Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can not load a certain browser game client.


  • This topic is locked This topic is locked
7 replies to this topic

#1 Nodder

Nodder

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:39 PM

Posted 11 October 2014 - 01:37 PM

Good day, evening, morning!

 

I am having this trouble since yesterday. For some reason i can not load a browser game client (that was running perfectly a day before that) on my Windows 8 PC in Chrome.

I have contacted game developers team on their forums and they told me to post ''Developers Console'' content for them to see. And this is what they have told me:

 

   ex.js and itn.js are not Nodiatis related at all, and for some reason you are not able to load client.js due to a connection reset. display-trk.com is showing as an adware/spyware host, so you are definitely infected with unwanted software that is likely interfering with the loading of the Nodiatis client. You can try to use malwarebytes or some other method to remove this software.

 

You can see the whole conversation here: http://forums.nodiatis.com/forums/showthread.php?p=176311#post176311

 

I have used Malwarebytes (which found and quarantined a bunch of threats), and run a few scans on my free version of Comodo Antivirus, but still the browser game wont back. 

What do i do? ;<

 

It somehow related to ''i.display-trk.com'' as was shown in Developers console before i did a scan with Malwarebytes, after the scan and quarantine it doesnt appear in console content.


Edited by Nodder, 11 October 2014 - 01:44 PM.


BC AdBot (Login to Remove)

 


#2 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,161 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:08:39 PM

Posted 12 October 2014 - 03:03 AM

Hello Nodder and welcome to BleepingComputer!       :)

 

My name is Sirawit and I'm here to help you.

 

Please note that I'm currently in training and my fixes need to be check for approval first, that may delay our fix a bit, but I will normally reply back in 24 hours.

 

If I don't reply after 2 days, feel free to PM me.       :)

==========================================================================

Some points for you to keep in mind:

  • Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planned. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.
  • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Do not attach logs or use code boxes, just copy and paste the text.
  • Periodically update me on the condition of your computer, and provide detail in every post.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • Once things seem to be working again, please do not abandon the thread. I will give an "all-clean" message at the very end with some additional information on how to stay malware-free.
  • Lastly, I would like to remind you that most members here are volunteers, and sometimes "real life" can get in the way of our malware hunt. I will notify you if I know I will need to be away for longer than 48 hours.

==========================================================================

 

Farbar Recovery Scan Tool (FRST)

  • Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop.
  • If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn't run properly the other one should.
  • Double click the icon.
  • Click Yes to the disclaimer.
  • Make sure the Addition.txt box is checked.
  • Click Scan and allow the program to run.
  • Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen.
  • 2 Notepad documents should now be open on your desktop.
  • Please copy and paste the contents of both in your reply

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#3 Nodder

Nodder
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:39 PM

Posted 12 October 2014 - 08:45 AM

Hello, Sirawit! Thank you for your reply. I used the program you have recommended and here is what i have got inside of those Notepad Documents:


FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-10-2014

Ran by Mikha (administrator) on MIKHA on 12-10-2014 22:40:30
Running from C:\Users\Mikha\Downloads
Loaded Profile: Mikha (Available profiles: Mikha)
Platform: Windows 8 (X64) OS Language: 日本語 (日本)
Internet Explorer Version 10
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Sony Corporation) C:\Program Files\Sony\NFC Connection Utility\NFCConnectionUtility.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices64.exe
(IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit_manager.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\main.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Comodo Security Solutions, Inc.) C:\Program Files\COMODO\GeekBuddy\unit.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
() C:\Program Files (x86)\CyberLink\Digital Media Player Library v4\Player\Binary\CLHNServer\CLHNService.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
() C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CisTray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Microsoft Corporation) C:\Windows\System32\IME\SHARED\ImeBroker.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adblock) C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\Suc13_FileShredder.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\CCE.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Registration Client\FloatingUI.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-11] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM\...\Run: [Trend Micro Titanium] => C:\Program Files\Trend Micro\Titanium\UIFramework\uiWinMgr.exe [1382568 2013-09-17] (Trend Micro Inc.)
HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [216928 2013-08-29] (Trend Micro Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [740376 2013-02-06] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560 2014-06-23] (Razer Inc.)
HKLM-x32\...\Run: [RazerGameBooster] => C:\Program Files (x86)\Razer\Razer Game Booster\RazerGameBooster.exe [61152 2013-11-22] (Razer Inc.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [181208 2013-04-26] (cyberlink)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296520 2014-06-22] (RealNetworks, Inc.)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1508672 2014-06-19] (IObit)
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-02-27] (Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [440632 2014-08-29] (Malwarebytes Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3951043376-2208379405-137478695-1001\...\Run: [uTorrent] => C:\Users\Mikha\AppData\Roaming\uTorrent\uTorrent.exe [1385808 2014-10-08] (BitTorrent Inc.)
HKU\S-1-5-21-3951043376-2208379405-137478695-1001\...\Run: [pamela.exe] => C:\Program Files (x86)\Pamela\Pamela.exe [12146136 2014-06-13] (Scendix Software-Vertriebsges. mbH)
HKU\S-1-5-21-3951043376-2208379405-137478695-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-3951043376-2208379405-137478695-1001\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2281248 2014-08-22] (IObit)
HKU\S-1-5-18\...\RunOnce: [Application Restart #0] => C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe [394624 2014-06-12] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Start GeekBuddy.lnk
ShortcutTarget: Start GeekBuddy.lnk -> C:\Program Files\COMODO\GeekBuddy\launcher.exe (Comodo Security Solutions, Inc.)
Startup: C:\Users\Mikha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote に送る.lnk
ShortcutTarget: OneNote に送る.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=iehp
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKCU - DefaultScope {BDCD328D-536B-46EB-91FA-A72B71576926} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASPJS
SearchScopes: HKCU - {4E115AA7-0698-4C74-BA0B-32A89C92DC9D} URL = http://pt.afl.rakuten.co.jp/c/0d8850b6.ee703e96/_RTvaio10013201?v=2&s=1&sitem={searchTerms}
SearchScopes: HKCU - {BDCD328D-536B-46EB-91FA-A72B71576926} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASPJS
SearchScopes: HKCU - {F46B5D63-4A2A-4EF7-94C6-90C8B6F8B050} URL = http://www.hmv.co.jp/search/searchresultsutf8.asp?keyword={searchTerms}&site=iesonyvaio1
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20013\1.0.1221\1.0.1221\TmopIEPlg.dll (Trend Micro Inc.)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: TmIEPlugInBHO Class -> {1CA1377B-DC1D-4A52-9585-6E06050FAC53} -> C:\Program Files\Trend Micro\AMSP\Module\20013\1.0.1221\1.0.1221\TmopIEPlg32.dll (Trend Micro Inc.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20013\1.0.1221\1.0.1221\TmopIEPlg.dll (Trend Micro Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20013\1.0.1221\1.0.1221\TmopIEPlg32.dll (Trend Micro Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.3.1
Tcpip\..\Interfaces\{38D72E77-89DA-43EC-82FC-EF558094E651}: [NameServer] 156.154.70.22,156.154.71.22
Tcpip\..\Interfaces\{91D9D07F-A193-4DDE-8BA5-06A1C10838DF}: [NameServer] 156.154.70.22,156.154.71.22
 
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.11.0 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.11 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.11 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.11 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.11.0 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{21541D23-FDA1-4bf3-8AF2-8F623BF70B07}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension
FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2014-03-08]
FF HKLM-x32\...\Firefox\Extensions: [{1DD9AC48-0855-4AE7-9934-159B4377FFA2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-06-22]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://search.conduit.com/?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=MBCE963ED-BB03-49B5-A26F-1E50DE553426&SearchSource=55&CUI=&UM=5&UP=SP5013FA77-A623-4B64-B6C8-967E92D28DFA&SSPV=
CHR StartupUrls: Default -> "hxxp://search.conduit.com/?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=MBCE963ED-BB03-49B5-A26F-1E50DE553426&SearchSource=55&CUI=&UM=5&UP=SP5013FA77-A623-4B64-B6C8-967E92D28DFA&SSPV="
CHR DefaultSearchKeyword: Default -> conduit.search
CHR DefaultSearchProvider: Default -> Conduit Search
CHR Profile: C:\Users\Mikha\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google ドキュメント) - C:\Users\Mikha\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-02]
CHR Extension: (Google ドライブ) - C:\Users\Mikha\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-02]
CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\Mikha\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-08-11]
CHR Extension: (YouTube) - C:\Users\Mikha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-02]
CHR Extension: (Google 検索) - C:\Users\Mikha\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-02]
CHR Extension: (RealPlayer Downloader) - C:\Users\Mikha\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-05-02]
CHR Extension: (Google ウォレット) - C:\Users\Mikha\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-02]
CHR Extension: (Gmail) - C:\Users\Mikha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-02]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-06-10]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeActiveFileMonitor11.0; c:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-17] (Adobe Systems Incorporated)
R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [893216 2014-08-18] (IObit)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CLHNService3; C:\Program Files (x86)\CyberLink\Digital Media Player Library v4\Player\Binary\CLHNServer\CLHNService.exe [108904 2014-02-06] ()
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
S2 CLKMSVC10_9EC60124; C:\Program Files (x86)\CyberLink\PowerDVD9\NavFilter\kmsvc.exe [247768 2013-04-26] (CyberLink)
R2 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70352 2014-02-27] (Comodo Security Solutions, Inc.)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6817544 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232 2014-05-21] ()
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-02-27] (Comodo Security Solutions, Inc.)
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336 2014-05-15] (IObit)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129824 2013-01-23] (Intel Corporation)
R2 Intel® Wireless Bluetooth® 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [161736 2013-04-15] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166688 2013-01-23] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2282272 2014-08-19] (IObit)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [441144 2014-08-29] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-07] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-12-03] ()
S4 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-04] (Sony Corporation)
S3 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [4230016 2013-01-28] (Symantec Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-02-06] (Sony Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-06-10] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-06-22] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-06-10] () [File not signed]
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2013-11-22] (Razer Inc.)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [72992 2014-06-06] (IObit)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1642544 2014-02-28] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3386160 2012-12-03] (Intel® Corporation)
R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [132920 2013-03-25] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1385272 2014-08-11] (Motorola Solutions, Inc.)
S3 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0403000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 CFRMD; C:\Windows\System32\DRIVERS\CFRMD.sys [40224 2014-06-26] (Windows ® Win 7 DDK provider)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [23168 2014-04-16] (COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [748784 2014-04-16] (COMODO)
S3 CompFilter64; C:\Windows\System32\drivers\lvbflt64.sys [26784 2012-10-26] (Logicool Co., Ltd.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-10-05] (Disc Soft Ltd)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63000 2014-08-30] ()
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
R1 HMD; C:\Windows\system32\DRIVERS\hmd.sys [14888 2014-06-26] ()
S3 LVRS64; C:\Windows\system32\DRIVERS\lvrs64.sys [351520 2012-10-26] (Logicool Co., Ltd.)
S3 LVUVC64; C:\Windows\system32\DRIVERS\lvuvc64.sys [4758176 2012-10-26] (Logicool Co., Ltd.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2014-05-02] (Intel Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3349984 2014-05-02] (Intel Corporation)
R2 ntk3; C:\Program Files (x86)\CyberLink\Digital Media Player Library v4\Player\Binary\CLHNServer\ntk3_64.sys [83656 2013-05-21] (Cyberlink Corp.)
R2 pxdmxnet; C:\Windows\system32\DRIVERS\pxdmxnet.sys [31032 2014-03-18] (Pixela)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-08-25] ()
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-07-12] (Synaptics Incorporated)
R1 tmactmon; C:\Windows\system32\DRIVERS\tmactmon.sys [109072 2013-09-04] (Trend Micro Inc.)
R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [175528 2013-09-04] (Trend Micro Inc.)
R3 tmeevw; C:\Windows\system32\DRIVERS\tmeevw.sys [94520 2013-03-14] (Trend Micro Inc.)
S0 tmel; C:\Windows\System32\DRIVERS\tmel.sys [34224 2012-07-27] (Trend Micro Inc.)
R1 tmevtmgr; C:\Windows\system32\DRIVERS\tmevtmgr.sys [77184 2013-09-04] (Trend Micro Inc.)
R2 tmusa; C:\Windows\system32\DRIVERS\tmusa.sys [92456 2012-12-24] (Trend Micro Inc.)
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-12 22:40 - 2014-10-12 22:40 - 00032496 _____ () C:\Users\Mikha\Downloads\FRST.txt
2014-10-12 22:40 - 2014-10-12 22:40 - 00000000 ____D () C:\FRST
2014-10-12 22:38 - 2014-10-12 22:38 - 02109952 _____ (Farbar) C:\Users\Mikha\Downloads\FRST64.exe
2014-10-12 17:42 - 2014-10-12 17:42 - 00019687 _____ () C:\Users\Mikha\Desktop\bookmarks_14_10_12.html
2014-10-12 17:00 - 2014-10-12 17:00 - 00000000 ____D () C:\Users\Mikha\AppData\Roaming\Comodo
2014-10-12 16:54 - 2014-10-12 17:07 - 00000000 ____D () C:\Users\Mikha\Downloads\WDelete
2014-10-12 16:45 - 2014-10-12 16:45 - 00002950 _____ () C:\Windows\System32\Tasks\ReclaimerResumeInstall_Mikha
2014-10-12 16:45 - 2014-10-12 16:45 - 00002648 _____ () C:\Windows\System32\Tasks\ReclaimerResumeInstallLogin_Mikha
2014-10-12 16:45 - 2014-10-12 16:45 - 00000386 _____ () C:\Windows\Tasks\ReclaimerResumeInstallLogin_Mikha.job
2014-10-12 16:45 - 2014-10-12 16:45 - 00000386 _____ () C:\Windows\Tasks\ReclaimerResumeInstall_Mikha.job
2014-10-12 16:31 - 2014-10-12 16:31 - 00000254 _____ () C:\Windows\Tasks\ASC7_SkipUac_Mikha.job
2014-10-12 16:29 - 2014-10-12 16:30 - 00000000 ____D () C:\Users\Mikha\Desktop\Docs
2014-10-12 16:19 - 2014-10-12 16:30 - 00000000 ____D () C:\Users\Mikha\Desktop\Images
2014-10-12 16:17 - 2014-10-12 16:44 - 00000000 ____D () C:\Users\Mikha\Desktop\Sound Files
2014-10-12 03:59 - 2014-10-12 03:59 - 00057096 _____ (COMODO CA Limited) C:\Windows\system32\certsentry.dll
2014-10-12 03:58 - 2014-10-12 03:58 - 01060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc71.dll
2014-10-12 03:48 - 2010-08-30 08:34 - 00001214 _____ () C:\Windows\SysWOW64\sqlite3.dll
2014-10-12 03:47 - 2014-10-12 03:52 - 00000000 ____D () C:\AdwCleaner
2014-10-12 02:49 - 2014-10-12 03:46 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-10-12 02:47 - 2014-10-12 03:46 - 00000000 ____D () C:\Users\Mikha\Desktop\Rootkit Killer
2014-10-12 02:46 - 2014-10-12 02:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2014-10-12 02:45 - 2014-10-12 16:16 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2014-10-12 02:45 - 2014-10-12 02:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Exploit
2014-10-12 02:39 - 2014-10-12 22:33 - 01474832 _____ () C:\Windows\system32\Drivers\sfi.dat
2014-10-12 02:39 - 2014-10-12 02:40 - 00000000 ____D () C:\Windows\System32\Tasks\COMODO
2014-10-12 02:39 - 2014-10-12 02:39 - 00001872 _____ () C:\Users\Public\Desktop\COMODO Antivirus.lnk
2014-10-12 02:39 - 2014-10-12 02:39 - 00000000 ___SD () C:\ProgramData\Shared Space
2014-10-12 02:38 - 2014-10-12 03:59 - 00048392 _____ (COMODO CA Limited) C:\Windows\SysWOW64\certsentry.dll
2014-10-12 02:38 - 2014-10-12 03:58 - 00000000 ____D () C:\Program Files (x86)\Comodo
2014-10-12 02:38 - 2014-10-12 02:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2014-10-12 02:38 - 2014-10-12 02:39 - 00000000 ____D () C:\Program Files\COMODO
2014-10-12 02:38 - 2014-10-12 02:38 - 00002013 _____ () C:\Users\Public\Desktop\GeekBuddy.lnk
2014-10-12 02:38 - 2014-10-12 02:38 - 00001116 _____ () C:\Users\Public\Desktop\Comodo Dragon.lnk
2014-10-12 02:38 - 2014-10-12 02:38 - 00000000 ____D () C:\ProgramData\Comodo Downloader
2014-10-12 02:37 - 2014-10-12 17:00 - 00000000 ____D () C:\ProgramData\Comodo
2014-10-12 02:17 - 2014-10-12 02:17 - 00002186 _____ () C:\Users\Mikha\Desktop\Rkill.txt
2014-10-12 01:44 - 2014-10-12 01:45 - 00003245 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-10-12 01:42 - 2014-10-12 01:42 - 00918440 _____ (Oracle Corporation) C:\Users\Mikha\Desktop\chromeinstall-7u67.exe
2014-10-12 01:10 - 2014-10-12 01:18 - 00000000 ____D () C:\ProgramData\MFAData
2014-10-12 01:10 - 2014-10-12 01:10 - 00000000 ____D () C:\Users\Mikha\AppData\Local\MFAData
2014-10-12 01:08 - 2014-10-12 01:08 - 00002259 _____ () C:\Windows\epplauncher.mif
2014-10-11 23:50 - 2014-10-11 23:26 - 00705480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-10-11 23:50 - 2014-10-11 23:26 - 00104904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-11 23:45 - 2014-10-11 23:45 - 00000000 _____ () C:\asc_rdflag
2014-10-11 23:30 - 2014-10-11 23:30 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-11 23:30 - 2014-10-11 23:30 - 02416128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-11 23:30 - 2014-10-11 23:30 - 01549824 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2014-10-11 23:30 - 2014-10-11 23:30 - 01341952 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-10-11 23:30 - 2014-10-11 23:30 - 01126400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-10-11 23:30 - 2014-10-11 23:30 - 00674304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-10-11 23:30 - 2014-10-11 23:30 - 00447296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-10-11 23:30 - 2014-10-11 23:30 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-10-11 23:30 - 2014-10-11 23:30 - 00388729 _____ () C:\Windows\system32\ApnDatabase.xml
2014-10-11 23:30 - 2014-10-11 23:30 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2014-10-11 23:30 - 2014-10-11 23:30 - 00250368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-10-11 23:30 - 2014-10-11 23:30 - 00211456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-10-11 23:30 - 2014-10-11 23:30 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2014-10-11 23:30 - 2014-10-11 23:30 - 00027648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2014-10-11 23:25 - 2014-10-11 23:25 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-10-11 23:25 - 2014-10-11 23:25 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2014-10-11 23:17 - 2014-10-11 23:17 - 03285504 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-10-11 23:17 - 2014-10-11 23:17 - 01623552 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-10-11 23:17 - 2014-10-11 23:17 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-10-11 23:17 - 2014-10-11 23:17 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-10-11 23:17 - 2014-10-11 23:17 - 00253440 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-10-11 23:17 - 2014-10-11 23:17 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2014-10-11 23:17 - 2014-10-11 23:17 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-10-11 23:17 - 2014-10-11 23:17 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-10-11 23:17 - 2014-10-11 23:17 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-10-11 23:17 - 2014-10-11 23:17 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-10-11 23:17 - 2014-10-11 23:17 - 00059400 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-10-11 23:17 - 2014-10-11 23:17 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-10-11 23:17 - 2014-10-11 23:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-10-11 23:17 - 2014-10-11 23:17 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2014-10-11 23:13 - 2014-10-11 23:13 - 01287680 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 19280384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 14369280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 13757440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-11 23:08 - 2014-10-11 23:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-11 23:08 - 2014-10-11 23:08 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-11 23:08 - 2014-10-11 23:08 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-11 23:08 - 2014-10-11 23:08 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-11 23:08 - 2014-10-11 23:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-11 23:08 - 2014-10-11 23:08 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-11 23:00 - 2014-10-11 23:00 - 00875720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-10-11 23:00 - 2014-10-11 23:00 - 00869576 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-10-11 23:00 - 2014-10-11 23:00 - 00678600 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2014-10-11 23:00 - 2014-10-11 23:00 - 00536776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2014-10-11 22:28 - 2014-10-12 16:25 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-11 22:28 - 2014-10-12 02:48 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-11 22:28 - 2014-10-11 22:28 - 00001238 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-10-11 22:28 - 2014-10-11 22:28 - 00000290 _____ () C:\Windows\Tasks\Uninstaller_SkipUac_Administrator.job
2014-10-11 22:28 - 2014-10-11 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-11 22:28 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-11 22:27 - 2014-10-11 22:28 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-11 22:27 - 2014-10-11 22:27 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-11 22:27 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-11 22:26 - 2014-10-11 22:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
2014-10-11 22:18 - 2014-10-11 22:18 - 00001185 _____ () C:\Users\Public\Desktop\IObit Malware Fighter.lnk
2014-10-11 22:18 - 2014-10-11 22:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2014-10-11 22:17 - 2014-06-26 20:00 - 00000000 ____D () C:\Users\Mikha\Downloads\imf2-4-setup
2014-10-11 16:17 - 2014-10-11 16:17 - 00070144 _____ () C:\Windows\SysWOW64\tasks.dll
2014-10-08 20:01 - 2014-10-08 20:01 - 00000868 _____ () C:\Users\Mikha\.lmmsrc.xml
2014-10-08 20:01 - 2014-10-08 20:01 - 00000000 ____D () C:\Users\Mikha\lmms
2014-10-08 19:31 - 2014-10-08 19:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LMMS 1.0.3
2014-10-08 19:30 - 2014-10-08 19:31 - 00000000 ____D () C:\Program Files\LMMS
2014-10-05 02:25 - 2014-10-05 02:49 - 00000000 ____D () C:\Users\Mikha\Documents\Baldur's Gate II - Enhanced Edition
2014-10-05 02:15 - 2014-10-12 00:12 - 00000000 ____D () C:\Program Files (x86)\Baldur's Gate II Enhanced Edition
2014-10-05 02:12 - 2014-10-11 22:41 - 00000000 ____D () C:\Users\Mikha\AppData\Roaming\DAEMON Tools Lite
2014-10-05 02:12 - 2014-10-05 02:12 - 00283064 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtsoftbus01.sys
2014-10-05 02:12 - 2014-10-05 02:12 - 00001958 _____ () C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2014-10-05 02:12 - 2014-10-05 02:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2014-10-05 02:11 - 2014-10-05 02:15 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-10-05 02:11 - 2014-10-05 02:12 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-10-05 02:08 - 2014-10-05 02:08 - 00000000 ____D () C:\Users\Mikha\AppData\Roaming\CyberLink
2014-09-26 11:59 - 2014-09-26 11:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-09-24 00:04 - 2014-09-24 00:04 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-12 22:33 - 2012-07-26 17:12 - 00000000 ____D () C:\Windows\system32\sru
2014-10-12 17:07 - 2014-07-07 18:27 - 00000000 ____D () C:\Users\Mikha\Downloads\3 Teenage Thai Hookers bought by american businessman
2014-10-12 16:56 - 2014-06-21 12:49 - 00000000 ____D () C:\Users\Mikha\Downloads\Various Artists - Hair Metal 100
2014-10-12 16:55 - 2013-12-02 20:15 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-12 16:54 - 2014-09-11 19:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kastor All Video Downloader
2014-10-12 16:54 - 2014-07-08 17:27 - 00000000 ____D () C:\Users\Mikha\Desktop\OLD
2014-10-12 16:29 - 2013-09-17 11:02 - 00000000 ____D () C:\Users\Mikha\Desktop\MAP
2014-10-12 16:27 - 2013-04-28 20:48 - 00488404 _____ () C:\Windows\system32\perfh011.dat
2014-10-12 16:27 - 2013-04-28 20:48 - 00132686 _____ () C:\Windows\system32\perfc011.dat
2014-10-12 16:27 - 2012-07-26 16:28 - 01465484 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-12 10:08 - 2013-12-02 19:46 - 00000000 ____D () C:\Users\Mikha
2014-10-12 10:02 - 2014-07-26 00:29 - 00000000 ____D () C:\Users\Mikha\Desktop\Tongi
2014-10-12 09:37 - 2013-12-16 08:21 - 00000000 ____D () C:\Users\Mikha\Desktop\Nodiatis
2014-10-12 09:33 - 2013-12-02 20:24 - 00000000 ____D () C:\Users\Mikha\AppData\Roaming\uTorrent
2014-10-12 08:55 - 2013-12-02 20:15 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-12 06:32 - 2012-07-26 17:12 - 00000000 ____D () C:\Windows\rescache
2014-10-12 06:20 - 2013-12-02 19:56 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3951043376-2208379405-137478695-1001
2014-10-12 03:58 - 2012-07-26 14:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-10-12 03:57 - 2013-04-28 20:57 - 01701148 _____ () C:\Windows\WindowsUpdate.log
2014-10-12 03:55 - 2012-07-26 16:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-12 02:39 - 2014-06-07 16:58 - 00000000 ____D () C:\Users\Guest
2014-10-12 02:39 - 2014-06-07 16:58 - 00000000 ____D () C:\Users\Administrator
2014-10-12 01:45 - 2013-12-02 21:51 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-12 00:52 - 2014-06-21 00:51 - 00000378 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_Mikha.job
2014-10-12 00:15 - 2012-07-26 17:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-10-12 00:14 - 2012-07-26 14:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-10-11 23:46 - 2013-12-06 16:06 - 86986752 _____ () C:\Windows\system32\config\SOFTWARE.iodefrag.bak
2014-10-11 23:46 - 2013-12-06 16:06 - 00491520 _____ () C:\Windows\system32\config\DEFAULT.iodefrag.bak
2014-10-11 23:46 - 2013-12-06 16:06 - 00028672 _____ () C:\Windows\system32\config\SAM.iodefrag.bak
2014-10-11 23:46 - 2013-12-06 16:06 - 00024576 _____ () C:\Windows\system32\config\SECURITY.iodefrag.bak
2014-10-11 23:34 - 2012-07-26 16:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-10-11 22:51 - 2014-06-20 23:50 - 00000382 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_Mikha.job
2014-10-11 22:41 - 2013-12-02 20:19 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-11 22:28 - 2013-12-02 20:31 - 00000000 ____D () C:\ProgramData\ProductData
2014-10-11 16:14 - 2014-06-03 19:33 - 00000000 ____D () C:\Users\Mikha\AppData\Roaming\Skype
2014-10-06 13:10 - 2014-01-25 00:09 - 00000000 ____D () C:\Program Files (x86)\Warcraft III Reign of Chaos & The Frozen Throne
2014-10-05 02:08 - 2013-04-28 22:14 - 00000000 ____D () C:\ProgramData\CyberLink
2014-10-04 01:15 - 2013-12-04 22:18 - 00000000 ____D () C:\Main
2014-09-27 00:44 - 2013-12-31 00:14 - 00010752 _____ () C:\Users\Mikha\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-26 22:16 - 2012-07-26 17:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-09-26 11:59 - 2014-06-03 19:33 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-09-26 11:59 - 2014-06-03 19:33 - 00000000 ____D () C:\ProgramData\Skype
2014-09-26 02:27 - 2013-12-02 20:08 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-25 02:32 - 2013-12-31 00:13 - 00000000 ____D () C:\Users\Mikha\Documents\ezvid
2014-09-12 16:23 - 2013-12-02 20:45 - 00000000 ____D () C:\Update
2014-09-12 11:11 - 2012-07-26 17:12 - 00000000 ___RD () C:\Windows\ToastData
2014-09-12 11:11 - 2012-07-26 17:12 - 00000000 ____D () C:\Windows\WinStore
 
Files to move or delete:
====================
C:\Users\Mikha\jagex_cl_runescape_LIVE.dat
C:\Users\Mikha\random.dat
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-10-10 22:36
 
==================== End Of Log ============================


#4 Nodder

Nodder
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:39 PM

Posted 12 October 2014 - 08:47 AM

ADDITION.txt

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-10-2014

Ran by Mikha at 2014-10-12 22:41:27
Running from C:\Users\Mikha\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ウイルスバスター クラウド (Disabled - Out of date) {B7599298-8445-728A-A5C7-A26A082C8BDA}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: COMODO Antivirus (Enabled - Up to date) {B74CC7D2-B407-E1DC-1033-DD315BCDC8C8}
AS: ウイルスバスター クラウド (Disabled - Out of date) {0C38737C-A27F-7D04-9F77-991873ABC167}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: COMODO Antivirus (Enabled - Up to date) {0C2D2636-923D-EE52-2A83-E643204A8275}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.)
ACID Music Studio 9.0 (HKLM-x32\...\{79868830-18A0-11E2-A650-F04DA23A5C58}) (Version: 9.0.35 - Sony)
Adobe Photoshop Elements 11 (HKLM-x32\...\Adobe Photoshop Elements 11) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 11 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Adobe Reader XI (11.0.07)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.4.0 - IObit)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Aura Software Manager 1.0.3 (HKLM-x32\...\Aura Software Manager_is1) (Version:  - aura4you.com)
Aura Video Converter 1.6.2 (HKLM-x32\...\Aura Video Converter_is1) (Version:  - Aura4You.com)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.3.4746 - CDBurnerXP)
COMODO Antivirus (HKLM\...\{2736B6BD-31EC-4FC8-A48C-F0A5C914C0B6}) (Version: 7.0.55655.4142 - COMODO Security Solutions Inc.)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 33.1.0.0 - COMODO)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2529 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.2529 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6426.52 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 9.0.6426.52 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
DjVu Viewer version 1.0 (HKLM-x32\...\{3A959BCB-643A-462F-A692-5B7FE4CE35AC}_is1) (Version: 1.0 - djvuviewer.com)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.4 - IObit)
DVD Architect Studio 5.0 (HKLM-x32\...\{4375200F-C451-11E1-865D-F04DA23A5C58}) (Version: 5.0.161 - Sony)
Elements 11 Organizer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ESDL (x32 Version: 1.0.0 - Sony Corporation) Hidden
Ezvid (HKLM-x32\...\{F96D619D-99D6-4C9C-A393-0CD22DE1CA66}_is1) (Version: 0982 - Ezvid, inc.)
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Free WAV To MP3 Converter version 1.0.0.1 (HKLM-x32\...\{5C4D1900-FE1A-4c9c-B91C-B034F56D23D7}_is1) (Version: 1.0.0.1 - )
GeekBuddy (HKLM\...\{C36B3AE4-FCFE-4A0A-AA3D-71E1A51C1F16}) (Version: 4.11.91 - Comodo Security Solutions Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.3.0 - S2 Games)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3372 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 15.6.0.0519 - Intel Corporation) Hidden
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{302600C1-6BDF-4FD1-1304-148929CC1385}) (Version: 3.0.1304.0338 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software Driver (Version: 15.06.0000.0133 - Intel Corporation) Hidden
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 15.06.0000.0090 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.24.738.1 - Intel Corporation) Hidden
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.4 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.3.9.2622 - IObit)
i-フィルター 6.0 (HKLM\...\{FDC60158-F92E-41DA-8515-1A5EAEF89EAC}) (Version: 6.00.22.0115 - デジタルアーツ株式会社)
LMMS 1.0.3 (HKLM-x32\...\LMMS) (Version: 1.0.3 - LMMS Developers)
Malwarebytes Anti-Exploit version 1.04.1.1012 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.04.1.1012 - Malwarebytes)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)
Microsoft Office Home and Business 2013 - ja-jp (HKLM\...\HomeBusinessRetail - ja-jp) (Version: 15.0.4649.1003 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN (Version: 10.0.30319 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - 日本語 (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - JPN) (Version: 10.0.30319 - Microsoft Corporation)
MixPad (HKLM-x32\...\MixPad) (Version: 3.56 - NCH Software)
Movie Studio Platinum 12.0 (64-bit) (HKLM\...\{1D78CF1E-6464-11E2-B9E1-F04DA23A5C58}) (Version: 12.0.756 - Sony)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
Networkx64 (Version: 1.0.0 - Sony Corporation) Hidden
NFC Connection Utility (HKLM\...\{F3FC1B12-45AA-4ACE-AD9F-DFD87BE9457E}) (Version: 1.0.0.14100 - Sony Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.7.0.24 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.3.0.14 - Symantec Corporation) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Pamela Pro 4.8 (HKLM-x32\...\Pamela) (Version: 4.8 - Scendix Software-Vertriebsges. mbH)
PhotoWizard (HKLM-x32\...\{3C100F93-4F0E-4C32-9AEB-EFB3E2CA34F8}) (Version: 1.4.0 - Microsoft)
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version:  - Ndemic Creations)
PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.02.14060 - Sony Corporation)
Presentation Sync (HKLM-x32\...\{95127873-19AF-4C20-BA3A-8B798150DDBB}) (Version: 1.1.0.15210 - Sony Corporation)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
PSE11 STI Installer (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PYV_x86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.1.59.0 - Razer Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.)
RealDownloader (x32 Version: 17.0.11 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.10 - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7177 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.28135 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Smart Defrag 3 (HKLM-x32\...\Smart Defrag 3_is1) (Version: 3.1 - IObit)
Sound Forge Audio Studio 10.0 (HKLM-x32\...\{7ACA8EC0-BEEC-11E1-B83D-F04DA23A5C58}) (Version: 10.0.178 - Sony)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Start Menu 8 (HKLM-x32\...\IObit_StartMenu8_is1) (Version: 1.5.0.0 - IObit)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.2.4 - Synaptics Incorporated)
Trend Micro Titanium (Version: 6.00 - Trend Micro Inc.) Hidden
Update for Japanese Microsoft IME Postal Code Dictionary (HKLM-x32\...\{121C874E-5797-40B2-86CE-CE6624F2711A}) (Version: 15.0.1376 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Dictionary (HKLM-x32\...\{7DB71278-9AD7-4480-AB08-8649C5010B17}) (Version: 15.0.1215 - Microsoft Corporation)
Update for Japanese Microsoft IME Standard Extended Dictionary (HKLM-x32\...\{78CE66A9-85AF-4BD8-8FB7-35B5F3846C00}) (Version: 15.0.1215 - Microsoft Corporation)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO - Remote Keyboard with PlayStation®3 (HKLM-x32\...\{E682702C-609C-4017-99E7-3129C163955F}) (Version: 1.2.1.05220 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.3.2.07020 - Sony Corporation)
VAIO ????????????????? ??????????? (HKLM-x32\...\InstallShield_{A9556859-D269-424A-BF4A-549C90352FB4}) (Version: 4.0 - CyberLink Corp.)
VAIO ????????????????? ??????????? (x32 Version: 4.0 - CyberLink Corp.) Hidden
VAIO BIOS Data Transfer Utility (x32 Version: 1.0.0.02050 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{1C22618A-FEFA-4F20-B67D-F1311E6804AC}) (Version: 8.4.1.07026 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Care ハードウェア診断ツールプラグイン (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.11.1.11210 - Sony Corporation)
VAIO CPU Fan診断ツール (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.2.0.01230 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.2.0.01230 - Sony Corporation) Hidden
VAIO Home Network Video Player (HKLM\...\{FB483FA3-A91A-42C2-B3A6-6F6B504A4C5B}) (Version: 1.2.0.14220 - Sony Corporation)
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.1.00.14260 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.2.0.01240 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.01.11140 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.1.01.15140 - Sony Corporation) Hidden
VAIO Sample Music (HKLM-x32\...\{FBEE3D44-0933-4B84-BB6A-49957F89187F}) (Version: 1.0.0.03051 - Sony Corporation)
VAIO Touch Search (HKLM\...\{F792DDDD-71C8-419E-AE05-46B0CDB1BEC8}) (Version: 1.1.0.1511 - Sony Corporation)
VAIO TV with nasne™ (HKLM-x32\...\{D2E0E138-A565-4787-8E09-F9FDDE447FB0}) (Version: 1.3.0.03140 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO お引越サポート (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VAIO データリストアツール (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.11.0.13250 - Sony Corporation)
VAIO の製品登録 (無料) (HKLM-x32\...\{3F1A81BF-154E-40EE-987B-159E81D25BF7}) (Version: 7.0.0.07200 - Sony Corporation)
VAIO の設定 (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.2.1.03250 - Sony Corporation)
VAIO メディア サーバー設定 (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.1.0.02220 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
Viber (HKCU\...\Viber) (Version: 3.0.0.134193 - Viber Media Inc)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VNT (x32 Version: 1.1.0.03280 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Warcraft III Reign of Chaos & The Frozen Throne (HKLM-x32\...\Warcraft III Reign of Chaos & The Frozen Throne) (Version:  - )
WavePad Sound Editor (HKLM-x32\...\WavePad) (Version: 5.68 - NCH Software)
WinRAR 5.01 (64ビット) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
インテル® PROSet/Wireless NFC ソフトウェア (HKLM\...\インテル® PROSet/Wireless NFC ソフトウェア) (Version: 1.0.1.003 - Intel Corporation)
インテル® PROSet/Wireless NFC ソフトウェア (Version: 1.0.1.003 - Intel Corporation) Hidden
インテル® PROSet/Wireless 
ウイルスバスター クラウド (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 6.0 - トレンドマイクロ株式会社)
ソフトウェア (HKLM-x32\...\{2b83a547-7e0f-4dca-8990-97ff818fa3d8}) (Version: 15.6.0 - Intel Corporation)
筆ぐるめ 20 (HKLM-x32\...\{02D371DE-95DC-4F6F-A1A6-4C957D6721A9}) (Version: 20.00.0006 - 富士ソフト株式会社)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
19-09-2014 08:14:10 スケジュールされたチェックポイント
27-09-2014 03:43:47 スケジュールされたチェックポイント
06-10-2014 06:31:44 スケジュールされたチェックポイント
11-10-2014 13:43:10 Windows モジュール インストーラー
11-10-2014 13:53:44 Windows モジュール インストーラー
11-10-2014 14:02:28 Windows モジュール インストーラー
11-10-2014 16:44:06 Installed Java 7 Update 67
11-10-2014 16:53:08 Removed Java 7 Update 60
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2012-07-26 14:26 - 2012-07-26 14:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {027E94BF-3D90-4185-B5EC-11ECC572E64F} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {08B2E189-C8FA-4631-9BFD-315289A1E614} - System32\Tasks\RNUpgradeHelperLogonPrompt_Mikha => C:\Users\Mikha\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe
Task: {143F2ABD-8E79-4AFE-AEB9-F5E864683BF9} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {17668426-9A24-4175-B968-5D9BAAEE3B3E} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {18CA6DFA-CBE6-409C-B3ED-2F7038C8FF6E} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1D56E75C-C26D-4BA6-96A2-749C701F264A} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {1FAE0D98-EE44-4AA6-B58D-D60E749784D3} - \GPUP No Task File <==== ATTENTION
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {29CFD802-4452-4744-AB95-2B3A664E175B} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3951043376-2208379405-137478695-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-06-10] (RealNetworks, Inc.)
Task: {2FC3368B-865C-49EA-993E-0FA8C891B93C} - System32\Tasks\Sony Corporation\VAIO Registration Client\Half One hour => C:\Program Files (x86)\Sony\VAIO Registration Client\FloatingUI.exe [2012-07-20] (Sony Corporation)
Task: {36DE46B8-CF3E-4D3E-9C82-F10A4DC62A3B} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {3D1970F5-B65E-434F-9AE4-65E3C72AC0AC} - System32\Tasks\ReclaimerResumeInstallLogin_Mikha => C:\Users\Mikha\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-10-12] (RealNetworks, Inc.)
Task: {3F591667-7499-434E-97CD-22FB36FC8EEE} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {45862BE2-F7E6-4613-A7C5-0D65FE5BB810} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {45A82CE2-F7E3-4D96-B904-4A219AB4927B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-02] (Google Inc.)
Task: {4B3C4FA3-806B-4B82-AC53-5E5A3CEDB7DB} - System32\Tasks\RNUpgradeHelperResumePrompt_Mikha => C:\Users\Mikha\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe
Task: {4F380BC0-EB80-4540-8C9E-86B46C4CA9A9} - System32\Tasks\ReclaimerUpdateXML_Mikha => C:\Users\Mikha\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe
Task: {52377160-B696-49E4-9685-F61DF6D4052D} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {540A0598-B53C-439B-BA98-366645A3F81C} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {55FDA214-B07A-4759-8085-E013A69517D2} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)
Task: {65FC3674-915E-44BF-AFB2-0DB66E13DA2E} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe [2014-03-10] (IObit)
Task: {6FD877CB-C86A-40EF-A26A-668669F1FB69} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-04-16] (Sony Corporation)
Task: {6FFDA9AD-EBF2-4583-B85B-EE5826587A14} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {74E4C70C-C2B0-45E7-8E98-D80474ED1287} - System32\Tasks\Norton Online Backup ARA => C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\\Ara.exe [2013-08-27] (Symantec Corporation)
Task: {757023EC-97E7-4C8C-AF73-A80A6F4C2B44} - System32\Tasks\ReclaimerUpdateFiles_Mikha => C:\Users\Mikha\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe
Task: {795CD858-5A91-4234-9654-E9F33967A8D6} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {7D58B4FD-B98A-444C-BA76-18456A09B4E1} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-12] (Microsoft Corporation)
Task: {7FF50567-B3AE-4282-9393-652D542891C7} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {8248709B-8E9E-41B1-A147-8BFDA2AEE522} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-06-25] (Sony Corporation)
Task: {85B4BFCC-413C-4D68-8A65-5512F2534D08} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {8D129312-B6B5-4A70-93D3-BDC18568C7F2} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2013-01-23] (Sony Corporation)
Task: {8F6E25F8-7399-4C72-97C3-47FE37BE1267} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-07-12] (Synaptics Incorporated)
Task: {A2DE5D3E-28FC-465A-92F5-A8A4CC5ACB5B} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-04-16] (Sony Corporation)
Task: {A4F4F54D-6ED2-4FF4-BA00-BC46A5FB1B90} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-02] (Google Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {AB038483-1C57-4A3C-B670-CB03714CED6D} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-Nullworld@yahoo.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-06-16] (Adobe Systems Incorporated)
Task: {ACBA2682-93A0-4922-BF99-986E96F2D878} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-01-24] (Sony Corporation)
Task: {B3CCF25A-F179-4353-A9E3-5F26151770DC} - System32\Tasks\ReclaimerResumeInstall_Mikha => C:\Users\Mikha\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-10-12] (RealNetworks, Inc.)
Task: {BEF8820D-DBE1-41C7-82DB-A33343CA6AF7} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {C09485B7-367D-4E5D-912D-DCB203468002} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => %ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe
Task: {C43C1E39-FE35-4275-B817-0E65C4DD36FF} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CC0C3725-45B7-4982-8D8E-B9F61E22820F} - \EnergoTech Update No Task File <==== ATTENTION
Task: {D3D18DB0-611A-463A-A0CA-3A8A75D182D1} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {D658E66A-39D0-434F-A0AA-A9F0BCC03A6A} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-07-02] (Sony Corporation)
Task: {E4439CDF-4655-42D3-85EE-1198FC8A72CF} - System32\Tasks\Microsoft\Office\IMESharePointDictionary => C:\Program Files (x86)\Common Files\Microsoft Shared\IME15\IMESharePointDictionary.exe [2013-10-17] (Microsoft Corporation)
Task: {E4D2868E-ADC1-4EC0-9A87-6885C2BB44B5} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3951043376-2208379405-137478695-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-06-10] (RealNetworks, Inc.)
Task: {E5CCD6D4-4C21-4F84-A3D5-C44E3D7401EE} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {EACFDA6F-BD0C-48AA-AE1B-1F1436D1F7FE} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2014-05-09] (IObit)
Task: {EB3598E4-5BB5-4B2E-9145-CC87AB9B3251} - System32\Tasks\Microsoft\Windows\Setup\8.1 auto install => C:\Windows\system32\NotificationUI.exe [2014-09-04] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {EE5A8054-0F86-4040-97B1-B77C3634EF9A} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)
Task: {F29A264B-5702-4858-859A-EF607271DA66} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {F6EAE656-26B1-4DCA-9703-8E9FA1CD8E9A} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2014-02-28] (Sony Corporation)
Task: {FA0D788B-9DF1-4636-8BE8-AD7FA39FB79E} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2014-07-03] (Sony Corporation)
Task: {FC696D33-85B7-4F8A-85AF-801EAA810209} - System32\Tasks\Sony Corporation\NFC Connection Utility\NFC Logon Start => C:\Program Files\Sony\NFC Connection Utility\NFCConnectionUtility.exe [2014-02-11] (Sony Corporation)
Task: C:\Windows\Tasks\ASC7U_SkipUac_Mikha.job => C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 7\ASC.exe
Task: C:\Windows\Tasks\ASC7_SkipUac_Mikha.job => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ReclaimerResumeInstallLogin_Mikha.job => C:\Users\Mikha\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerResumeInstall_Mikha.job => C:\Users\Mikha\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerUpdateFiles_Mikha.job => C:\Users\Mikha\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerUpdateXML_Mikha.job => C:\Users\Mikha\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe
Task: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Mikha.job => C:\Users\Mikha\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.01\agent\rnupgagent.exe
Task: C:\Windows\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-04-28 22:21 - 2013-03-14 10:05 - 00049664 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_49.dll
2013-04-28 22:21 - 2013-03-14 10:06 - 00731136 _____ () C:\Program Files\Trend Micro\AMSP\sqlite3.dll
2013-04-28 22:21 - 2013-03-14 10:05 - 00064512 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_49.dll
2013-04-28 22:21 - 2013-03-14 10:06 - 01719808 _____ () C:\Program Files\Trend Micro\AMSP\libprotobuf.dll
2013-04-28 22:21 - 2013-03-14 10:05 - 00016896 _____ () C:\Program Files\Trend Micro\AMSP\boost_system-vc80-mt-1_49.dll
2013-03-15 06:15 - 2013-03-14 10:30 - 00289088 _____ () C:\Program Files\Trend Micro\UniClient\plugins\LUADLL.dll
2014-09-26 02:14 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-06-10 17:50 - 2014-06-10 17:50 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-06-10 22:03 - 2014-06-10 22:03 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2013-03-15 04:21 - 2013-03-14 12:31 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-02-27 12:30 - 2014-02-27 12:30 - 02875600 _____ () C:\Program Files\COMODO\GeekBuddy\QtCore4.dll
2014-02-27 12:30 - 2014-02-27 12:30 - 01283792 _____ () C:\Program Files\COMODO\GeekBuddy\QtNetwork4.dll
2014-02-27 12:30 - 2014-02-27 12:30 - 10451664 _____ () C:\Program Files\COMODO\GeekBuddy\QtGui4.dll
2014-02-27 12:30 - 2014-02-27 12:30 - 00039120 _____ () C:\Program Files\COMODO\GeekBuddy\imageformats\qgif4.dll
2014-02-27 12:30 - 2014-02-27 12:30 - 01529040 _____ () C:\Program Files\COMODO\GeekBuddy\QtScript4.dll
2014-02-06 17:23 - 2014-02-06 17:23 - 00108904 ____N () C:\Program Files (x86)\CyberLink\Digital Media Player Library v4\Player\Binary\CLHNServer\CLHNService.exe
2014-05-21 19:22 - 2014-05-21 19:22 - 02135232 _____ () C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
2013-04-15 18:39 - 2013-04-15 18:39 - 00073424 _____ () C:\Program Files\COMODO\COMODO Internet Security\scanners\smart.cav
2014-10-12 17:00 - 2014-01-29 23:36 - 00271280 _____ () C:\Program Files\COMODO\COMODO Internet Security\themes\CCE.THEME
2013-11-19 10:21 - 2013-11-19 10:21 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2014-10-11 22:26 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll
2014-06-22 10:22 - 2014-06-22 10:22 - 00861784 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2014-08-11 16:47 - 2014-06-06 13:07 - 00348960 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl
2014-08-11 16:47 - 2014-06-06 13:07 - 00183584 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl
2014-08-11 16:47 - 2014-06-06 13:07 - 00050976 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl
2013-12-04 01:37 - 2012-11-20 16:13 - 00264192 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\D3DX8Wrapper.dll
2013-12-04 01:37 - 2013-11-12 09:57 - 00098304 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\EasyHook32.dll
2014-08-11 16:47 - 2014-06-06 13:08 - 00041248 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll
2014-10-11 22:26 - 2013-01-15 18:47 - 00893248 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\webres.dll
2014-09-26 02:14 - 2014-09-26 02:14 - 00316576 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-10-11 22:17 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2014-10-11 22:17 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2014-10-11 22:17 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl
2014-10-11 22:17 - 2013-12-12 18:46 - 08001344 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\WebUI.dll
2014-10-11 22:17 - 2013-10-16 22:17 - 00185168 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\libcurl-4.dll
2014-10-11 22:17 - 2013-05-16 19:26 - 00182080 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2014-10-11 22:17 - 2013-05-16 19:26 - 00145216 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2013-04-28 21:29 - 2013-01-23 18:26 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-10-11 22:26 - 2013-12-02 19:06 - 01281312 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\Scan.dll
2014-10-11 22:26 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madExcept_.bpl
2014-10-11 22:26 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madBasic_.bpl
2014-10-11 22:26 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\madDisAsm_.bpl
2014-06-22 10:22 - 2014-06-22 10:22 - 00573528 _____ () c:\program files (x86)\real\realplayer\RPDS\Lib\r1api.dll
2014-09-25 10:02 - 2014-09-23 13:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 10:02 - 2014-09-23 13:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 10:02 - 2014-09-23 13:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 10:02 - 2014-09-23 13:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-25 10:02 - 2014-09-23 13:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\StartupFolder: => "RealPlayer Cloud Service UI.lnk"
HKLM\...\StartupApproved\Run32: => "TkBellExe"
HKCU\...\StartupApproved\Run: => "pamela.exe"
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-3951043376-2208379405-137478695-500 - Administrator - Disabled)
Guest (S-1-5-21-3951043376-2208379405-137478695-501 - Limited - Disabled)
Mikha (S-1-5-21-3951043376-2208379405-137478695 - Administrator - Enabled)
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Microsoft ISATAP Adapter #3
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Microsoft 6to4 Adapter
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/12/2014 10:39:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows がクラス レジストリ ファイルをロードできません。
 詳細 - 構成レジストリ データベースが壊れています。
 
Error: (10/12/2014 10:39:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: レジストリを読み込めませんでした。メモリが不足しているか、セキュリティの権限が不足している可能性があります。
 
 詳細 - 構成レジストリ データベースが壊れています。
 - C:\Users\Mikha\AppData\Local\Microsoft\Windows\\UsrClass.dat
 
Error: (10/12/2014 10:39:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows がクラス レジストリ ファイルをロードできません。
 詳細 - 構成レジストリ データベースが壊れています。
 
Error: (10/12/2014 10:39:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: レジストリを読み込めませんでした。メモリが不足しているか、セキュリティの権限が不足している可能性があります。
 
 詳細 - 構成レジストリ データベースが壊れています。
 - C:\Users\Mikha\AppData\Local\Microsoft\Windows\\UsrClass.dat
 
Error: (10/12/2014 10:33:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 障害が発生しているアプリケーション名: wermgr.exe、バージョン: 6.2.9200.16384、タイム スタンプ: 0x50109a05
障害が発生しているモジュール名: combase.dll、バージョン: 6.2.9200.16420、タイム スタンプ: 0x505a9af2
例外コード: 0xc0000005
障害オフセット: 0x000000000015d46d
障害が発生しているプロセス ID: 0x4678
障害が発生しているアプリケーションの開始時刻: 0xwermgr.exe0
障害が発生しているアプリケーション パス: wermgr.exe1
障害が発生しているモジュール パス: wermgr.exe2
レポート ID: wermgr.exe3
障害が発生しているパッケージの完全な名前: wermgr.exe4
障害が発生しているパッケージに関連するアプリケーション ID: wermgr.exe5
 
Error: (10/12/2014 10:33:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: 障害が発生しているアプリケーション名: DllHost.exe、バージョン: 6.2.9200.16384、タイム スタンプ: 0x50108850
障害が発生しているモジュール名: ntdll.dll、バージョン: 6.2.9200.16912、タイム スタンプ: 0x536464ba
例外コード: 0xc0000374
障害オフセット: 0x00000000000e9d19
障害が発生しているプロセス ID: 0x3f44
障害が発生しているアプリケーションの開始時刻: 0xDllHost.exe0
障害が発生しているアプリケーション パス: DllHost.exe1
障害が発生しているモジュール パス: DllHost.exe2
レポート ID: DllHost.exe3
障害が発生しているパッケージの完全な名前: DllHost.exe4
障害が発生しているパッケージに関連するアプリケーション ID: DllHost.exe5
 
Error: (10/12/2014 10:33:10 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows がクラス レジストリ ファイルをロードできません。
 詳細 - 構成レジストリ データベースが壊れています。
 
Error: (10/12/2014 10:33:10 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: レジストリを読み込めませんでした。メモリが不足しているか、セキュリティの権限が不足している可能性があります。
 
 詳細 - 構成レジストリ データベースが壊れています。
 - C:\Users\Mikha\AppData\Local\Microsoft\Windows\\UsrClass.dat
 
Error: (10/12/2014 04:59:50 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Windows がクラス レジストリ ファイルをロードできません。
 詳細 - 構成レジストリ データベースが壊れています。
 
Error: (10/12/2014 04:59:50 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: レジストリを読み込めませんでした。メモリが不足しているか、セキュリティの権限が不足している可能性があります。
 
 詳細 - 構成レジストリ データベースが壊れています。
 - C:\Users\Mikha\AppData\Local\Microsoft\Windows\\UsrClass.dat
 
 
System errors:
=============
Error: (10/12/2014 05:03:04 PM) (Source: DCOM) (EventID: 10010) (User: MIKHA)
Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}
 
Error: (10/12/2014 10:05:05 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: アプリケーション固有ローカルアクティブ化{A4FBCBC6-4BE5-4C3D-8AB5-8B873357A23E}{B0316D0C-DA2F-40E0-9F91-F600CAF042DC}NT AUTHORITYSYSTEMS-1-5-18LocalHost (LRPC 使用)利用不可利用不可
 
Error: (10/12/2014 09:06:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: アプリケーション固有ローカルアクティブ化{A4FBCBC6-4BE5-4C3D-8AB5-8B873357A23E}{B0316D0C-DA2F-40E0-9F91-F600CAF042DC}NT AUTHORITYSYSTEMS-1-5-18LocalHost (LRPC 使用)利用不可利用不可
 
Error: (10/12/2014 09:06:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: アプリケーション固有ローカルアクティブ化{A4FBCBC6-4BE5-4C3D-8AB5-8B873357A23E}{B0316D0C-DA2F-40E0-9F91-F600CAF042DC}NT AUTHORITYSYSTEMS-1-5-18LocalHost (LRPC 使用)利用不可利用不可
 
Error: (10/12/2014 09:06:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: アプリケーション固有ローカルアクティブ化{A4FBCBC6-4BE5-4C3D-8AB5-8B873357A23E}{B0316D0C-DA2F-40E0-9F91-F600CAF042DC}NT AUTHORITYSYSTEMS-1-5-18LocalHost (LRPC 使用)利用不可利用不可
 
Error: (10/12/2014 09:06:19 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: アプリケーション固有ローカルアクティブ化{A4FBCBC6-4BE5-4C3D-8AB5-8B873357A23E}{B0316D0C-DA2F-40E0-9F91-F600CAF042DC}NT AUTHORITYSYSTEMS-1-5-18LocalHost (LRPC 使用)利用不可利用不可
 
Error: (10/12/2014 03:56:31 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Skype Click to Call PNR Service サービスは開始時にハングしました。
 
Error: (10/12/2014 01:38:43 AM) (Source: DCOM) (EventID: 10016) (User: MIKHA)
Description: アプリケーション固有ローカル起動{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MikhaMikhaS-1-5-21-3951043376-2208379405-137478695-1001LocalHost (LRPC 使用)利用不可利用不可
 
Error: (10/12/2014 01:38:43 AM) (Source: DCOM) (EventID: 10016) (User: MIKHA)
Description: アプリケーション固有ローカル起動{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MikhaMikhaS-1-5-21-3951043376-2208379405-137478695-1001LocalHost (LRPC 使用)利用不可利用不可
 
Error: (10/12/2014 01:38:43 AM) (Source: DCOM) (EventID: 10016) (User: MIKHA)
Description: アプリケーション固有ローカル起動{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MikhaMikhaS-1-5-21-3951043376-2208379405-137478695-1001LocalHost (LRPC 使用)利用不可利用不可
 
 
Microsoft Office Sessions:
=========================
Error: (10/12/2014 10:39:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: 構成レジストリ データベースが壊れています。
 
Error: (10/12/2014 10:39:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: 構成レジストリ データベースが壊れています。
C:\Users\Mikha\AppData\Local\Microsoft\Windows\\UsrClass.dat
 
Error: (10/12/2014 10:39:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: 構成レジストリ データベースが壊れています。
 
Error: (10/12/2014 10:39:33 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: 構成レジストリ データベースが壊れています。
C:\Users\Mikha\AppData\Local\Microsoft\Windows\\UsrClass.dat
 
Error: (10/12/2014 10:33:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wermgr.exe6.2.9200.1638450109a05combase.dll6.2.9200.16420505a9af2c0000005000000000015d46d467801cfe6211ebd5f6dC:\Windows\system32\wermgr.exeC:\Windows\SYSTEM32\combase.dll5ce5a82b-5214-11e4-bec3-606c66a67966
 
Error: (10/12/2014 10:33:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DllHost.exe6.2.9200.1638450108850ntdll.dll6.2.9200.16912536464bac000037400000000000e9d193f4401cfe6211842a7b7C:\Windows\system32\DllHost.exeC:\Windows\SYSTEM32\ntdll.dll57a73222-5214-11e4-bec3-606c66a67966
 
Error: (10/12/2014 10:33:10 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: 構成レジストリ データベースが壊れています。
 
Error: (10/12/2014 10:33:10 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: 構成レジストリ データベースが壊れています。
C:\Users\Mikha\AppData\Local\Microsoft\Windows\\UsrClass.dat
 
Error: (10/12/2014 04:59:50 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: 構成レジストリ データベースが壊れています。
 
Error: (10/12/2014 04:59:50 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: 構成レジストリ データベースが壊れています。
C:\Users\Mikha\AppData\Local\Microsoft\Windows\\UsrClass.dat
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-10-12 22:39:31.832
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-12 17:24:54.867
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-12 17:13:06.806
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-12 16:52:54.562
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-12 16:22:27.866
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-12 10:05:27.728
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-12 09:33:00.714
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-12 09:05:01.952
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-12 04:15:15.204
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-10-12 03:58:30.845
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-3537U CPU @ 2.00GHz
Percentage of memory in use: 33%
Total physical RAM: 8070.8 MB
Available physical RAM: 5382.45 MB
Total Pagefile: 18310.8 MB
Available Pagefile: 12405.03 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:896.41 GB) (Free:638 GB) NTFS
Drive g: () (Removable) (Total:3.73 GB) (Free:3.69 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: A8752AB4)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (Size: 3.7 GB) (Disk ID: 04030201)
Partition 1: (Not Active) - (Size=3.7 GB) - (Type=0B)
 
==================== End Of Log ============================


#5 Nodder

Nodder
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:10:39 PM

Posted 12 October 2014 - 08:50 AM

My computer runs normally as usual. I just have a slight feeling of it being a bit slower than before, but my main concern is that i still can not load http://nodiatis.com/ page.

Malwarebytes that i have used firstly to threat this problem has found a good bunch of malwares but still i didnt help me solving my issue. Also can not access to the browser game's straight link: https://nd1.nodiatis.com/


Edited by Nodder, 12 October 2014 - 09:39 AM.


#6 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,161 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:08:39 PM

Posted 14 October 2014 - 12:56 PM

Hi Nodder.

 

This post is going to be long, so I've separated it into 4 sections which had been indicated with numbers.

 

-----------------

 

:step1: Going over your logs I noticed that you have uTorrent installed.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall uTorrent, however that choice is up to you. If you choose to remove these programs, you can do so viaStart > Control Panel > Add/Remove Programs.

If you wish to keep it, please do not use it until your computer is cleaned.

 

--------------------

:step2: We need to run a fix with FRST:

  • Please download the attached fixlist.txt file and save it to the same location as FRST
    Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
    [attachment=156150:fixlist.txt]
  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply

----------------

 

:step3: Multiple Antivirus detected.

 

I do not recommend that you have more than one anti-virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti-virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
1) False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't. 
2) System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
Therefore please go to add/remove in the control panel and remove either Trend Micro Titanium or Comodo Antivirus.

 

------------------------

 

:step4: We need to remove programs using "Programs and Features"

Open Computer and click on the "Computer" tab, then click on Uninstall or Change a Program.

A list of programs installed will be "populated" (this may take a bit of time).
If they exist, uninstall the following by clicking the below entries and selecting "Remove":

  • Aura Software Manager 
  • Driver Booster
  • IObit Malware Fighter
  • IObit Uninstaller
  • Smart Defrag 3
  • Surfing Protection

After you uninstalled above programs, please restart your computer.

 

Additional instructions can be found here if needed.

 

-------------------

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#7 Sirawit

Sirawit

    Bleepin' Brony


  • Malware Response Team
  • 4,161 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Thailand
  • Local time:08:39 PM

Posted 18 October 2014 - 07:47 AM

It had been three days since my last reply. Are you still there?

 

Thank you.


If I don't reply back to you in 2 days, feel free to send me a PM.

 

“You’re lying… just like you were lying to me before. You have to hate me. I’ve been the worst daughter in the world… you should hate me.”

“But I don’t, Nyx. Because, Nyx, I’m your mother, and a mother will always love her daughter, no matter what.” -Past sins by Pen stroke.


#8 whoabuddy

whoabuddy

    Bleepin' Verbose


  • Malware Response Instructor
  • 2,053 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Cottonwood, AZ
  • Local time:05:39 AM

Posted 21 October 2014 - 08:46 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Meditate. Elevate. Appreciate. | "Life is a journey, love is the destination, happiness is the path!"
If I am helping you and have not responded within 48 hours, please send me a PM.
Vi Veri Universum Vivus Vici (VVVVV)
Excellent Security Advice
Proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users