Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Astromenda infected Chrome browser


  • This topic is locked This topic is locked
2 replies to this topic

#1 molo8

molo8

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:39 PM

Posted 28 August 2014 - 05:00 AM

Suddenly the appearance of my chrome browser was altered (everything is zoomed really big) and then I saw that the Astromenda extension was added. I disabled Astromenda extension then I uninstalled Chrome. I then ran malwarebytes which was able to find 6 infected objects and quarantined. Then I reinstalled Chrome but the Astromenda extension came back. Right now I am using Chrome but everything is still zoomed big and I know it's not the 'legit' version of Chrome. I ran malwarebytes again but it said there were 0 infections.

I tried to download DDS but I'm running Windows 8 so it didn't work. Please help. Thank you in advanced.

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:21:20 AM, on 8/28/2014
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.17239)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
C:\Program Files (x86)\Toshiba\System Setting\TssSrv.exe
C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe
C:\Windows\SysWOW64\UMonit64.exe
C:\Program Files (x86)\Norton AntiVirus\Engine\21.4.0.13\NAV.exe
C:\Users\MT\Desktop\hijackthis.exe
C:\Users\MT\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TNJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TNJB
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com/?pc=TNJB
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by TOSHIBA
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [KeNotify] "C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe" LPCM
O4 - HKLM\..\Run: [ToshibaAppPlace] "C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
O4 - HKLM\..\Run: [TSVU] "c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\MT\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: ISCTSystray.lnk = C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Dragon Assistant Core (DACoreService) - Nuance Communications, Inc. - C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
O23 - Service: DTS APO Service (dts_apo_service) - Unknown owner - C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel® Capability Licensing Service TCP IP Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel® Smart Connect Technology Agent (ISCTAgent) - Unknown owner - C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: Norton Anti-Theft (NAT) - Symantec Corporation - C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
O23 - Service: Norton AntiVirus (NAV) - Symantec Corporation - C:\Program Files (x86)\Norton AntiVirus\Engine\21.4.0.13\NAV.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\Windows\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA eco Utility Service - Toshiba Corporation - C:\Program Files\TOSHIBA\Teco\TecoService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel® PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 9702 bytes



BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:39 PM

Posted 28 August 2014 - 06:52 AM

Hi there,

please run a FRST scan:


Please download Farbar Recovery Scan Tool and save it to your Desktop.
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.


#3 molo8

molo8
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:39 PM

Posted 28 August 2014 - 06:44 PM

Thank you aharonov. I appreciate your help very much.

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by MT (administrator) on M on 28-08-2014 19:39:37
Running from C:\Users\MT\Downloads
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe
() C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Toshiba Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\System Setting\TssSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
() C:\Program Files\TOSHIBA\Hotkey\Hotkey\TCrdKBB.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Utilities\KeNotify.exe
() C:\Windows\SysWOW64\UMonit64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.4.0.13\nav.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.4.0.13\nav.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-10-04] (ELAN Microelectronics Corp.)
HKLM\...\Run: [TSSSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe [296520 2013-09-11] (TOSHIBA Corporation)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [178016 2013-08-21] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-17] (TOSHIBA Corporation)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2013-08-05] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [516512 2013-07-23] (TOSHIBA)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3226289247-2755110353-133785563-1001\...\Run: [ClubBox] =>                                                                                                                                                                                                          (the data entry has 824 more characters).
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk
ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com/?pc=TNJB
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com/?pc=TNJB
SearchScopes: HKLM - {7FD2B3F4-E907-4206-B9F8-F387AC9C1B0C} URL = http://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ir_14_34_ch&cd=2XzuyEtN2Y1L1QzuyD0CyDtCyE0F0E0B0CyB0AtByDzyyEtAtN0D0Tzu0SzyyCyCtN1L2XzutAtFtDtFtCtDtFtAtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StB0AtBtB0BtByBtCtG0A0CyByBtG0EyEtBtDtGtBtD0AtBtGyDyBtCtCzz0ByCyC0A0C0Ezy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0EzzzyyCyDyEzytGyBzyyE0AtGyE0F0DzytGzzyCyE0FtGyE0B0CtDtCzyzztA0F0CtByB2Q&cr=707709215&ir=
SearchScopes: HKLM-x32 - {7FD2B3F4-E907-4206-B9F8-F387AC9C1B0C} URL = http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TNJB
SearchScopes: HKCU - {7FD2B3F4-E907-4206-B9F8-F387AC9C1B0C} URL = http://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_ir_14_34_ch&cd=2XzuyEtN2Y1L1QzuyD0CyDtCyE0F0E0B0CyB0AtByDzyyEtAtN0D0Tzu0SzyyCyCtN1L2XzutAtFtDtFtCtDtFtAtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StB0AtBtB0BtByBtCtG0A0CyByBtG0EyEtBtDtGtBtD0AtBtGyDyBtCtCzz0ByCyC0A0C0Ezy2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0B0EzzzyyCyDyEzytGyBzyyE0AtGyE0F0DzytGzzyCyE0FtGyE0B0CtDtCzyzztA0F0CtByB2Q&cr=707709215&ir=
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: zettamedia.co.kr/ZmLauncher -> C:\Users\MT\AppData\Local\Zettamedia\PdClubBox\npZmLauncher.dll (Zettamedia Co.,Ltd.)
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.0.0.100\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.0.0.100\IPSFF [2014-02-22]

Chrome:
=======
CHR Profile: C:\Users\MT\AppData\Local\Google\Chrome\User Data\Default

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356912 2014-07-19] (Microsoft Corporation)
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Assistant\Core\DACore.exe [435088 2013-07-02] (Nuance Communications, Inc.)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [19792 2013-09-10] ()
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-10-04] (ELAN Microelectronics Corp.)
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-03] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-12] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-08-23] ()
R2 NAT; C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\NAT.exe [232424 2013-10-11] (Symantec Corporation)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.4.0.13\NAV.exe [262968 2014-06-27] (Symantec Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3667696 2013-08-23] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.0.100\Definitions\BASHDefs\20140821.007\BHDrvx64.sys [1588016 2014-08-18] (Symantec Corporation)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_NAT; C:\Windows\system32\drivers\NATx64\010A000.009\ccSetx64.sys [150104 2013-07-29] (Symantec Corporation)
R3 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1504000.00D\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-06-10] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-06-10] (Symantec Corporation)
R3 ETDSMBus; C:\Windows\system32\DRIVERS\ETDSMBus.sys [23368 2013-08-07] (ELAN Microelectronic Corp.)
S3 GENERICDRV; C:\Program Files (x86)\UEFI WinFlash\amifldrv64.sys [15640 2012-07-27] ()
S3 GeneStor; C:\Windows\System32\drivers\GeneStor.sys [105704 2013-08-16] (GenesysLogic)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [117192 2013-08-29] (Intel Corporation)
R3 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.0.100\Definitions\IPSDefs\20140825.001\IDSvia64.sys [525016 2014-03-25] (Symantec Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-08] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-08] ()
R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-07] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-07] ()
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.0.100\Definitions\VirusDefs\20140827.008\ENG64.SYS [129752 2014-08-22] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.0.100\Definitions\VirusDefs\20140827.008\EX64.SYS [2137304 2014-08-22] (Symantec Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-25] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NAVx64\1504000.00D\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NAVx64\1504000.00D\SRTSPX64.SYS [36952 2013-07-30] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NAVx64\1504000.00D\SYMDS64.SYS [493656 2013-07-31] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NAVx64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NAVx64\1504000.00D\SymELAM.sys [23568 2013-07-31] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-29] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NAVx64\1504000.00D\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NAVx64\1504000.00D\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows ® Win 7 DDK provider)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-28 19:39 - 2014-08-28 19:40 - 00016482 _____ () C:\Users\MT\Downloads\FRST.txt
2014-08-28 19:39 - 2014-08-28 19:39 - 00000000 ____D () C:\FRST
2014-08-28 19:37 - 2014-08-28 19:38 - 02103296 _____ (Farbar) C:\Users\MT\Downloads\FRST64.exe
2014-08-28 05:55 - 2014-08-28 05:55 - 00688992 _____ (Swearware) C:\Users\MT\Downloads\dds.com
2014-08-28 01:23 - 2014-08-28 01:23 - 00509440 _____ (Tech Support Guy System) C:\Users\MT\Downloads\SysInfo.exe
2014-08-28 01:21 - 2014-08-28 01:21 - 00009703 _____ () C:\Users\MT\Desktop\hijackthis.log
2014-08-28 01:20 - 2010-04-22 10:42 - 00388608 _____ (Trend Micro Inc.) C:\Users\MT\Desktop\hijackthis.exe
2014-08-28 01:19 - 2014-08-28 01:19 - 00305985 _____ () C:\Users\MT\Downloads\hijackthis.zip
2014-08-28 01:07 - 2014-08-28 01:07 - 00009503 _____ () C:\Users\MT\Downloads\hijackthis.log
2014-08-27 13:33 - 2014-08-27 13:33 - 00001916 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-08-27 13:33 - 2014-08-27 13:33 - 00000000 ____D () C:\Program Files\HitmanPro
2014-08-27 13:31 - 2014-08-27 14:54 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-08-27 13:31 - 2014-08-27 13:33 - 11188736 _____ (SurfRight B.V.) C:\Users\MT\Downloads\HitmanPro_x64.exe
2014-08-27 13:28 - 2014-08-27 13:29 - 10279264 _____ (SurfRight B.V.) C:\Users\MT\Downloads\HitmanPro.exe
2014-08-27 13:08 - 2014-08-28 00:52 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-27 13:08 - 2014-08-27 13:08 - 00001085 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-27 13:08 - 2014-08-27 13:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-27 13:08 - 2014-08-27 13:08 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-27 13:08 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-27 13:08 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-27 13:08 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-27 13:04 - 2014-08-27 13:07 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\MT\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-27 11:30 - 2014-08-27 13:02 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-08-27 11:30 - 2014-08-27 11:30 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-08-27 11:30 - 2014-08-27 11:30 - 00000000 _____ () C:\autoexec.bat
2014-08-27 11:01 - 2014-08-27 11:01 - 00000299 _____ () C:\Users\MT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
2014-08-27 10:48 - 2014-08-27 10:48 - 00000000 ____D () C:\NPE
2014-08-27 10:43 - 2014-08-28 00:50 - 00002174 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-27 10:43 - 2014-08-27 10:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-27 10:35 - 2014-08-28 19:40 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-27 10:35 - 2014-08-28 00:49 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-27 10:35 - 2014-08-27 10:35 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-27 10:35 - 2014-08-27 10:35 - 00003630 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-27 10:32 - 2014-08-28 19:39 - 00133757 _____ () C:\Windows\WindowsUpdate.log
2014-08-27 10:23 - 2014-08-28 00:48 - 00000564 _____ () C:\Windows\setupact.log
2014-08-27 10:23 - 2014-08-27 10:47 - 00285426 _____ () C:\Windows\PFRO.log
2014-08-27 10:23 - 2014-08-27 10:23 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-27 05:41 - 2014-08-27 05:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-27 05:40 - 2014-08-27 05:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-27 05:37 - 2014-08-27 05:37 - 00079991 _____ () C:\Users\MT\Downloads\silverlight.diagcab
2014-08-27 05:14 - 2014-08-27 05:16 - 13087456 _____ (Microsoft Corporation) C:\Users\MT\Downloads\Silverlight_x64.exe
2014-08-27 04:31 - 2014-08-27 04:31 - 01364531 _____ () C:\Users\MT\Downloads\AdwCleaner (1).exe
2014-08-25 04:59 - 2014-08-25 05:16 - 140441570 _____ () C:\Users\MT\Downloads\[HMFsub] 111223 Music Station Super Live - Tohoshinki & Koda Kumi Talk.avi
2014-08-25 04:20 - 2014-08-25 04:20 - 582586056 _____ () C:\Users\MT\Downloads\20110218 KBS - DBSK HoMin - Why Remix.tp
2014-08-23 19:37 - 2014-08-27 10:54 - 00000000 ____D () C:\Users\MT\AppData\Local\NPE
2014-08-23 19:33 - 2014-08-23 19:33 - 00626247 _____ () C:\Users\MT\Documents\bookmarks_8_23_14.html
2014-08-23 19:27 - 2014-08-23 19:28 - 00000000 ____D () C:\Users\MT\AppData\Local\JDownloader v2.0
2014-08-23 01:55 - 2014-08-23 02:17 - 104065843 _____ () C:\Users\MT\Downloads\[Engsub] [Mug_ping & SPVN] Sohu Exclusive interview with TVXQ!.mp4
2014-08-22 20:56 - 2014-08-22 21:01 - 18574453 _____ () C:\Users\MT\Downloads\[Engsub] part.2.mp4
2014-08-22 20:46 - 2014-08-22 20:46 - 00000000 __SHD () C:\Users\MT\AppData\Local\EmieUserList
2014-08-22 20:46 - 2014-08-22 20:46 - 00000000 __SHD () C:\Users\MT\AppData\Local\EmieSiteList
2014-08-22 20:35 - 2014-08-22 20:35 - 00019307 _____ () C:\Users\MT\Downloads\i-am-smtown-the-days-of-youth_english-637653.zip
2014-08-21 06:37 - 2014-08-21 06:37 - 02171583 _____ () C:\Users\MT\Downloads\ave maria 1 (1).mp4
2014-08-21 05:17 - 2014-08-21 05:18 - 19709712 _____ () C:\Users\MT\Downloads\The stairs in the truth and marriage - heaven.mp4
2014-08-19 03:26 - 2014-08-19 03:33 - 124792705 _____ () C:\Users\MT\Downloads\SOHU Exclusive interview with TVXQ!.mp4
2014-08-15 03:13 - 2014-07-25 10:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-15 03:13 - 2014-07-25 09:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-15 03:13 - 2014-07-25 09:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-15 03:13 - 2014-07-25 08:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-15 03:13 - 2014-07-25 08:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-15 03:13 - 2014-07-25 08:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-15 03:13 - 2014-07-25 08:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-15 03:13 - 2014-07-25 08:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-15 03:13 - 2014-07-25 08:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-15 03:13 - 2014-07-25 08:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-15 03:13 - 2014-07-25 08:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-15 03:13 - 2014-07-25 07:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-15 03:13 - 2014-07-25 07:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-15 03:13 - 2014-07-25 07:43 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-15 03:13 - 2014-07-25 07:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-15 03:13 - 2014-07-25 07:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-15 03:13 - 2014-07-25 07:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-15 03:13 - 2014-07-25 07:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-15 03:13 - 2014-07-25 07:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-15 03:13 - 2014-07-25 07:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-15 03:13 - 2014-07-25 07:09 - 00291840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-15 03:13 - 2014-07-25 07:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-15 03:13 - 2014-07-25 07:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-15 03:13 - 2014-07-25 06:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-15 03:13 - 2014-07-25 06:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-15 03:13 - 2014-07-25 06:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-15 03:13 - 2014-07-25 06:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-15 03:13 - 2014-07-25 06:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-15 03:12 - 2014-07-25 09:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-15 03:12 - 2014-07-25 09:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-15 03:12 - 2014-07-25 08:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-15 03:12 - 2014-07-25 08:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-15 03:12 - 2014-07-25 08:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-15 03:12 - 2014-07-25 07:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 03:12 - 2014-07-25 06:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-15 03:11 - 2014-06-19 21:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-15 03:11 - 2014-06-19 19:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-15 03:11 - 2014-06-12 21:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-08-15 03:11 - 2014-06-12 21:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-15 03:11 - 2014-06-12 20:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-08-15 03:11 - 2014-06-06 07:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-08-15 03:09 - 2014-07-15 14:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-08-15 03:09 - 2014-07-15 04:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-08-15 03:09 - 2014-07-15 04:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-08-15 03:09 - 2014-07-15 04:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-08-15 03:09 - 2014-07-10 00:16 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-08-15 03:09 - 2014-07-10 00:03 - 04756992 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-08-15 03:09 - 2014-07-09 23:33 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-08-15 03:09 - 2014-06-09 18:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-15 03:09 - 2014-06-09 18:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 03:09 - 2014-05-31 02:27 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-08-15 03:09 - 2014-05-03 07:29 - 01726224 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-08-15 03:09 - 2014-05-01 01:44 - 01025536 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-08-15 03:09 - 2014-04-30 00:23 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-08-15 03:09 - 2014-04-29 23:42 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-08-15 03:09 - 2014-04-28 18:40 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-08-15 03:09 - 2014-04-26 18:03 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-08-15 03:09 - 2014-04-26 16:14 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-08-15 03:09 - 2014-04-14 05:37 - 02125344 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-08-15 03:09 - 2014-04-14 04:08 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-08-15 03:08 - 2014-06-05 10:13 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-08-15 03:08 - 2014-06-05 09:14 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-08-15 03:08 - 2014-06-01 22:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-08-15 03:08 - 2014-05-31 06:07 - 00467800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-08-15 03:08 - 2014-05-31 06:07 - 00440664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-08-15 03:08 - 2014-05-31 06:07 - 00419672 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-08-15 03:08 - 2014-05-31 06:07 - 00089944 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-08-15 03:08 - 2014-05-31 06:07 - 00027480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-08-15 03:08 - 2014-05-31 02:30 - 00037376 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-08-15 03:08 - 2014-05-31 02:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-08-15 03:08 - 2014-05-31 02:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-08-15 03:08 - 2014-05-31 00:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-08-15 03:08 - 2014-05-31 00:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-08-15 03:08 - 2014-05-31 00:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-08-15 03:08 - 2014-05-27 11:53 - 02518360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-08-15 03:08 - 2014-05-27 05:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2014-08-15 03:08 - 2014-05-27 05:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2014-08-15 03:08 - 2014-05-17 00:59 - 16871936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-08-15 03:08 - 2014-05-17 00:13 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-08-15 03:08 - 2014-05-13 03:01 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-08-15 03:08 - 2014-05-13 01:07 - 02844160 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-08-15 03:08 - 2014-05-13 00:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-08-15 03:08 - 2014-05-13 00:26 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-08-15 03:08 - 2014-05-12 23:59 - 01035264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-08-15 03:08 - 2014-05-12 23:31 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-08-15 03:08 - 2014-05-03 05:20 - 01473080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-08-15 03:08 - 2014-05-03 01:36 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-08-15 03:08 - 2014-05-03 01:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2014-08-15 03:08 - 2014-05-03 01:08 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-08-15 03:08 - 2014-05-03 01:07 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-08-15 03:08 - 2014-05-03 00:46 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2014-08-15 03:08 - 2014-05-03 00:37 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2014-08-15 03:08 - 2014-05-03 00:37 - 00207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2014-08-15 03:08 - 2014-05-02 19:26 - 00050745 _____ () C:\Windows\system32\srms.dat
2014-08-15 03:08 - 2014-04-30 02:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2014-08-15 03:08 - 2014-04-30 02:41 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-08-15 03:08 - 2014-04-30 02:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2014-08-15 03:08 - 2014-04-30 02:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2014-08-15 03:08 - 2014-04-30 01:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-08-15 03:08 - 2014-04-30 00:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-08-15 03:08 - 2014-04-30 00:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-08-15 03:08 - 2014-04-30 00:23 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-08-15 03:08 - 2014-04-30 00:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-08-15 03:08 - 2014-04-30 00:14 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-08-15 03:08 - 2014-04-29 23:59 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-08-15 03:08 - 2014-04-29 23:46 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-08-15 03:08 - 2014-04-29 23:46 - 00229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-08-15 03:08 - 2014-04-29 23:46 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-08-15 03:08 - 2014-04-29 23:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2014-08-15 03:08 - 2014-04-26 12:39 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2014-08-15 03:08 - 2014-04-14 01:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-08-15 03:08 - 2014-04-09 02:11 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-08-15 03:08 - 2014-04-09 01:20 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-08-15 03:07 - 2014-08-06 22:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-15 03:07 - 2014-08-06 18:39 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-15 03:07 - 2014-08-01 23:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-15 03:07 - 2014-08-01 23:11 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-08-15 03:07 - 2014-07-12 00:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-08-15 03:07 - 2014-06-04 05:27 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-15 03:07 - 2014-06-04 01:31 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-15 03:07 - 2014-06-04 01:22 - 02790912 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-15 03:07 - 2014-06-04 00:43 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-15 03:07 - 2014-06-04 00:38 - 03304448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-15 03:07 - 2014-06-03 22:15 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-15 03:07 - 2014-06-03 22:14 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 04:11 - 2014-08-13 04:12 - 22382383 _____ () C:\Users\MT\Downloads\[야경꾼 일지] night_20140811_29_0_1003046100032100000_V1.mp4
2014-08-12 03:03 - 2014-08-12 03:04 - 635541520 _____ () C:\Users\MT\Downloads\I love you LIVE TOUR 2014 TREE Documentary Film - SSTV.ts
2014-08-05 22:47 - 2014-08-05 22:51 - 32837692 _____ () C:\Users\MT\Downloads\[GyaO!] 200140805 TREE TOUR documentary - I Love You.f4v
2014-08-05 21:51 - 2014-08-05 21:51 - 00000000 ____D () C:\Windows\System32\Tasks\Norton AntiVirus
2014-08-05 04:45 - 2014-08-05 04:46 - 901300370 _____ () C:\Users\MT\Downloads\동방신기 (TVXQ!) TIAMO MAKING FILM [KOKAYZ].avi
2014-07-30 16:08 - 2014-07-30 16:08 - 00002170 _____ () C:\Users\MT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-07-30 16:08 - 2014-07-30 16:08 - 00002083 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-07-30 16:08 - 2014-07-30 16:08 - 00002083 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-07-30 16:08 - 2014-07-30 16:08 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive
2014-07-30 16:08 - 2014-07-30 16:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-07-30 15:59 - 2014-08-12 04:06 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-07-30 15:59 - 2014-07-30 16:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-07-30 15:58 - 2014-07-30 15:58 - 01030832 _____ (Microsoft Corporation) C:\Users\MT\Downloads\Setup.X86.en-US_O365HomePremRetail_58034bae-d536-4a51-a1c7-fd02bc32ca5c_TX_PR_.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-28 19:40 - 2014-08-28 19:39 - 00016482 _____ () C:\Users\MT\Downloads\FRST.txt
2014-08-28 19:40 - 2014-08-27 10:35 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-28 19:39 - 2014-08-28 19:39 - 00000000 ____D () C:\FRST
2014-08-28 19:39 - 2014-08-27 10:32 - 00133757 _____ () C:\Windows\WindowsUpdate.log
2014-08-28 19:38 - 2014-08-28 19:37 - 02103296 _____ (Farbar) C:\Users\MT\Downloads\FRST64.exe
2014-08-28 19:38 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\sru
2014-08-28 05:55 - 2014-08-28 05:55 - 00688992 _____ (Swearware) C:\Users\MT\Downloads\dds.com
2014-08-28 03:21 - 2013-08-22 11:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-08-28 03:07 - 2014-02-21 22:00 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3226289247-2755110353-133785563-1001
2014-08-28 01:26 - 2014-02-21 22:07 - 00000000 ____D () C:\Users\MT\AppData\Local\Google
2014-08-28 01:23 - 2014-08-28 01:23 - 00509440 _____ (Tech Support Guy System) C:\Users\MT\Downloads\SysInfo.exe
2014-08-28 01:21 - 2014-08-28 01:21 - 00009703 _____ () C:\Users\MT\Desktop\hijackthis.log
2014-08-28 01:19 - 2014-08-28 01:19 - 00305985 _____ () C:\Users\MT\Downloads\hijackthis.zip
2014-08-28 01:07 - 2014-08-28 01:07 - 00009503 _____ () C:\Users\MT\Downloads\hijackthis.log
2014-08-28 00:52 - 2014-08-27 13:08 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-28 00:50 - 2014-08-27 10:43 - 00002174 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-28 00:49 - 2014-08-27 10:35 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-28 00:48 - 2014-08-27 10:23 - 00000564 _____ () C:\Windows\setupact.log
2014-08-28 00:48 - 2013-08-22 10:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-27 14:54 - 2014-08-27 13:31 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-08-27 13:33 - 2014-08-27 13:33 - 00001916 _____ () C:\Users\Public\Desktop\HitmanPro.lnk
2014-08-27 13:33 - 2014-08-27 13:33 - 00000000 ____D () C:\Program Files\HitmanPro
2014-08-27 13:33 - 2014-08-27 13:31 - 11188736 _____ (SurfRight B.V.) C:\Users\MT\Downloads\HitmanPro_x64.exe
2014-08-27 13:29 - 2014-08-27 13:28 - 10279264 _____ (SurfRight B.V.) C:\Users\MT\Downloads\HitmanPro.exe
2014-08-27 13:08 - 2014-08-27 13:08 - 00001085 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-27 13:08 - 2014-08-27 13:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-27 13:08 - 2014-08-27 13:08 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-27 13:07 - 2014-08-27 13:04 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\MT\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-27 13:02 - 2014-08-27 11:30 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-08-27 11:30 - 2014-08-27 11:30 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-08-27 11:30 - 2014-08-27 11:30 - 00000000 _____ () C:\autoexec.bat
2014-08-27 11:01 - 2014-08-27 11:01 - 00000299 _____ () C:\Users\MT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk
2014-08-27 10:55 - 2014-03-20 01:49 - 00000000 ____D () C:\Users\MT\AppData\Local\CrashDumps
2014-08-27 10:54 - 2014-08-23 19:37 - 00000000 ____D () C:\Users\MT\AppData\Local\NPE
2014-08-27 10:48 - 2014-08-27 10:48 - 00000000 ____D () C:\NPE
2014-08-27 10:47 - 2014-08-27 10:23 - 00285426 _____ () C:\Windows\PFRO.log
2014-08-27 10:46 - 2013-09-16 00:54 - 00000000 ____D () C:\ProgramData\Norton
2014-08-27 10:43 - 2014-08-27 10:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-27 10:43 - 2013-12-29 23:24 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-27 10:35 - 2014-08-27 10:35 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-27 10:35 - 2014-08-27 10:35 - 00003630 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-27 10:35 - 2014-02-21 22:06 - 00000000 ____D () C:\Users\MT\AppData\Local\Deployment
2014-08-27 10:23 - 2014-08-27 10:23 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-27 10:23 - 2014-03-08 22:54 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-08-27 10:22 - 2014-04-25 21:31 - 00000000 ____D () C:\AdwCleaner
2014-08-27 10:19 - 2014-07-19 14:51 - 00000000 ____D () C:\Program Files (x86)\Naver
2014-08-27 05:41 - 2014-08-27 05:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-27 05:40 - 2014-08-27 05:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-08-27 05:37 - 2014-08-27 05:37 - 00079991 _____ () C:\Users\MT\Downloads\silverlight.diagcab
2014-08-27 05:16 - 2014-08-27 05:14 - 13087456 _____ (Microsoft Corporation) C:\Users\MT\Downloads\Silverlight_x64.exe
2014-08-27 04:31 - 2014-08-27 04:31 - 01364531 _____ () C:\Users\MT\Downloads\AdwCleaner (1).exe
2014-08-27 04:30 - 2014-04-18 01:11 - 00000000 ____D () C:\Users\MT\AppData\Roaming\vlc
2014-08-27 03:36 - 2013-08-22 09:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-08-25 21:06 - 2014-04-13 08:14 - 00000000 ____D () C:\Users\MT\Documents\old toshiba
2014-08-25 20:16 - 2014-02-21 21:55 - 00000000 ____D () C:\Users\MT\AppData\Local\Packages
2014-08-25 05:16 - 2014-08-25 04:59 - 140441570 _____ () C:\Users\MT\Downloads\[HMFsub] 111223 Music Station Super Live - Tohoshinki & Koda Kumi Talk.avi
2014-08-25 04:20 - 2014-08-25 04:20 - 582586056 _____ () C:\Users\MT\Downloads\20110218 KBS - DBSK HoMin - Why Remix.tp
2014-08-24 17:55 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\rescache
2014-08-24 02:36 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-23 19:37 - 2013-08-22 09:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-08-23 19:33 - 2014-08-23 19:33 - 00626247 _____ () C:\Users\MT\Documents\bookmarks_8_23_14.html
2014-08-23 19:28 - 2014-08-23 19:27 - 00000000 ____D () C:\Users\MT\AppData\Local\JDownloader v2.0
2014-08-23 02:17 - 2014-08-23 01:55 - 104065843 _____ () C:\Users\MT\Downloads\[Engsub] [Mug_ping & SPVN] Sohu Exclusive interview with TVXQ!.mp4
2014-08-22 21:01 - 2014-08-22 20:56 - 18574453 _____ () C:\Users\MT\Downloads\[Engsub] part.2.mp4
2014-08-22 20:46 - 2014-08-22 20:46 - 00000000 __SHD () C:\Users\MT\AppData\Local\EmieUserList
2014-08-22 20:46 - 2014-08-22 20:46 - 00000000 __SHD () C:\Users\MT\AppData\Local\EmieSiteList
2014-08-22 20:35 - 2014-08-22 20:35 - 00019307 _____ () C:\Users\MT\Downloads\i-am-smtown-the-days-of-youth_english-637653.zip
2014-08-21 06:37 - 2014-08-21 06:37 - 02171583 _____ () C:\Users\MT\Downloads\ave maria 1 (1).mp4
2014-08-21 05:18 - 2014-08-21 05:17 - 19709712 _____ () C:\Users\MT\Downloads\The stairs in the truth and marriage - heaven.mp4
2014-08-19 05:55 - 2014-02-28 11:58 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-19 05:55 - 2013-08-22 11:36 - 00000000 ___RD () C:\Windows\ToastData
2014-08-19 05:55 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-08-19 05:55 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\FileManager
2014-08-19 05:55 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\Camera
2014-08-19 05:53 - 2014-02-28 11:58 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-19 05:52 - 2014-02-21 21:54 - 00000000 ____D () C:\Users\MT
2014-08-19 03:33 - 2014-08-19 03:26 - 124792705 _____ () C:\Users\MT\Downloads\SOHU Exclusive interview with TVXQ!.mp4
2014-08-17 02:06 - 2013-08-22 10:44 - 00474856 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-17 02:03 - 2013-08-22 11:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-08-17 02:03 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-15 03:07 - 2014-05-16 00:30 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-15 03:07 - 2014-05-16 00:24 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-15 03:07 - 2014-05-15 00:06 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-15 03:07 - 2014-05-14 23:57 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-15 03:07 - 2014-05-14 23:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-15 03:07 - 2014-05-14 23:57 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-15 03:07 - 2013-08-22 07:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-15 03:07 - 2013-08-22 07:22 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-15 03:07 - 2013-08-22 07:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-15 03:07 - 2013-08-22 07:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-15 03:07 - 2013-08-22 00:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-15 03:07 - 2013-08-21 23:55 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-15 03:07 - 2013-08-21 23:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-15 03:07 - 2013-08-21 23:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-15 03:07 - 2013-08-21 23:40 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-15 03:07 - 2013-08-21 23:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-15 03:06 - 2014-02-23 14:43 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-08-15 03:02 - 2014-06-10 23:07 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-08-13 04:12 - 2014-08-13 04:11 - 22382383 _____ () C:\Users\MT\Downloads\[야경꾼 일지] night_20140811_29_0_1003046100032100000_V1.mp4
2014-08-12 04:06 - 2014-07-30 15:59 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-12 03:04 - 2014-08-12 03:03 - 635541520 _____ () C:\Users\MT\Downloads\I love you LIVE TOUR 2014 TREE Documentary Film - SSTV.ts
2014-08-09 00:01 - 2013-12-29 23:28 - 00000000 ____D () C:\Windows\system32\Drivers\NAVx64
2014-08-06 22:12 - 2014-08-15 03:07 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-06 18:39 - 2014-08-15 03:07 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-05 22:51 - 2014-08-05 22:47 - 32837692 _____ () C:\Users\MT\Downloads\[GyaO!] 200140805 TREE TOUR documentary - I Love You.f4v
2014-08-05 21:51 - 2014-08-05 21:51 - 00000000 ____D () C:\Windows\System32\Tasks\Norton AntiVirus
2014-08-05 21:46 - 2013-12-29 23:29 - 00003218 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-08-05 21:46 - 2013-12-29 23:28 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton AntiVirus
2014-08-05 04:46 - 2014-08-05 04:45 - 901300370 _____ () C:\Users\MT\Downloads\동방신기 (TVXQ!) TIAMO MAKING FILM [KOKAYZ].avi
2014-08-01 23:56 - 2014-08-15 03:07 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-01 23:11 - 2014-08-15 03:07 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-08-01 20:17 - 2013-08-22 11:38 - 00704480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-01 20:17 - 2013-08-22 11:38 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-30 16:08 - 2014-07-30 16:08 - 00002170 _____ () C:\Users\MT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-07-30 16:08 - 2014-07-30 16:08 - 00002083 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-07-30 16:08 - 2014-07-30 16:08 - 00002083 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2014-07-30 16:08 - 2014-07-30 16:08 - 00000000 ____D () C:\ProgramData\Microsoft SkyDrive
2014-07-30 16:08 - 2014-07-30 16:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2014-07-30 16:08 - 2014-02-22 01:18 - 00000000 ___RD () C:\Users\MT\SkyDrive
2014-07-30 16:02 - 2014-07-30 15:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-07-30 15:59 - 2014-02-21 21:55 - 00000000 ____D () C:\Users\MT\AppData\Local\VirtualStore
2014-07-30 15:58 - 2014-07-30 15:58 - 01030832 _____ (Microsoft Corporation) C:\Users\MT\Downloads\Setup.X86.en-US_O365HomePremRetail_58034bae-d536-4a51-a1c7-fd02bc32ca5c_TX_PR_.exe

Some content of TEMP:
====================
C:\Users\MT\AppData\Local\Temp\Quarantine.exe
C:\Users\MT\AppData\Local\Temp\SHSetup.exe

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-08-25 04:24

==================== End Of Log ============================

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-08-2014
Ran by MT at 2014-08-28 19:40:36
Running from C:\Users\MT\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton AntiVirus (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton AntiVirus (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI (11.0.03)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.03 - Adobe Systems Incorporated)
Çǵð¹Ú½º/Ŭ·´¹Ú½º Á¦°Å (HKCU\...\PdClubBox) (Version:  - Zettamedia)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Dragon Assistant Application en-US version 1.5.11 (HKLM-x32\...\{1CCBE73F-4948-4711-8D12-22E2FD65D706}_is1) (Version: 1.5.11 - Nuance Communications, Inc.)
Dragon Assistant Core Recognition Service version 1.1.12 (HKLM-x32\...\{E97BA7A6-46FC-4EBF-B24A-B8362948C696}_is1) (Version: 1.1.12 - Nuance Communications, Inc.)
Dragon Assistant Installer version 1.5.11 (HKLM-x32\...\{D57A8269-3BE5-4D10-B882-64D0F2D448BF}_is1) (Version: 1.5.11 - Nuance Communications, Inc.)
Dragon Assistant Language Data en-US version 1.1.4 (HKLM-x32\...\{4C0C1E4E-D3B1-4496-98EC-DA14D45EC855}_is1) (Version: 1.1.4 - Nuance Communications, Inc.)
DTS Studio Sound (HKLM-x32\...\{2DFA9084-CEB3-4A48-B9F7-9038FEF1B8F4}) (Version: 1.01.2700 - DTS, Inc.)
ETDWare PS/2_SMBus-X64 11.8.14.1_WHQL (HKLM\...\Elantech) (Version: 11.8.14.1 - ELAN Microelectronic Corp.)
Genesys Logic USB2.0 Card Reader (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.3.0.8 - Genesys Logic)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.94 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.221 - SurfRight B.V.)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel® PRO/Wireless Driver (Version: 16.05.1000.0574 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3308 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.8.2.1000 - Intel Corporation) Hidden
Intel® Smart Connect Technology (HKLM\...\{9B5FD763-5074-474C-B898-24567E6450C8}) (Version: 4.2.40.2439 - Intel Corporation)
Intel® Wireless Bluetooth® 4.0 (HKLM-x32\...\{38561F82-2984-4C99-ADD7-D1166BC3D552}) (Version: 3.0.1335.05 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{72814a2c-2e03-4a50-b30a-43e7884b3934}) (Version: 16.5.1 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.05.1000.0264 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.28.487.1 - Intel Corporation) Hidden
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4631.1004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Preview Redistributable (x86) - 12.0.20617 (HKLM-x32\...\{1f407217-9aec-4146-8504-e64ac959c534}) (Version: 12.0.20617.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.20617 (Version: 12.0.20617 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.20617 (Version: 12.0.20617 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.20617 (x32 Version: 12.0.20617 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.20617 (x32 Version: 12.0.20617 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Norton Anti-Theft (HKLM-x32\...\NAT) (Version: 1.10.0.9 - Symantec Corporation)
Norton AntiVirus (HKLM-x32\...\NAV) (Version: 21.4.0.13 - Symantec Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1004 - Microsoft Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7026 - Realtek Semiconductor Corp.)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM\...\{21A63CA3-75C0-4E56-B602-B7CD2EF6B621}) (Version: 9.0.2.4 - Toshiba Corporation)
TOSHIBA Audio Enhancement (HKLM\...\{1515F5E3-29EA-4CD1-A981-032D88880F09}) (Version: 2.0.17.0 - Toshiba Corporation)
Toshiba Book Place (HKLM-x32\...\{11244D6B-9842-440F-8579-6A4D771A0D9B}) (Version: 3.3.9661 - K-NFB Reading Technology, Inc.)
TOSHIBA Display Utility (HKLM\...\{11955FE2-CAC6-4C3B-AA68-F787D7405400}) (Version: 1.1.9.0 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.2.0.6404 - Toshiba Corporation)
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.51.81.1C - TOSHIBA CORPORATION)
TOSHIBA Flash Cards Support Utility (x32 Version: 1.51.81.1C - TOSHIBA CORPORATION) Hidden
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0002.6401 - Toshiba Corporation)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{59358FD4-252B-4B38-AB81-955C491A494F}) (Version: 2.0.0.9C - Toshiba Corporation)
TOSHIBA Password Utility (x32 Version: 2.0.0.9C - Toshiba Corporation) Hidden
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.9.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.1.02.55065006 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA Start (HKLM-x32\...\{A74C9CC1-2211-4A75-A688-6F7CFE2C2B12}) (Version: 1.00.02 - TOSHIBA America Information Systems, Inc)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0032 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.1.2.32001 - Toshiba Corporation)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.1.6 - TOSHIBA)
Update for CHS Microsoft IME HAP Dictionary (Version: 16.0.1009.1 - Microsoft Corporation) Hidden
Utility Common Driver (x32 Version: 1.0.53.2 - Compal) Hidden
Utility support driver (x32 Version: 1.51.81.2 - TOSHIBA) Hidden
Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0 - Microsoft Corporation) Hidden
Visual C++ 9.0 OpenMP (x86) WinSXS MSM (x32 Version: 9.0 - Microsoft Corporation) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3226289247-2755110353-133785563-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\MT\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3226289247-2755110353-133785563-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\MT\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3226289247-2755110353-133785563-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\MT\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3226289247-2755110353-133785563-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\MT\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3226289247-2755110353-133785563-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\MT\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3226289247-2755110353-133785563-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\MT\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

29-07-2014 07:29:47 Scheduled Checkpoint
16-08-2014 03:18:06 Windows Modules Installer
19-08-2014 09:52:32 Windows Update
27-08-2014 07:26:42 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {176F5A4E-D679-49EB-BCB7-0B3DDD70C9D3} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {197BA5BF-D83E-444C-934D-31F05C6B2EAC} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-06-19] (Microsoft Corporation)
Task: {1A156EE3-7C06-4990-B872-238E7C2EE3CD} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.4.0.13\WSCStub.exe [2014-06-26] (Symantec Corporation)
Task: {1C1CFAC0-95CA-416A-A55B-A3514CF37464} - System32\Tasks\Resolution+ Setting Task => C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe [2013-09-26] (TOSHIBA Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {30808BA4-57E4-4357-9DD7-DBF464C5E0F6} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3FCD7A2F-67A2-4B43-A05C-1868F5172842} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-27] (Google Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {65D979DF-BE36-4C5C-A098-E922CA4FD935} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {7126974A-773B-4D60-A2E1-DF3CC5E538C4} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7B522749-9D01-4F2D-8CE9-2603408E31A0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-27] (Google Inc.)
Task: {7D9FEB70-90B4-4ABF-8FC2-C8E27B5C917A} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8945D276-9122-41A0-9F7A-D36ED35152AC} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {93597DD3-156B-4F7C-A316-4F3C327533F3} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2013-08-23] (Realtek Semiconductor)
Task: {9433D77A-DE06-4E98-8109-90BDD499CFA4} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {956FE1BF-8FF8-4947-8E32-5DB3CFEA2F39} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {97BDB550-2447-452E-9176-A3405F30B04F} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {996058DC-636E-44B1-8516-A42B3316BA8F} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-07-31] (TOSHIBA Corporation)
Task: {9A552A71-A64F-40DC-BA42-786C4C9C6DBF} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B72627DD-0501-480E-9B54-1B4A5A91A680} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-08-05] (Microsoft Corporation)
Task: {BB0E75E7-FD9D-4F56-B446-7526801FD544} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D5637FD8-E71D-4C2F-B0D2-5837707CD582} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe [2013-09-13] ()
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E9750AFC-F16D-4AAA-B3D2-43C9A5DC4474} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-08-19] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-08-12 04:05 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-09-10 16:54 - 2013-09-10 16:54 - 00019792 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
2013-08-12 23:06 - 2013-08-12 23:06 - 00198120 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
2013-08-12 23:06 - 2013-08-12 23:06 - 00054760 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-12 23:06 - 2013-08-12 23:06 - 00034792 _____ () C:\Program Files\Intel\Intel® Smart Connect Technology Agent\ISCTNetMon.dll
2014-08-05 05:37 - 2014-08-05 05:37 - 08892072 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-07-18 19:38 - 2012-07-18 19:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2013-08-01 15:24 - 2013-08-01 15:24 - 00438112 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\TcrdKBB.exe
2013-12-29 23:15 - 2013-09-13 18:27 - 00081986 _____ () C:\Windows\SysWOW64\UMonit64.exe
2013-12-29 23:24 - 2013-07-02 18:30 - 00387984 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\fl_core.dll
2013-12-29 23:24 - 2013-07-02 18:30 - 01165712 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_asr.dll
2013-12-29 23:24 - 2013-07-02 18:30 - 00199056 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_base.dll
2013-12-29 23:24 - 2013-07-02 18:30 - 01132944 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_pron.dll
2013-12-29 23:24 - 2013-07-02 18:30 - 00035216 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\vocon3200_platform.dll
2013-12-29 23:24 - 2013-07-02 18:30 - 00229264 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\sdxg.dll
2013-12-29 23:24 - 2013-07-02 18:29 - 00027648 _____ () C:\Program Files (x86)\Nuance\Dragon Assistant\Core\WASAPIResamplingStreamCOMServer.dll
2013-12-29 23:00 - 2013-09-03 19:53 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\MT\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (08/28/2014 00:49:22 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (08/27/2014 11:08:49 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program mbam.exe version 1.0.0.532 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 9ac

Start Time: 01cfc206fc51edd9

Termination Time: 15

Application Path: C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

Report Id: 08ecca5b-2dfc-11e4-8278-201a067c3736

Faulting package full name:

Faulting package-relative application ID:

Error: (08/27/2014 10:55:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: delegate_execute.exe, version: 37.0.2062.94, time stamp: 0x53f3d8c3
Faulting module name: delegate_execute.exe, version: 37.0.2062.94, time stamp: 0x53f3d8c3
Exception code: 0xc0000005
Fault offset: 0x000000000004cd0c
Faulting process id: 0xb98
Faulting application start time: 0xdelegate_execute.exe0
Faulting application path: delegate_execute.exe1
Faulting module path: delegate_execute.exe2
Report Id: delegate_execute.exe3
Faulting package full name: delegate_execute.exe4
Faulting package-relative application ID: delegate_execute.exe5

Error: (08/27/2014 10:52:58 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (08/27/2014 10:48:56 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (08/27/2014 10:24:12 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (08/27/2014 09:31:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TssSrv.exe, version: 1.0.1.0, time stamp: 0x5230f3bf
Faulting module name: ntdll.dll, version: 6.3.9600.17114, time stamp: 0x53648f36
Exception code: 0xc0000374
Fault offset: 0x000df636
Faulting process id: 0x11a0
Faulting application start time: 0xTssSrv.exe0
Faulting application path: TssSrv.exe1
Faulting module path: TssSrv.exe2
Report Id: TssSrv.exe3
Faulting package full name: TssSrv.exe4
Faulting package-relative application ID: TssSrv.exe5

Error: (08/27/2014 09:28:10 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (08/27/2014 04:41:32 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (08/27/2014 04:17:12 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

System errors:
=============
Error: (08/28/2014 03:21:57 AM) (Source: DCOM) (EventID: 10010) (User: M)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (08/27/2014 11:20:16 AM) (Source: DCOM) (EventID: 10010) (User: M)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (08/27/2014 11:19:46 AM) (Source: DCOM) (EventID: 10010) (User: M)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (08/27/2014 10:47:18 AM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: The NPEService service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (08/27/2014 03:37:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update ClearThink service failed to start due to the following error:
%%2

Error: (08/27/2014 03:13:42 AM) (Source: DCOM) (EventID: 10010) (User: M)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (08/27/2014 02:58:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update ClearThink service failed to start due to the following error:
%%2

Error: (08/27/2014 02:57:27 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error:
%%1062

Error: (08/26/2014 11:27:55 PM) (Source: DCOM) (EventID: 10010) (User: M)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (08/26/2014 11:27:25 PM) (Source: DCOM) (EventID: 10010) (User: M)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Microsoft Office Sessions:
=========================
Error: (08/28/2014 00:49:22 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (08/27/2014 11:08:49 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mbam.exe1.0.0.5329ac01cfc206fc51edd915C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe08ecca5b-2dfc-11e4-8278-201a067c3736

Error: (08/27/2014 10:55:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: delegate_execute.exe37.0.2062.9453f3d8c3delegate_execute.exe37.0.2062.9453f3d8c3c0000005000000000004cd0cb9801cfc206df0cdc83C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.94\delegate_execute.exeC:\Program Files (x86)\Google\Chrome\Application\37.0.2062.94\delegate_execute.exe1fbcf9d3-2dfa-11e4-8278-201a067c3736

Error: (08/27/2014 10:52:58 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (08/27/2014 10:48:56 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (08/27/2014 10:24:12 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (08/27/2014 09:31:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: TssSrv.exe1.0.1.05230f3bfntdll.dll6.3.9600.1711453648f36c0000374000df63611a001cfc1fab9f3b651C:\Program Files (x86)\Toshiba\System Setting\TssSrv.exeC:\Windows\SYSTEM32\ntdll.dll6be86fa3-2dee-11e4-8275-201a067c3736

Error: (08/27/2014 09:28:10 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (08/27/2014 04:41:32 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (08/27/2014 04:17:12 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

==================== Memory info ===========================

Processor: Intel® Core™ i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 28%
Total physical RAM: 6059.86 MB
Available physical RAM: 4333.13 MB
Total Pagefile: 7019.86 MB
Available Pagefile: 5405.09 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (TI10676500E) (Fixed) (Total:688.52 GB) (Free:581.13 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users