearchPlugin: C:\Users\Cherryckjj\AppData\Roaming\Mozilla\Firefox\Profiles\agosy1rz.default\searchplugins\avg-secure-search.xml [2015-08-28]
FF SearchPlugin: C:\Users\Cherryckjj\AppData\Roaming\Mozilla\Firefox\Profiles\agosy1rz.default\searchplugins\default.xml [2015-09-17]
FF SearchPlugin: C:\Users\Cherryckjj\AppData\Roaming\Mozilla\Firefox\Profiles\agosy1rz.default\searchplugins\dregol.xml [2015-05-21]
FF SearchPlugin: C:\Users\Cherryckjj\AppData\Roaming\Mozilla\Firefox\Profiles\agosy1rz.default\searchplugins\yahoo_ff.xml [2015-06-22]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml [2015-08-16]
FF Extension: AVG SafeGuard toolbar - C:\Users\Cherryckjj\AppData\Roaming\Mozilla\Firefox\Profiles\agosy1rz.default\Extensions\avg@toolbar [2015-05-21]
FF Extension: Firefox Security Update - C:\Users\Cherryckjj\AppData\Roaming\Mozilla\Firefox\Profiles\agosy1rz.default\Extensions\
[email protected] [2015-03-12]
FF Extension: AdBlock for YouTube™ - C:\Users\Cherryckjj\AppData\Roaming\Mozilla\Firefox\Profiles\agosy1rz.default\Extensions\
[email protected] [2015-04-28]
FF Extension: Dealz - C:\Users\Cherryckjj\AppData\Roaming\Mozilla\Firefox\Profiles\agosy1rz.default\Extensions\
[email protected] [2015-02-23]
FF Extension: Glass Bottle - C:\Users\Cherryckjj\AppData\Roaming\Mozilla\Firefox\Profiles\agosy1rz.default\Extensions\{ff3f1ffa-691d-45c1-8847-4f0666b522a5}.xpi [2015-05-21]
FF Extension: Firefox Security Update - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\
[email protected] [2015-08-28]
FF Extension: Dealz - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\
[email protected] [2015-08-28]
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\
[email protected] [2015-04-28]
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\FFExt\
[email protected] [2015-04-28]
Chrome:
=======
CHR HomePage: Default -> hxxp://search.conduit.com/?gd=&ctid=CT3324862&octid=EB_ORIGINAL_CTID&ISID=ME9E519D6-7ADB-4153-B697-1398B95785B1&SearchSource=55&CUI=&UM=5&UP=SPF204639E-FAB2-4C1D-B260-5B0F7D2AF554&SSPV=
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?gd=&ctid=CT3324862&octid=EB_ORIGINAL_CTID&ISID=ME9E519D6-7ADB-4153-B697-1398B95785B1&SearchSource=55&CUI=&UM=5&UP=SPF204639E-FAB2-4C1D-B260-5B0F7D2AF554&SSPV=","hxxp://www.dregol.com/?f=7&a=drg_ir_15_21&cd=2XzuyEtN2Y1L1Qzu0DyEtA0DyB0EyDyDtAtA0E0E0E0DtDyEtN0D0Tzu0StCtBtAyCtN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyCtAtAzztA0FyC0AtGzzzzyEzztGtA0FyEyEtGzytDzzyCtGyE0FtAtB0FtDzzzztAzzzy0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyBtD0C0E0F0CyB0EtGtDyBzzzztGyEtCyEtBtGzytCtCzytGzzyCtDyB0FtC0DyDyEyEtD0F2QtN0A0LzuyE&cr=673646921&ir="
CHR Profile: C:\Users\Cherryckjj\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\Cherryckjj\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-28]
CHR Extension: (Google Search) - C:\Users\Cherryckjj\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-28]
CHR Extension: (Kaspersky Protection) - C:\Users\Cherryckjj\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-04-28]
CHR Extension: (AdBlock) - C:\Users\Cherryckjj\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-04-28]
CHR Extension: (MS Updater) - C:\Users\Cherryckjj\AppData\Local\Google\Chrome\User Data\Default\Extensions\iadddcofhgaeeniecnhpopipbhijnphj [2015-05-29]
CHR Extension: (Arcane Legends) - C:\Users\Cherryckjj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibmlkgieigeddcedpbijnpojheoddido [2015-04-28]
CHR Extension: (EverSave) - C:\Users\Cherryckjj\AppData\Local\Google\Chrome\User Data\Default\Extensions\jddmfogomafbmjkfcpfpnjfgecnjffng [2015-06-12]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Cherryckjj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-28]
CHR Extension: (Furniture Guru) - C:\Users\Cherryckjj\AppData\Local\Google\Chrome\User Data\Default\Extensions\lopcjmbilgeapfldddijpgpahphngjdk [2015-09-01]
CHR Extension: (AVG Secure Search) - C:\Users\Cherryckjj\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2015-04-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cherryckjj\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-28]
CHR Extension: (Gmail) - C:\Users\Cherryckjj\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-28]
CHR HKLM\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [akhdblbjebmbllhinponghfmaekhlhob] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bghejdcdajlenjngcknlkkoakmmjfanb] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cckdoammdligdedbakcgnmegjljgipjb] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [clmghkfhfkcfhpccgbafbailibgogkbi] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [eajjckckolcbgmmenaiiigegbadpeghb] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [eoepodkgpakekgncgnfnijcippobokhp] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [iadddcofhgaeeniecnhpopipbhijnphj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [iedokolghlgkcnafplkbjeokfamliokd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jddmfogomafbmjkfcpfpnjfgecnjffng] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kpmccjcnkhkgcipodalpmbpighkgiaif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lopcjmbilgeapfldddijpgpahphngjdk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mhgliccaogcekoldfmachhehepjdfobj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nfkbfmjkmioenefhjdonleflegoephgm] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pedogdjgmjlabbbdhokgdafpglnjinhc] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [akhdblbjebmbllhinponghfmaekhlhob] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bghejdcdajlenjngcknlkkoakmmjfanb] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cckdoammdligdedbakcgnmegjljgipjb] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [clmghkfhfkcfhpccgbafbailibgogkbi] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eajjckckolcbgmmenaiiigegbadpeghb] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eoepodkgpakekgncgnfnijcippobokhp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iadddcofhgaeeniecnhpopipbhijnphj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iedokolghlgkcnafplkbjeokfamliokd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ihokndmjeombjojnfkmapfnjeghjohim] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [jddmfogomafbmjkfcpfpnjfgecnjffng] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [kpmccjcnkhkgcipodalpmbpighkgiaif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lopcjmbilgeapfldddijpgpahphngjdk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mhgliccaogcekoldfmachhehepjdfobj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nfkbfmjkmioenefhjdonleflegoephgm] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pedogdjgmjlabbbdhokgdafpglnjinhc] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AffinegyService; C:\Program Files (x86)\Time Warner Cable\TWC WiFi\AffinegyService.exe [592840 2015-06-16] (Affinegy, Inc.)
R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-07-15] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVP15.0.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\avp.exe [194000 2015-06-23] (Kaspersky Lab ZAO)
R2 Ds3Service; D:\Emulators\PS2 emu\PCSX2 1.0.0\ScpServer\bin\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [File not signed]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-07-14] (Razer Inc.)
R2 RzOvlMon; C:\Program Files (x86)\Razer\Core\64bit\rzovlmon.exe [32960 2014-04-18] (Razer, Inc.)
S3 SogouUpdate; C:\Program Files (x86)\SogouInput\7.7.0.6390\SogouUpdate.exe [369256 2015-08-03] (Sogou.com Inc.)
R2 vToolbarUpdater18.8.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\ToolbarUpdater.exe [1861520 2015-08-16] (AVG Secure Search)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 WinGraph; C:\Windows\wnavga.exe [8192 2015-04-23] (Microsoft) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R3 BrSerIf; C:\Windows\System32\DRIVERS\BrSerIf.sys [97280 2006-12-12] (Brother Industries Ltd.)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [247016 2015-06-23] (Kaspersky Lab UK Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-23] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [64368 2015-06-23] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [159960 2015-06-23] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [225976 2015-06-30] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [850608 2015-06-23] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39280 2015-06-23] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [40304 2015-06-23] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [39280 2015-06-23] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [24944 2015-06-23] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-23] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [85360 2015-06-23] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [190648 2015-06-23] (Kaspersky Lab ZAO)
S3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-04-18] (Razer, Inc.)
S1 RzFilter; C:\Windows\system32\drivers\RzFilter.sys [74432 2014-04-18] (Razer, Inc.)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2015-03-03] (Razer, Inc.)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
S3 TesSafe; C:\Windows\system32\TesSafe.sys [989272 2015-06-13] (TENCENT)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-23 15:01 - 2015-09-23 15:01 - 00032768 _____ C:\Users\Cherryckjj\Desktop\FRST.txt
2015-09-23 15:00 - 2015-09-23 15:01 - 00000000 ____D C:\FRST
2015-09-23 15:00 - 2015-09-23 14:59 - 02192384 _____ (Farbar) C:\Users\Cherryckjj\Desktop\FRST64.exe
2015-09-20 15:44 - 2015-09-20 15:44 - 00000198 _____ C:\Users\Public\Desktop\MapleStory.url
2015-09-20 15:44 - 2015-09-20 15:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexon
2015-09-20 14:34 - 2015-09-20 14:34 - 00009886 _____ C:\Users\Cherryckjj\Desktop\snapples.bsproj
2015-09-20 12:59 - 2015-09-20 12:59 - 00000000 ___RD C:\Users\Cherryckjj\Documents\MEGAsync
2015-09-20 12:59 - 2015-09-20 12:59 - 00000000 ____D C:\Users\Cherryckjj\Documents\MEGA
2015-09-20 12:57 - 2015-09-20 12:57 - 00001084 _____ C:\Users\Cherryckjj\Desktop\MEGAsync.lnk
2015-09-20 12:57 - 2015-09-20 12:57 - 00000000 ____D C:\Users\Cherryckjj\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync
2015-09-20 12:57 - 2015-09-20 12:57 - 00000000 ____D C:\Users\Cherryckjj\AppData\Local\MEGAsync
2015-09-20 12:57 - 2015-09-20 12:57 - 00000000 ____D C:\Users\Cherryckjj\AppData\Local\Mega Limited
2015-09-07 16:11 - 2015-09-21 16:53 - 00000000 ____D C:\Users\Cherryckjj\Desktop\For Annie
2015-08-28 20:33 - 2015-09-21 16:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-28 20:31 - 2015-08-28 20:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-28 20:31 - 2015-08-28 20:31 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-28 20:31 - 2015-08-28 20:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-26 15:21 - 2015-08-26 15:21 - 00001166 _____ C:\Users\Public\Desktop\TWC WiFi.lnk
2015-08-26 15:21 - 2015-08-26 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Time Warner Cable
2015-08-26 15:21 - 2015-08-26 15:21 - 00000000 ____D C:\ProgramData\Apple
2015-08-26 15:21 - 2015-08-26 15:21 - 00000000 ____D C:\Program Files\Bonjour
2015-08-26 15:21 - 2015-08-26 15:21 - 00000000 ____D C:\Program Files (x86)\Time Warner Cable
2015-08-26 15:21 - 2015-08-26 15:21 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-08-26 15:20 - 2015-08-26 15:21 - 00000000 ____D C:\ProgramData\Affinegy
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-23 15:00 - 2009-07-13 21:51 - 00052014 _____ C:\Windows\setupact.log
2015-09-23 14:43 - 2015-04-28 21:12 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-23 14:39 - 2015-04-28 19:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-09-23 14:18 - 2015-04-28 15:32 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-23 13:43 - 2015-04-28 21:12 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-23 13:06 - 2015-06-14 01:06 - 00000356 _____ C:\Windows\Tasks\Bidaily Synchronize Task[973b].job
2015-09-23 10:40 - 2009-07-13 21:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-23 10:40 - 2009-07-13 21:45 - 00022064 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-23 10:37 - 2015-06-10 14:50 - 00000000 ____D C:\Program Files (x86)\Steam
2015-09-23 10:36 - 2009-07-13 22:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-23 10:34 - 2015-04-28 15:14 - 02055178 _____ C:\Windows\WindowsUpdate.log
2015-09-23 10:32 - 2015-04-28 15:46 - 00000000 ____D C:\Users\Cherryckjj\AppData\Roaming\Raptr
2015-09-23 10:31 - 2015-05-29 00:30 - 00000338 _____ C:\Windows\Tasks\Notifier PLUS.job
2015-09-23 10:31 - 2015-04-29 02:41 - 00000000 ____D C:\Users\Cherryckjj\AppData\Local\HTC MediaHub
2015-09-23 10:31 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-21 17:18 - 2015-04-28 15:32 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-09-21 17:18 - 2015-04-28 15:32 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-21 17:18 - 2015-04-28 15:32 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-09-21 16:57 - 2015-04-28 15:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-09-21 16:57 - 2010-11-20 20:47 - 00205874 _____ C:\Windows\PFRO.log
2015-09-21 16:57 - 2009-07-13 21:45 - 00448880 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-21 16:40 - 2015-04-28 21:13 - 00002227 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-09-20 15:44 - 2015-06-25 18:55 - 00000000 ____D C:\ProgramData\NexonUS
2015-09-20 12:57 - 2009-07-13 22:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-09-16 18:39 - 2015-08-05 22:35 - 00533522 _____ C:\Users\Cherryckjj\Desktop\2.jpeg
2015-09-16 18:38 - 2015-06-18 01:07 - 00194610 _____ C:\Users\Cherryckjj\Desktop\1.jpeg
2015-09-15 13:38 - 2015-04-28 21:12 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-15 13:38 - 2015-04-28 21:12 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-13 02:27 - 2015-04-28 21:12 - 00000000 ____D C:\Users\Cherryckjj\AppData\Local\Google
2015-09-09 22:03 - 2015-04-28 15:49 - 00115880 _____ C:\Users\Cherryckjj\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-09 13:45 - 2015-06-20 02:40 - 00000000 ____D C:\Users\Cherryckjj\AppData\Roaming\vlc
2015-09-06 17:41 - 2009-07-13 22:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-09-04 10:39 - 2015-08-18 19:23 - 00000000 ____D C:\Users\Cherryckjj\AppData\Roaming\cobra
2015-09-04 10:25 - 2015-08-18 20:28 - 00000000 ____D C:\Program Files (x86)\CABAL2 (US)
2015-08-28 20:27 - 2015-05-29 00:32 - 00000258 __RSH C:\Users\Cherryckjj\ntuser.pol
2015-08-28 20:27 - 2015-04-28 15:14 - 00000000 ____D C:\Users\Cherryckjj
2015-08-26 15:20 - 2009-07-13 20:20 - 00000000 __RHD C:\Users\Public\Libraries
==================== Files in the root of some directories =======
2015-06-25 16:30 - 2015-04-26 16:30 - 0000032 ____R () C:\ProgramData\hash.dat
Files to move or delete:
====================
C:\ProgramData\hash.dat
Some files in TEMP:
====================
C:\Users\Cherryckjj\AppData\Local\Temp\125db895070d6e15df8564cd6d6e5fce.dll
C:\Users\Cherryckjj\AppData\Local\Temp\130767145160001926.exe
C:\Users\Cherryckjj\AppData\Local\Temp\13076714522973591492.exe
C:\Users\Cherryckjj\AppData\Local\Temp\283f26551f31790c6cb105b3c9da4c35.dll
C:\Users\Cherryckjj\AppData\Local\Temp\31d6e07d87ca5eaf6b2447c07a6c1365.dll
C:\Users\Cherryckjj\AppData\Local\Temp\7230fefd864f35e6569012bef46d88ae.dll
C:\Users\Cherryckjj\AppData\Local\Temp\amd-catalyst-omega-14.12-with-dotnet45-win7-64bit.exe
C:\Users\Cherryckjj\AppData\Local\Temp\amd-catalyst-omega-14.12-without-dotnet45-win7-64bit.exe
C:\Users\Cherryckjj\AppData\Local\Temp\AutoDetectUtilApp.exe
C:\Users\Cherryckjj\AppData\Local\Temp\AVGTBInstall.exe
C:\Users\Cherryckjj\AppData\Local\Temp\ClientToMobilePlatform.exe
C:\Users\Cherryckjj\AppData\Local\Temp\dxwebsetup.exe
C:\Users\Cherryckjj\AppData\Local\Temp\i4jdel0.exe
C:\Users\Cherryckjj\AppData\Local\Temp\NGM.exe
C:\Users\Cherryckjj\AppData\Local\Temp\NGMDll.dll
C:\Users\Cherryckjj\AppData\Local\Temp\NGMResource.dll
C:\Users\Cherryckjj\AppData\Local\Temp\NGMSetup.exe
C:\Users\Cherryckjj\AppData\Local\Temp\oi_{1297DAB9-ED19-4245-9F4B-139F150AFF69}.exe
C:\Users\Cherryckjj\AppData\Local\Temp\ose00000.exe
C:\Users\Cherryckjj\AppData\Local\Temp\PidGenX.dll
C:\Users\Cherryckjj\AppData\Local\Temp\proxy_vole6466514807102103072.dll
C:\Users\Cherryckjj\AppData\Local\Temp\raptrpatch.exe
C:\Users\Cherryckjj\AppData\Local\Temp\raptr_stub.exe
C:\Users\Cherryckjj\AppData\Local\Temp\SeMini.exe
C:\Users\Cherryckjj\AppData\Local\Temp\tmp24FD.exe
C:\Users\Cherryckjj\AppData\Local\Temp\tmpD1BF.exe
C:\Users\Cherryckjj\AppData\Local\Temp\unicows.dll
C:\Users\Cherryckjj\AppData\Local\Temp\Upgrade.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-09-21 17:42
==================== End of FRST.txt ============================
NEXT FILE
Additional scan result of Farbar Recovery Scan Tool (x64) Version:23-09-2015
Ran by Cherryckjj (2015-09-23 15:01:33)
Running from C:\Users\Cherryckjj\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2015-04-28 22:14:42)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3730196113-1156908693-4138991567-500 - Administrator - Disabled)
Cherryckjj (S-1-5-21-3730196113-1156908693-4138991567-1000 - Administrator - Enabled) => C:\Users\Cherryckjj
Guest (S-1-5-21-3730196113-1156908693-4138991567-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3730196113-1156908693-4138991567-1006 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Anti-Virus (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
7-Zip 15.05 beta (HKLM-x32\...\7-Zip) (Version: - )
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{8DF1EF50-AEB6-902C-F68C-4683C45784E6}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.8.0.179 - AVG Technologies)
BitTorrent (HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\...\BitTorrent) (Version: 7.9.2.38398 - BitTorrent Inc.)
Bonjour (HKLM\...\{877924AA-E044-4266-B37D-E974CD799934}) (Version: 2.0.0.34 - Apple Inc.)
CABAL2 (US) (HKLM-x32\...\CABAL2US) (Version: - ESTsoft Corp.)
Dealz (HKLM-x32\...\Dealz1.0.1.17) (Version: 1.0.1.17 - Dealz Unlimited)
Dolphin x86 (HKLM-x32\...\Dolphin x86) (Version: 4.0.2 - Dolphin Development Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.99 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.46.0 - HTC)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{02FECEE0-16B2-43DB-BC3B-C844477FC142}) (Version: 15.0.2.361 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 15.0.2.361 - Kaspersky Lab) Hidden
MapleStory (HKLM-x32\...\MapleStory) (Version: - )
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version: - )
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notifier PLUS (HKLM-x32\...\Notifier PLUS) (Version: - )
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version: - )
QQÒôËÙ (HKLM-x32\...\QQÒôËÙ) (Version: - Tencent)
QQ音速 (HKLM-x32\...\QQ音速) (Version: - Tencent)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.66 - Razer Inc)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 6.0.29.0 - Razer Inc.)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.19.25502 - Razer Inc.)
Send Anywhere (HKLM-x32\...\{4C09F722-410A-481D-A488-D56FBE34334F}_is1) (Version: 1.7.31.1 - Estmob Inc.)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
TWC WiFi (HKLM-x32\...\TWC WiFi_is1) (Version: - )
Unity Web Player (HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
搜狗拼音输入法 7.7正式版 (HKLM-x32\...\Sogou Input) (Version: 7.7.0.6390 - Sogou.com)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02255D50-ED98-4FF6-A545-BD895C634A96} - System32\Tasks\{12226FBA-C92D-4DF5-BD6A-5A534A24D976} => C:\Windows\AppPatch\AppLoc.exe [2003-06-13] (Microsoft Corporation)
Task: {02605825-953C-45F4-995D-0D2E9777A514} - System32\Tasks\{0C543C73-9040-4BEA-BB0C-5D9CA7B6C0EC} => C:\Windows\AppPatch\AppLoc.exe [2003-06-13] (Microsoft Corporation)
Task: {077864CC-E4B1-4F0B-97DA-BF176D15EA7E} - System32\Tasks\{29EFD88C-DC6A-45C2-A2EE-9757D18BB653} => C:\Windows\AppPatch\AppLoc.exe [2003-06-13] (Microsoft Corporation)
Task: {0844EC19-FCE7-4842-80EF-4513F6B1F6C7} - \Winupdate -> No File <==== ATTENTION
Task: {0A4D8873-B026-4B52-95E1-CDD03714C358} - System32\Tasks\{557B3F51-6668-4E4D-AC67-57F5DA5F4A1E} => D:\QQVipDownload\QQ\QQÒôËÙ\TCLS\QQR2.exe [2014-05-09] (腾讯计算机系统有限公司)
Task: {0C54EA97-D937-47A0-8D55-7588CFF618D4} - System32\Tasks\{8B0A6A04-D10C-4456-90DB-5FA7452A57C6} => C:\Windows\AppPatch\AppLoc.exe [2003-06-13] (Microsoft Corporation)
Task: {0D1AD150-1B70-4516-8B04-071C9940F4B6} - \EssentialUpdateMachine -> No File <==== ATTENTION
Task: {0F0838BF-7B92-4863-8013-3566EC410B41} - System32\Tasks\{175FAA01-869C-4B26-9848-132635D5B5ED} => C:\Windows\AppPatch\AppLoc.exe [2003-06-13] (Microsoft Corporation)
Task: {217B25F2-A628-4A12-9238-4757E0D6D63D} - System32\Tasks\{877DC68C-7ACA-42A2-B704-B4609ABACB61} => C:\Windows\AppPatch\AppLoc.exe [2003-06-13] (Microsoft Corporation)
Task: {21AA5AC8-696A-4024-8825-355586C30501} - System32\Tasks\{D95FF425-CB64-4312-A7F1-BD3A71904C63} => C:\Windows\AppPatch\AppLoc.exe [2003-06-13] (Microsoft Corporation)
Task: {28769543-368B-4EE6-8B9F-C826938DB63B} - System32\Tasks\{CFFA864A-E136-4D99-B106-EAFBA0175675} => C:\Windows\AppPatch\AppLoc.exe [2003-06-13] (Microsoft Corporation)
Task: {3168B8E4-EDC6-436A-BD00-350A361DAD38} - System32\Tasks\{7C0CB751-5961-45EC-B9AC-6BB8E50DABFD} => C:\Windows\AppPatch\AppLoc.exe [2003-06-13] (Microsoft Corporation)
Task: {320690BA-30D5-4616-A449-BF7F2214AD3F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {32B1AC81-B0EC-4A96-9B7E-2C574981955F} - System32\Tasks\SogouImeMgr => C:\Program Files (x86)\SogouInput\SogouExe\SogouExe.exe [2015-08-04] (Sogou.com Inc.)
Task: {34AA6DE1-68C3-4273-9F0D-396DFBC77A6A} - System32\Tasks\{D694C948-E1E2-4220-A5B1-86B5FDD592F7} => C:\Windows\AppPatch\AppLoc.exe [2003-06-13] (Microsoft Corporation)
Task: {46194C48-EB87-4C55-AC89-B27B0842EB8A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-28] (Google Inc.)
Task: {5664F089-9706-4753-B1DD-447429236FA1} - System32\Tasks\{91442C58-0C83-4EB6-88A4-BD67B6DC4F9A} => D:\QQVipDownload\QQ\QQÒôËÙ\Game.exe [2015-05-26] (SEED9 Entertainment, Inc.)
Task: {586E55D1-5F92-4866-B2DE-19C9CB7060A8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-21] (Adobe Systems Incorporated)
Task: {5D12EC43-9F4A-4683-9760-2291F1858489} - System32\Tasks\{29A3A2FD-3BF6-4E67-8321-C4FF118377CC} => C:\Windows\AppPatch\AppLoc.exe [2003-06-13] (Microsoft Corporation)
Task: {61733693-0DF6-4715-BDF9-7C581F77BA5E} - System32\Tasks\{8ECED39E-C406-4991-A38E-2232305B9BED} => C:\Windows\AppPatch\AppLoc.exe [2003-06-13] (Microsoft Corporation)
Task: {687818CE-FE3D-4891-9C62-CEDE082FC6BE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-28] (Google Inc.)
Task: {6AFE706B-8778-4430-84D4-238C750B9BFD} - System32\Tasks\{DAE58603-B59A-424D-93A4-655B6D025349} => C:\Windows\AppPatch\AppLoc.exe [2003-06-13] (Microsoft Corporation)
Task: {71FBBA62-520D-4D26-9D98-609B9344945F} - System32\Tasks\{474A73C0-73D7-4C42-BD40-C3E8E67F73AC} => C:\Windows\AppPatch\AppLoc.exe [2003-06-13] (Microsoft Corporation)
Task: {732AF96C-7F3D-421F-A26C-4B79CEE01DE6} - \AutoKMS -> No File <==== ATTENTION
Task: {81216727-626E-41CE-B850-AD95FF89563B} - System32\Tasks\{D0A3E7E9-F6DE-4F54-95F2-A4FF9159982A} => C:\Windows\AppPatch\AppLoc.exe [2003-06-13] (Microsoft Corporation)
Task: {8F481DBD-7642-425D-BE03-C89100ECABE2} - System32\Tasks\{AD6FCACC-20DD-4ED9-9DA5-22868992047E} => C:\Windows\AppPatch\AppLoc.exe [2003-06-13] (Microsoft Corporation)
Task: {92EB5E1A-CCE7-4403-9F5D-0A6E597E17ED} - System32\Tasks\Notifier PLUS => C:\Program Files (x86)\Notifier PLUS\notifier_plus_service.exe [2015-05-29] (Notifier PLUS)
Task: {9A57CE29-4C0D-4BEA-B2F3-3D2060E95320} - System32\Tasks\{64FDADD0-9A4E-472B-92FC-AE5B035A4020} => C:\Windows\AppPatch\AppLoc.exe [2003-06-13] (Microsoft Corporation)
Task: {B0F8D5AD-B308-4626-B923-77A7938F1C1B} - System32\Tasks\{12853EF0-803B-41CC-9B72-697A34D0BF63} => C:\Windows\AppPatch\AppLoc.exe [2003-06-13] (Microsoft Corporation)
Task: {B7651692-D04D-48AC-ACF6-C9DC0AEC2F9E} - \Bidaily Synchronize Task[973b] -> No File <==== ATTENTION
Task: {B7808FA0-BE0F-4F94-BB93-8ED1B4400F99} - System32\Tasks\{C9966ED8-415E-499D-8428-2783B169B8F3} => C:\Windows\AppPatch\AppLoc.exe [2003-06-13] (Microsoft Corporation)
Task: {C350D82E-4052-43CA-9AA4-BD03E041D033} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {C7898FD2-06D4-4411-B7EC-B7D7181AE5F4} - System32\Tasks\{9A7D3B32-4382-409A-B816-1FDD5A4FABE3} => C:\Windows\AppPatch\AppLoc.exe [2003-06-13] (Microsoft Corporation)
Task: {CF3B2DB8-691A-4753-8082-D9081C911558} - System32\Tasks\{485F472E-E86F-486F-B048-C869D3E547F8} => C:\Windows\AppPatch\AppLoc.exe [2003-06-13] (Microsoft Corporation)
Task: {D1F33C6C-4929-40A2-BC03-471F9408B900} - System32\Tasks\{6C76A297-DBE5-4350-9230-48EA6A05B9E4} => D:\QQVipDownload\QQ音速\QQR2.exe
Task: {D9DF6D82-2A6A-4969-8ECD-EBBD494C462C} - System32\Tasks\{1B7862C0-2664-4873-93C9-70A32FA76779} => C:\Windows\AppPatch\AppLoc.exe [2003-06-13] (Microsoft Corporation)
Task: {E7A75F28-4682-4CF5-BDFB-985E1BD2DAC2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {EDBEF1C6-D425-4509-B929-1BB856E91B56} - System32\Tasks\{F3C59E65-DBAA-47B6-AA3E-540B2750EDE5} => C:\Windows\AppPatch\AppLoc.exe [2003-06-13] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Bidaily Synchronize Task[973b].job => c:\programdata\{cde102b9-c176-6a7a-cde1-102b9c170ae7}\rhythm_heaven_us.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Notifier PLUS.job => C:\Program Files (x86)\Notifier PLUS\notifier_plus_service.exe
==================== Loaded Modules (Whitelisted) ==============
2012-10-01 20:36 - 2012-10-01 20:36 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-05-01 07:13 - 2014-05-01 07:13 - 00470016 _____ () C:\Users\Cherryckjj\AppData\Local\MEGAsync\ShellExtX64.dll
2015-08-02 17:17 - 2015-07-16 11:51 - 00128512 _____ () C:\Program Files (x86)\Send Anywhere\snda_context_handler.dll
2015-07-15 21:39 - 2015-07-15 21:39 - 00214528 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Platform.dll
2015-05-16 11:38 - 2015-07-31 16:20 - 04338424 _____ () C:\Program Files (x86)\Send Anywhere\sendanywhere.exe
2015-06-10 11:14 - 2015-08-16 14:16 - 02567568 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-07-15 21:38 - 2015-07-15 21:38 - 00102400 _____ () C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2015-06-23 12:11 - 2015-06-23 12:11 - 00187048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2015-04-13 15:55 - 2015-04-13 15:55 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2015-08-16 14:16 - 2015-08-16 14:16 - 00168336 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\loggingserver.exe
2015-08-26 15:21 - 2015-06-16 14:50 - 00022984 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\AffinegyServicePS.dll
2015-05-16 11:38 - 2014-03-08 03:56 - 00117262 _____ () C:\Program Files (x86)\Send Anywhere\libgcc_s_dw2-1.dll
2015-05-16 11:38 - 2014-03-08 03:56 - 00970766 _____ () C:\Program Files (x86)\Send Anywhere\libstdc++-6.dll
2015-06-21 21:26 - 2014-01-15 17:36 - 03347428 _____ () C:\Program Files (x86)\Send Anywhere\icuin52.dll
2015-06-21 21:26 - 2014-01-15 17:36 - 01992280 _____ () C:\Program Files (x86)\Send Anywhere\icuuc52.dll
2015-06-21 21:26 - 2014-01-15 17:36 - 23544786 _____ () C:\Program Files (x86)\Send Anywhere\icudt52.dll
2015-05-16 11:39 - 2014-09-11 23:00 - 01276928 _____ () C:\Program Files (x86)\Send Anywhere\platforms\qwindows.dll
2015-05-16 11:39 - 2014-09-11 22:58 - 00033280 _____ () C:\Program Files (x86)\Send Anywhere\imageformats\qico.dll
2015-05-16 11:39 - 2014-09-11 22:58 - 00749568 _____ () C:\Program Files (x86)\Send Anywhere\sqldrivers\qsqlite.dll
2015-05-16 11:39 - 2014-09-11 23:14 - 00051200 _____ () C:\Program Files (x86)\Send Anywhere\imageformats\qdds.dll
2015-05-16 11:39 - 2014-09-11 22:58 - 00031232 _____ () C:\Program Files (x86)\Send Anywhere\imageformats\qgif.dll
2015-05-16 11:39 - 2014-09-11 23:14 - 00042496 _____ () C:\Program Files (x86)\Send Anywhere\imageformats\qicns.dll
2015-05-16 11:39 - 2014-09-11 23:15 - 00509440 _____ () C:\Program Files (x86)\Send Anywhere\imageformats\qjp2.dll
2015-05-16 11:39 - 2014-09-11 22:59 - 00242176 _____ () C:\Program Files (x86)\Send Anywhere\imageformats\qjpeg.dll
2015-05-16 11:39 - 2014-09-11 23:15 - 00363008 _____ () C:\Program Files (x86)\Send Anywhere\imageformats\qmng.dll
2015-05-16 11:39 - 2014-09-11 23:15 - 00027136 _____ () C:\Program Files (x86)\Send Anywhere\imageformats\qtga.dll
2015-05-16 11:39 - 2014-09-11 23:15 - 00423936 _____ () C:\Program Files (x86)\Send Anywhere\imageformats\qtiff.dll
2015-05-16 11:39 - 2014-09-11 23:15 - 00026112 _____ () C:\Program Files (x86)\Send Anywhere\imageformats\qwbmp.dll
2015-05-16 11:39 - 2014-09-11 23:16 - 00341504 _____ () C:\Program Files (x86)\Send Anywhere\imageformats\qwebp.dll
2015-02-02 00:52 - 2015-02-02 00:52 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
2015-08-16 14:16 - 2015-08-16 14:16 - 00528272 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\log4cplusU.dll
2015-08-26 15:21 - 2010-03-19 22:58 - 00325632 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\QtXml4.dll
2015-08-26 15:21 - 2010-03-19 22:58 - 01954304 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\QtCore4.dll
2015-08-26 15:21 - 2010-03-19 22:58 - 07187456 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\QtGui4.dll
2015-08-26 15:21 - 2010-03-19 22:58 - 00847360 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\QtNetwork4.dll
2015-08-26 15:21 - 2015-06-16 13:36 - 00309248 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\DigiDoFlavor.dll
2015-08-26 15:21 - 2014-09-08 12:34 - 00119808 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\imageformats\qjpeg4.dll
2015-09-21 16:40 - 2015-09-18 15:13 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\libglesv2.dll
2015-09-21 16:40 - 2015-09-18 15:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\libegl.dll
2015-08-26 15:21 - 2015-06-16 13:53 - 01803264 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\gateways\ArrisDG1670ALOC.dll
2015-08-26 15:21 - 2015-06-16 14:10 - 01803264 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\gateways\ArrisDG1680ALOC.dll
2015-08-26 15:21 - 2015-06-16 14:07 - 01782784 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\gateways\ArrisDG860ALOC.dll
2015-08-26 15:21 - 2015-06-16 13:54 - 01803264 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\gateways\ArrisTG1672GLOC.dll
2015-08-26 15:21 - 2015-06-16 14:09 - 01803264 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\gateways\ArrisTG1682GLOC.dll
2015-08-26 15:21 - 2015-06-16 14:03 - 01782784 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\gateways\ArrisTG852GLOC.dll
2015-08-26 15:21 - 2015-06-16 14:05 - 01782784 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\gateways\ArrisTG862GLOC.dll
2015-08-26 15:21 - 2015-06-16 13:59 - 01792000 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\gateways\MotorolaSBG900LOC.dll
2015-08-26 15:21 - 2015-06-16 14:02 - 01761792 _____ () C:\Program Files (x86)\Time Warner Cable\TWC WiFi\gateways\NetgearWNR1000v3LOC.dll
2015-04-13 15:54 - 2015-04-13 15:54 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2015-04-13 15:54 - 2015-04-13 15:54 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2015-04-13 15:54 - 2015-04-13 15:54 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2015-04-13 15:54 - 2015-04-13 15:54 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2015-04-13 15:54 - 2015-04-13 15:54 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2015-04-13 15:55 - 2015-04-13 15:55 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2015-04-13 15:57 - 2015-04-13 15:57 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2010-11-22 15:56 - 2010-11-22 15:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-22 15:56 - 2010-11-22 15:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-22 15:56 - 2010-11-22 15:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-13 16:26 - 2014-05-13 16:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-13 16:26 - 2014-05-13 16:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-13 16:26 - 2014-05-13 16:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-13 16:26 - 2014-05-13 16:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 15:57 - 2010-11-22 15:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-22 15:56 - 2010-11-22 15:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-22 15:56 - 2010-11-22 15:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-22 15:56 - 2010-11-22 15:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-22 15:57 - 2010-11-22 15:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-22 15:57 - 2010-11-22 15:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-22 15:56 - 2010-11-22 15:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 11:17 - 2011-02-15 11:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-22 15:57 - 2010-11-22 15:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-13 16:26 - 2014-05-13 16:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 15:56 - 2010-11-22 15:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-22 15:56 - 2010-11-22 15:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2014-08-13 17:37 - 2014-08-13 17:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-13 17:37 - 2014-08-13 17:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2013-11-20 17:05 - 2013-11-20 17:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-22 15:56 - 2010-11-22 15:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-22 15:56 - 2010-11-22 15:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-22 15:57 - 2010-11-22 15:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-22 15:56 - 2010-11-22 15:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2010-11-22 15:57 - 2010-11-22 15:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-17 17:56 - 2014-06-17 17:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 11:17 - 2011-02-15 11:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-22 16:06 - 2010-11-22 16:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-09 16:52 - 2013-05-09 16:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-09 16:52 - 2013-05-09 16:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-09 16:52 - 2013-05-09 16:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 11:57 - 2013-05-03 11:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 11:56 - 2013-05-03 11:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 11:56 - 2013-05-03 11:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 11:57 - 2013-05-03 11:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 11:56 - 2013-05-03 11:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 11:57 - 2013-05-03 11:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 11:57 - 2013-05-03 11:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 11:57 - 2013-05-03 11:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 11:57 - 2013-05-03 11:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2014-12-23 16:54 - 2014-12-23 16:54 - 01272616 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\kpcengine.2.3.dll
2015-09-21 16:40 - 2015-09-18 15:13 - 16487752 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Cherryckjj\Desktop\1.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Cherryckjj\Desktop\1.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Cherryckjj\Desktop\2.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Cherryckjj\Desktop\2.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Cherryckjj\Desktop\3.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Cherryckjj\Desktop\3.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Cherryckjj\Desktop\4.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Cherryckjj\Desktop\4.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Cherryckjj\Desktop\5.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Cherryckjj\Desktop\5.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Cherryckjj\Desktop\6.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Cherryckjj\Desktop\6.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Cherryckjj\Desktop\7.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Cherryckjj\Desktop\7.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Cherryckjj\Desktop\8.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Cherryckjj\Desktop\8.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Cherryckjj\Desktop\HHQ.jpeg:3or4kl4x13tuuug3Byamue2s4b
AlternateDataStreams: C:\Users\Cherryckjj\Desktop\HHQ.jpeg:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3730196113-1156908693-4138991567-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Cherryckjj\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 209.18.47.61 - 209.18.47.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: GoogleChromeAutoLaunch_8CFDF07D37CE5E5F3B9804491D6ADF08 => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: SendAnywhere => "C:\Program Files (x86)\Send Anywhere\sendanywhere.exe" --tray
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{4C9ADFC7-6371-47EF-8A53-89A429DB3360}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C97035A2-CDF6-4B17-877D-CDFDB7B91BBA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{446663E7-F6B1-4CBA-AC2F-E903C68BECC6}] => (Allow) C:\Program Files (x86)\SogouInput\7.5.0.5651\SGDownload.exe
FirewallRules: [{C4E3CB07-EDFB-4EFA-B3D9-DA63D3E5E40B}] => (Allow) C:\Program Files (x86)\SogouInput\7.5.0.5651\SGDownload.exe
FirewallRules: [{D0D4F340-7D0F-4ECE-B8D5-12156399BED8}] => (Allow) C:\Program Files (x86)\SogouInput\7.5.0.5651\SGDownload.exe
FirewallRules: [{32FCE810-D616-4F58-A9AF-1B068AF6D4F2}] => (Allow) C:\Program Files (x86)\SogouInput\7.5.0.5651\SGDownload.exe
FirewallRules: [{386713A6-79E9-4AE4-9E20-41D95C8FAAB1}] => (Allow) C:\Program Files (x86)\SogouInput\7.5.0.5651\SogouCloud.exe
FirewallRules: [{F8D4EE5D-7E2D-4C1A-B771-9680670189F5}] => (Allow) C:\Program Files (x86)\SogouInput\7.5.0.5651\SogouCloud.exe
FirewallRules: [{9BC9D676-E334-4DB3-9FB0-457B6F4997DA}] => (Allow) C:\Program Files (x86)\SogouInput\7.5.0.5651\SogouCloud.exe
FirewallRules: [{71412E7C-FD96-4780-BFAF-132A5583B79B}] => (Allow) C:\Program Files (x86)\SogouInput\7.5.0.5651\SogouCloud.exe
FirewallRules: [{FCB3E6BB-0C6B-4277-AF17-A0E5E2427C5F}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [{84704808-9288-43CA-997D-57D11F4CABDC}] => (Allow) C:\Users\Cherryckjj\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{F5F2B666-0148-4F40-99AD-5EB43876796D}] => (Allow) C:\Users\Cherryckjj\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{FBA3BF37-E6A9-4D44-81D9-4B4EAC348EE0}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{F08BFB9C-8222-431C-966C-894847CBC106}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{47485845-930A-4029-96CE-64F5D922CB3F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{EB12A076-15CB-4E00-BC5F-42FBBB8C25C7}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{32BA2ADF-24D7-4979-A596-8AF9C54892E4}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{889066F7-7C72-4CFD-AB2E-607B952DB7A7}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{B49A6862-754A-49B1-81B1-128E58DDE0B9}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{59CE265F-B666-4710-B17A-503CFFB968AE}] => (Allow) C:\Program Files (x86)\KMSpicoPortable\AutoPico.exe
FirewallRules: [{95E6146B-58B7-416B-94D1-A8ADA5075F17}] => (Allow) C:\Program Files (x86)\KMSpicoPortable\AutoPico.exe
FirewallRules: [TCP Query User{6BA9F802-A32A-4CC9-AD22-C2CA944FCF38}C:\program files (x86)\cabal online (na - global)\launcher\launcher.exe] => (Allow) C:\program files (x86)\cabal online (na - global)\launcher\launcher.exe
FirewallRules: [UDP Query User{3BB23125-5F74-4B6D-93C7-0F6C0D226D9D}C:\program files (x86)\cabal online (na - global)\launcher\launcher.exe] => (Allow) C:\program files (x86)\cabal online (na - global)\launcher\launcher.exe
FirewallRules: [TCP Query User{5C1DE836-0CD2-4934-9FD8-4E7AF5FA6876}C:\program files (x86)\send anywhere\sendanywhere.exe] => (Allow) C:\program files (x86)\send anywhere\sendanywhere.exe
FirewallRules: [UDP Query User{C43F2608-F867-4B34-A673-2FC4A097EF8A}C:\program files (x86)\send anywhere\sendanywhere.exe] => (Allow) C:\program files (x86)\send anywhere\sendanywhere.exe
FirewallRules: [{F851B46B-FEC1-4007-9A1E-A0E717A2E09C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{0C743398-F4C5-4BC9-9C2B-C7A092541428}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{CC45C925-AD61-4051-85EC-D5E5F34911F2}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{4189ECF9-700B-49CB-BE53-659C2F9F791B}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [{32A00022-7017-4FAE-8F7D-76E4DD5F2102}] => (Allow) C:\Users\Cherryckjj\AppData\Local\Temp\QQVipDownloader\r2_1432671989\QQVipDownloader.exe
FirewallRules: [{C824CCB2-5C47-4B62-853D-96CCBC18B287}] => (Allow) C:\Users\Cherryckjj\AppData\Local\Temp\QQVipDownloader\r2_1432671989\QQVipDownloader.exe
FirewallRules: [{295FFD7C-2D05-4656-B818-4077C29B1DAF}] => (Allow) C:\Users\Cherryckjj\AppData\Local\Temp\QQVipDownloader\r2_1432671989\bugreport.exe
FirewallRules: [{3D99B5DC-008B-4F67-8C0D-57FDD3B1046E}] => (Allow) C:\Users\Cherryckjj\AppData\Local\Temp\QQVipDownloader\r2_1432671989\bugreport.exe
FirewallRules: [{F24EC532-8200-4FA5-B9E2-C944AD72436C}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\127\bugreport_xf.exe
FirewallRules: [{D3B539BD-1F9F-4093-8380-D85BB51FB931}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\127\tencentdl.exe
FirewallRules: [{86706A07-4FD9-47F5-B929-71AE2A9A382E}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\127\tencentdl.exe
FirewallRules: [{434C0B61-446C-46DE-A46A-8F5500962918}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\127\bugreport_xf.exe
FirewallRules: [{00086277-FD1A-4316-A2D6-2241CE61A957}] => (Allow) C:\Users\Cherryckjj\AppData\Local\Temp\QQVipDownloader\r2_1432734172\QQVipDownloader.exe
FirewallRules: [{188C630F-B559-4974-A90E-7FA60BE7AD90}] => (Allow) C:\Users\Cherryckjj\AppData\Local\Temp\QQVipDownloader\r2_1432734172\QQVipDownloader.exe
FirewallRules: [{B9B5795D-B5C4-44FB-A1D3-B3D1294B5B2B}] => (Allow) C:\Users\Cherryckjj\AppData\Local\Temp\QQVipDownloader\r2_1432734172\bugreport.exe
FirewallRules: [{9FED040D-3ED7-49DE-AE26-C81BE613D080}] => (Allow) C:\Users\Cherryckjj\AppData\Local\Temp\QQVipDownloader\r2_1432734172\bugreport.exe
FirewallRules: [{F77F5950-17DA-4BFF-80A9-4916B3AFB29F}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\127\bugreport_xf.exe
FirewallRules: [{B145E009-3306-464A-AA11-C23AFD3D7FFB}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\127\tencentdl.exe
FirewallRules: [{5F1C8FB2-D17C-4F72-8965-C8E58DF01A28}] => (Allow) C:\Users\Cherryckjj\AppData\Local\Temp\PCMng\QQPCDetector.exe
FirewallRules: [{97117325-78AC-4603-881A-7E2DA235B85F}] => (Allow) C:\Users\Cherryckjj\AppData\Local\Temp\PCMng\QQPCDetector.exe
FirewallRules: [{51A3939E-919A-43F5-864A-42420B9FD9FE}] => (Allow) c:\users\cherryckjj\appdata\roaming\tencent\qq音速\b4890fa8ce5d493a93103a0ef4a6e617\teniodl\teniodl.exe
FirewallRules: [{B5F2149B-CF75-4F5A-8343-AEFD86E7D9EC}] => (Allow) c:\users\cherryckjj\appdata\roaming\tencent\qq音速\b4890fa8ce5d493a93103a0ef4a6e617\teniodl\teniodl.exe
FirewallRules: [TCP Query User{1F1286FF-C4D0-483A-9C90-78D747EFF6C7}D:\qqvipdownload\qq音速\tcls\qqr2.exe] => (Allow) D:\qqvipdownload\qq音速\tcls\qqr2.exe
FirewallRules: [UDP Query User{8D8EB0A5-74F1-4661-B4A5-83B14D4883B0}D:\qqvipdownload\qq音速\tcls\qqr2.exe] => (Allow) D:\qqvipdownload\qq音速\tcls\qqr2.exe
FirewallRules: [{9B020E19-26AE-4FF2-A19E-9CEA9373371F}] => (Block) D:\qqvipdownload\qq音速\tcls\qqr2.exe
FirewallRules: [{3F736028-F90A-41E1-8DA4-BA8D333A9E57}] => (Block) D:\qqvipdownload\qq音速\tcls\qqr2.exe
FirewallRules: [{77E2E482-AEFF-40E6-8874-14112602CD93}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{AA612103-DF0A-437C-AF2F-BF91EA16135F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D1227E84-A5BE-41D7-9AE8-C4C65E29CE46}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E2C6E18C-EB28-49F2-BBB9-E9C0100573C4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CA191D3F-5451-40B3-AB0C-2E5A3C1EB787}] => (Allow) C:\Users\Cherryckjj\AppData\Roaming\Tencent\QQ音速\B4890FA8CE5D493A93103A0EF4A6E617\TenioDL\TenioDL.exe
FirewallRules: [{1A4F9291-C0A2-4635-8082-E4F319AEA6A5}] => (Allow) C:\Users\Cherryckjj\AppData\Roaming\Tencent\QQ音速\B4890FA8CE5D493A93103A0EF4A6E617\TenioDL\TenioDL.exe
FirewallRules: [{7B67ADDA-6B24-49FF-8BF5-76BADB89383A}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\127\bugreport_xf.exe
FirewallRules: [{60598959-A6CC-4D33-9496-EF46A02F4A36}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\127\tencentdl.exe
FirewallRules: [{AF9BB1D6-637A-4B7E-A8B7-D032CAA9FCBD}] => (Allow) C:\Users\Cherryckjj\AppData\Local\Temp\PCMng\QQPCDetector.exe
FirewallRules: [{6D6B114F-3DDD-40E0-99D7-822F84CF4C04}] => (Allow) C:\Users\Cherryckjj\AppData\Local\Temp\PCMng\QQPCDetector.exe
FirewallRules: [{F1F1D57F-89FA-4344-AF33-6DFA0A6A455B}] => (Allow) c:\users\cherryckjj\appdata\roaming\tencent\qq音速\92568056cc83524fa5836df05168fe6f\teniodl\teniodl.exe
FirewallRules: [{15CFD808-BDB4-4FA8-8EC9-0F628D813F96}] => (Allow) c:\users\cherryckjj\appdata\roaming\tencent\qq音速\92568056cc83524fa5836df05168fe6f\teniodl\teniodl.exe
FirewallRules: [TCP Query User{2B6458EC-2518-4646-BFFE-688E8300B35C}D:\qqvipdownload\qq\qqòôëù\tcls\qqr2.exe] => (Allow) D:\qqvipdownload\qq\qqòôëù\tcls\qqr2.exe
FirewallRules: [UDP Query User{AA57284A-993A-4138-A46B-493983A0AB2C}D:\qqvipdownload\qq\qqòôëù\tcls\qqr2.exe] => (Allow) D:\qqvipdownload\qq\qqòôëù\tcls\qqr2.exe
FirewallRules: [{A3A229A6-38C9-4E05-BEF6-B2E772FEA2F0}] => (Allow) C:\Users\Cherryckjj\AppData\Roaming\Tencent\QQ音速\92568056CC83524FA5836DF05168FE6F\TenioDL\TenioDL.exe
FirewallRules: [{37612620-2CDF-42DA-A597-4A347173968A}] => (Allow) C:\Users\Cherryckjj\AppData\Roaming\Tencent\QQ音速\92568056CC83524FA5836DF05168FE6F\TenioDL\TenioDL.exe
FirewallRules: [{FF0B1D9C-9D00-4BE2-9D98-5B9165B99C54}] => (Allow) C:\Users\Cherryckjj\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1BB05DD5-C60D-418D-908E-9BD84C10D103}] => (Allow) C:\Users\Cherryckjj\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0D97DDC7-EFDC-4DE6-8BEC-5ECE1DA035A6}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [{376BA7F6-3224-46F7-9767-2C27F7CB59C6}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe
FirewallRules: [TCP Query User{8973CFBC-2D85-4109-8113-B70BFB54FCE7}C:\users\cherryckjj\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\cherryckjj\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{2BC1DB83-0C4D-4483-919B-D28B01096892}C:\users\cherryckjj\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\cherryckjj\appdata\local\akamai\netsession_win.exe
FirewallRules: [{B260F51F-3AA7-4B09-9AFF-DE87A37817BC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dragonnest\DragonNest.exe
FirewallRules: [{A3A84052-3BCA-4F81-8F2B-4B81D7074271}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dragonnest\DragonNest.exe
FirewallRules: [{3AE207FC-7E7C-4BBD-B6AC-6D8965EAA92C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dragonnest\DragonNest.exe
FirewallRules: [{52E3D069-8749-45BA-A242-8B8D41929C87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dragonnest\DragonNest.exe
FirewallRules: [{BCA035D3-1D39-441D-B6A8-6E6DAC7108C4}] => (Allow) C:\Program Files (x86)\SogouInput\7.5.0.5651\SGTool.exe
FirewallRules: [{F6B95F14-CD5A-483B-BCC4-3CE55467A389}] => (Allow) C:\Program Files (x86)\SogouInput\7.5.0.5651\SGTool.exe
FirewallRules: [{B7D0DDD4-8003-4A44-B233-C3B493309FF8}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{EF652834-021B-47A6-86DC-DB8510367DD2}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{8DD108EC-3DE2-4FC1-9856-A49BEE9E0AFA}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{79BAD58C-57A9-4F2A-B572-4365983FD56E}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{7EB8BC6E-5A58-422A-A116-3B246651604E}D:\maplestory\hawtmaple.exe] => (Allow) D:\maplestory\hawtmaple.exe
FirewallRules: [UDP Query User{B293791B-85BC-459E-B8A0-CE7D96CB746C}D:\maplestory\hawtmaple.exe] => (Allow) D:\maplestory\hawtmaple.exe
FirewallRules: [{992E740C-E971-4086-A687-4BEA49B14C2F}] => (Allow) C:\Program Files (x86)\SogouInput\7.7.0.6390\SGTool.exe
FirewallRules: [{0C59DA53-CF49-4779-BE3B-C4393E5EC73F}] => (Allow) C:\Program Files (x86)\SogouInput\7.7.0.6390\SGTool.exe
FirewallRules: [{E2378A25-FC47-4EE7-A788-2C8A6ABDD74C}] => (Allow) C:\Program Files (x86)\SogouInput\7.7.0.6390\SGTool.exe
FirewallRules: [{8294EBB8-8764-447C-86AC-C703E0DF4237}] => (Allow) C:\Program Files (x86)\SogouInput\7.7.0.6390\SGTool.exe
FirewallRules: [{9393F2BD-4DE1-42AD-88C4-7B669ADC7C25}] => (Allow) C:\Program Files (x86)\SogouInput\7.7.0.6390\PinyinUp.exe
FirewallRules: [{356C28C3-1D28-4D4B-9F09-2B001BE669B4}] => (Allow) C:\Program Files (x86)\SogouInput\7.7.0.6390\PinyinUp.exe
FirewallRules: [{60E5FCC2-A6AC-4C80-81E4-CAADA2E56810}] => (Allow) C:\Program Files (x86)\SogouInput\7.7.0.6390\PinyinUp.exe
FirewallRules: [{4E4AAB2F-6ACB-4C21-A94D-EB555A47BCF2}] => (Allow) C:\Program Files (x86)\SogouInput\7.7.0.6390\PinyinUp.exe
FirewallRules: [{0FD1DAAF-5A3D-4B50-BF45-BE488F1106C2}] => (Allow) C:\Program Files (x86)\SogouInput\7.7.0.6390\SGDownload.exe
FirewallRules: [{331126D6-9484-4A28-AF0A-A63877ACC707}] => (Allow) C:\Program Files (x86)\SogouInput\7.7.0.6390\SGDownload.exe
FirewallRules: [{CA8F5DAF-3A5A-47C7-BA16-DFEDAA9E5057}] => (Allow) C:\Program Files (x86)\SogouInput\7.7.0.6390\SGDownload.exe
FirewallRules: [{E2D25877-52ED-45D8-9B9C-AA7FCF4EE20D}] => (Allow) C:\Program Files (x86)\SogouInput\7.7.0.6390\SGDownload.exe
FirewallRules: [{D9954EEE-4696-45E4-90FF-C8209FC05150}] => (Allow) C:\Program Files (x86)\SogouInput\7.7.0.6390\SogouCloud.exe
FirewallRules: [{96197499-188E-4DD2-9FF1-A5ADDAE3DD6B}] => (Allow) C:\Program Files (x86)\SogouInput\7.7.0.6390\SogouCloud.exe
FirewallRules: [{FABC26EE-5D1C-46BA-9EEB-6D1ABDB5F6F3}] => (Allow) C:\Program Files (x86)\SogouInput\7.7.0.6390\SogouCloud.exe
FirewallRules: [{1D59B807-3E7B-4D06-B98C-BC29CC59E5AC}] => (Allow) C:\Program Files (x86)\SogouInput\7.7.0.6390\SogouCloud.exe
FirewallRules: [{35673271-AA52-454D-BF64-C3F0AC15CC66}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{3A7F6899-BB4C-475E-AEB2-EA308EC74959}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{F495C3B6-001D-4F57-A6A0-593D0E52C74D}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{DA6AE3E7-D090-4589-8E74-0CDE6A320176}] => (Allow) C:\Program Files (x86)\SogouInput\Components\SogouComMgr.exe
FirewallRules: [{DE9FC3BE-3D4A-4F5C-A0D7-F14FFCE2736A}] => (Allow) C:\Program Files (x86)\SogouInput\7.7.0.6390\userNetSchedule.exe
FirewallRules: [{36AABDAC-D15F-471D-A104-6594E3EAD12F}] => (Allow) C:\Program Files (x86)\SogouInput\7.7.0.6390\userNetSchedule.exe
FirewallRules: [{31C6D003-9B3E-42FA-8F54-1BAA8860FEF8}] => (Allow) C:\Program Files (x86)\SogouInput\7.7.0.6390\userNetSchedule.exe
FirewallRules: [{AE818F31-27EF-4D50-874E-0BAAE18C6752}] => (Allow) C:\Program Files (x86)\SogouInput\7.7.0.6390\userNetSchedule.exe
FirewallRules: [{7A47C800-FD30-474B-8855-E3F3E6F58DB7}] => (Allow) C:\Program Files (x86)\SogouInput\7.7.0.6390\SGMedalLoader.exe
FirewallRules: [{BB93D1C4-1993-41CD-BD6D-B4AA6F9F4710}] => (Allow) C:\Program Files (x86)\SogouInput\7.7.0.6390\SGMedalLoader.exe
FirewallRules: [{9C169D93-6209-4B73-855F-82E9FD0C8C9C}] => (Allow) C:\Program Files (x86)\SogouInput\7.7.0.6390\SGMedalLoader.exe
FirewallRules: [{F6601DBC-D9B2-4D5A-A192-03D768C15B0A}] => (Allow) C:\Program Files (x86)\SogouInput\7.7.0.6390\SGMedalLoader.exe
FirewallRules: [{37D8068C-EE07-4E0A-8906-BFEEBA3DE2A4}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe
FirewallRules: [{2D8123D2-6D8B-4A48-A56B-540828BFABEF}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe
FirewallRules: [{AB330972-532C-4A71-ABEC-18820F97826B}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe
FirewallRules: [{9E386DC4-D599-4131-AAF5-1571B5ABD99F}] => (Allow) C:\Users\Public\SogouInput\USBDT\OctopusDownloader.exe
FirewallRules: [TCP Query User{26B83B16-50E0-4CEE-B54A-D2DF47F9DA0C}C:\users\cherryckjj\appdata\local\temp\semini.exe] => (Block) C:\users\cherryckjj\appdata\local\temp\semini.exe
FirewallRules: [UDP Query User{FB2EA674-14D3-483C-97A3-4056E925F053}C:\users\cherryckjj\appdata\local\temp\semini.exe] => (Block) C:\users\cherryckjj\appdata\local\temp\semini.exe
FirewallRules: [TCP Query User{70273202-D8A2-4681-918F-E5F759CB610B}C:\program files (x86)\cabal2 (us)\c2launcher.exe] => (Allow) C:\program files (x86)\cabal2 (us)\c2launcher.exe
FirewallRules: [UDP Query User{EC0A0F4A-19CB-4793-A4CD-DD644093A45F}C:\program files (x86)\cabal2 (us)\c2launcher.exe] => (Allow) C:\program files (x86)\cabal2 (us)\c2launcher.exe
FirewallRules: [{A9836C28-03DF-49B2-830A-850D8C882252}] => (Allow) C:\Program Files (x86)\Time Warner Cable\TWC WiFi\TWC WiFi.exe
FirewallRules: [{DF8BCF09-B5B9-4D62-8287-04787F1C64A4}] => (Allow) C:\Program Files (x86)\Time Warner Cable\TWC WiFi\TWC WiFi.exe
FirewallRules: [{CED3CD77-75DE-4652-8D10-1DFB2F8C9347}] => (Allow) C:\Program Files (x86)\Time Warner Cable\TWC WiFi\TWC WiFi.exe
FirewallRules: [{25DF7E04-6206-4912-AAE9-F93D12A85966}] => (Allow) C:\Program Files (x86)\Time Warner Cable\TWC WiFi\TWC WiFi.exe
FirewallRules: [{2660B1DB-1E1C-46F2-838A-9455BC4DE21D}] => (Allow) C:\Program Files (x86)\Time Warner Cable\TWC WiFi\TWC WiFi.exe
FirewallRules: [{4003D87B-F907-40AB-ACE8-A3199E7BEF80}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0C83907B-680B-42A9-A7AA-7C10188DED1A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{ECB6FDC8-5868-49B4-9237-628C2534E7CF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{E517E573-4F5A-4B1C-A65A-63A897848669}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{7B661814-F4CE-4A21-BBFA-AB465771AF0A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (09/23/2015 02:43:17 PM) (Source: System Restore) (EventID: 8200) (User: )
Description: Failed to initiate System Restore (Windows Update).
Error: (09/23/2015 10:33:21 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (09/23/2015 10:27:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 560: ERROR: read_msg errno 10054 (An existing connection was forcibly closed by the remote host.)
Error: (09/23/2015 10:27:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 576: ERROR: read_msg errno 10054 (An existing connection was forcibly closed by the remote host.)
Error: (09/23/2015 10:27:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 580: ERROR: read_msg errno 10054 (An existing connection was forcibly closed by the remote host.)
Error: (09/23/2015 10:27:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 552: ERROR: read_msg errno 10054 (An existing connection was forcibly closed by the remote host.)
Error: (09/23/2015 10:27:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 544: ERROR: read_msg errno 10054 (An existing connection was forcibly closed by the remote host.)
Error: (09/23/2015 10:27:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 536: ERROR: read_msg errno 10054 (An existing connection was forcibly closed by the remote host.)
Error: (09/23/2015 10:27:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 528: ERROR: read_msg errno 10054 (An existing connection was forcibly closed by the remote host.)
Error: (09/23/2015 10:27:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: 504: ERROR: read_msg errno 10054 (An existing connection was forcibly closed by the remote host.)
System errors:
=============
Error: (09/23/2015 02:42:24 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (09/23/2015 10:31:41 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
RzFilter
Error: (09/21/2015 04:57:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053
Error: (09/21/2015 04:57:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
Error: (09/21/2015 04:57:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
RzFilter
Error: (09/21/2015 04:53:06 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (08/28/2015 08:27:06 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
RzFilter
Error: (08/20/2015 07:34:32 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
RzFilter
Error: (08/20/2015 07:34:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Kaspersky Anti-Virus Service 15.0.2 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (08/17/2015 12:29:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error:
%%1053
CodeIntegrity:
===================================
Date: 2015-04-29 04:05:42.952
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-29 04:05:42.951
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-29 04:05:42.948
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-29 04:05:42.859
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-29 04:05:42.857
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-04-29 04:05:42.855
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.2\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD FX-4100 Quad-Core Processor
Percentage of memory in use: 33%
Total physical RAM: 8190.18 MB
Available physical RAM: 5427.91 MB
Total Virtual: 16378.57 MB
Available Virtual: 12807.29 MB
==================== Drives ================================
Drive c: (Windows7) (Fixed) (Total:111.69 GB) (Free:26.25 GB) NTFS
Drive d: (Data1) (Fixed) (Total:488.28 GB) (Free:446.65 GB) NTFS
Drive e: (Data2) (Fixed) (Total:443.23 GB) (Free:443.12 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: F085C0AD)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 9682A460)
Partition 1: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=443.2 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================