Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

COM Surrogate problem please help


  • This topic is locked This topic is locked
15 replies to this topic

#1 majinsoo

majinsoo

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:29 AM

Posted 13 November 2014 - 10:19 AM

Got a popup on google chrome and then a file called "update" downloaded automatically. So I got scared and went to downloads folder and deleted the file right away. Then i closed out of chrome, and tried to open it back up but it wouldn't. Restarted CPU, opened chrome and got a "preference file is corrupt" message and all my preferences were deleted.

Now i'm seeing this COM Surrogate thing on my task manager but quickly disappears few seconds after. So I did a google search on what that was and found out about some kind of virus, now i'm here asking for help please and thank you.

Windows 8.1 64



BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:29 AM

Posted 18 November 2014 - 11:15 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/555957 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,600 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:29 AM

Posted 23 November 2014 - 11:20 AM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!

#4 majinsoo

majinsoo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:29 AM

Posted 24 November 2014 - 11:03 AM

1. Not sure if i got the virus from a popup or i've had it for a while and just didn't knotice but google'd "com surrogate" and people complaining about a virus came up so i checked up on it.

 

2. DDS is not meant to run in 'Compatibility Mode' (Windows 8.1 64bit)

 

3. No i do not have the CD/DVD

 

*edit* I used to see 2 COM Surrogate processes in my task manager and they would dissapear after a second or two, but now I see 3 of them and 1 stays while the other 2 dissapears.


Edited by majinsoo, 24 November 2014 - 11:04 AM.


#5 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:29 PM

Posted 24 November 2014 - 04:08 PM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully: :exclame:
  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
Step 1

Please run a FRST scan. This will help us diagnose your problem.

frst.pngfrstscan.png
Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#6 majinsoo

majinsoo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:29 AM

Posted 24 November 2014 - 04:53 PM

LastRegBack: 2014-11-23 02:59
 
==================== End Of Log ============================
 
2012-08-31 16:09 - 2012-06-01 02:42 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2013-07-31 05:51 - 2013-07-27 01:48 - 00267040 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libzmq.dll
2012-08-31 16:12 - 2012-05-02 12:24 - 00064512 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_49.dll
2012-08-31 16:12 - 2012-05-02 12:27 - 00049664 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_49.dll
2012-08-31 16:09 - 2014-11-22 08:20 - 00026624 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2012-08-31 16:09 - 2010-06-28 19:58 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2012-09-25 03:14 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-11-21 09:09 - 2014-11-14 14:15 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\libglesv2.dll
2014-11-21 09:09 - 2014-11-14 14:15 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\libegl.dll
2014-11-21 09:09 - 2014-11-14 14:15 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\pdf.dll
2014-11-21 09:09 - 2014-11-14 14:15 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\jin\OneDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-891618105-1069895636-3985352252-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-891618105-1069895636-3985352252-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-891618105-1069895636-3985352252-1001\...\StartupApproved\Run: => "EADM"
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-891618105-1069895636-3985352252-500 - Administrator - Disabled)
Guest (S-1-5-21-891618105-1069895636-3985352252-501 - Limited - Disabled)
jin (S-1-5-21-891618105-1069895636-3985352252-1001 - Administrator - Enabled) => C:\Users\jin
UpdatusUser (S-1-5-21-891618105-1069895636-3985352252-1004 - Limited - Enabled) => C:\Users\UpdatusUser
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/23/2014 00:12:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (11/23/2014 08:47:16 AM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=39.0.2171.65;lang=;guid=6084967E005A439084AA4583716C96F2;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\92788444-7f93-4de8-a3c3-2efa5b6e0e4b.dmp
 
Error: (11/23/2014 08:05:43 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (11/23/2014 07:23:57 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (11/23/2014 04:01:22 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 39.0.2171.65 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: d8c
 
Start Time: 01d006eb29417287
 
Termination Time: 4294967295
 
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
Report Id: 0de6d18e-7300-11e4-bf2d-3085a9a69f8c
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (11/22/2014 04:02:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (11/22/2014 08:23:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IAStorDataMgrSvc.exe, version: 11.5.0.1207, time stamp: 0x4ffb4350
Faulting module name: IAStorUtil.ni.dll, version: 11.5.0.1207, time stamp: 0x4ffb434b
Exception code: 0xc0000005
Fault offset: 0x0002f3fd
Faulting process id: 0x504
Faulting application start time: 0xIAStorDataMgrSvc.exe0
Faulting application path: IAStorDataMgrSvc.exe1
Faulting module path: IAStorDataMgrSvc.exe2
Report Id: IAStorDataMgrSvc.exe3
Faulting package full name: IAStorDataMgrSvc.exe4
Faulting package-relative application ID: IAStorDataMgrSvc.exe5
 
Error: (11/22/2014 08:23:03 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: IAStorDataMgrSvc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
 
Error: (11/22/2014 08:20:54 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]
 
Error: (11/22/2014 08:20:51 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]
 
 
System errors:
=============
Error: (11/22/2014 08:23:13 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (11/22/2014 08:20:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
Error: (11/22/2014 08:20:51 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1326
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (11/15/2014 06:42:42 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (11/13/2014 05:49:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (11/13/2014 05:46:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
Error: (11/13/2014 05:46:47 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1326
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (11/13/2014 05:45:52 AM) (Source: DCOM) (EventID: 10010) (User: JSP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (11/13/2014 05:45:22 AM) (Source: DCOM) (EventID: 10010) (User: JSP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (11/13/2014 05:44:02 AM) (Source: DCOM) (EventID: 10010) (User: JSP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
 
Microsoft Office Sessions:
=========================
Error: (11/23/2014 00:12:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (11/23/2014 08:47:16 AM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=39.0.2171.65;lang=;guid=6084967E005A439084AA4583716C96F2;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\92788444-7f93-4de8-a3c3-2efa5b6e0e4b.dmp
 
Error: (11/23/2014 08:05:43 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (11/23/2014 07:23:57 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (11/23/2014 04:01:22 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe39.0.2171.65d8c01d006eb294172874294967295C:\Program Files (x86)\Google\Chrome\Application\chrome.exe0de6d18e-7300-11e4-bf2d-3085a9a69f8c
 
Error: (11/22/2014 04:02:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (11/22/2014 08:23:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IAStorDataMgrSvc.exe11.5.0.12074ffb4350IAStorUtil.ni.dll11.5.0.12074ffb434bc00000050002f3fd50401d006682fd26786C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorUtil\3f0e11a8d07dffdc09655286b5e5a8f8\IAStorUtil.ni.dll72f3e613-725b-11e4-bf2d-3085a9a69f8c
 
Error: (11/22/2014 08:23:03 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: IAStorDataMgrSvc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
 
Error: (11/22/2014 08:20:54 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]
 
Error: (11/22/2014 08:20:51 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 12%
Total physical RAM: 16335.67 MB
Available physical RAM: 14335.58 MB
Total Pagefile: 18767.67 MB
Available Pagefile: 16182.92 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:149.56 GB) (Free:63.18 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (New Volume) (Fixed) (Total:1862.89 GB) (Free:1829.76 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 73B3BF2A)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================


#7 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:29 PM

Posted 24 November 2014 - 04:56 PM

Please post the complete Logs... :)
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#8 majinsoo

majinsoo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:29 AM

Posted 24 November 2014 - 07:14 PM

here is FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-11-2014 01
Ran by jin (administrator) on JSP on 24-11-2014 17:11:11
Running from C:\Users\jin\Desktop
Loaded Profile: jin (Available profiles: jin & UpdatusUser)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
(Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(cyberlink) C:\Program Files (x86)\CyberLink\Shared files\brs.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [VizorHtmlDialog.exe] => "C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe" "DEF" "EULA" "C:\Program Files\Trend Micro\Titanium\www\Installer.cmpt\resources\common.lproj\preinstall_01_welcome_trial.html"  (the data entry has 17 more characters).
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-27] (NVIDIA Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-10-24] (Razer Inc.)
HKLM-x32\...\Run: [ASUS Easy Update] => C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe [195200 2012-05-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [277504 2012-07-09] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [78352 2012-05-22] (cyberlink)
HKLM-x32\...\Run: [RzWizard] => C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe [254464 2014-05-20] (Razer Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKU\S-1-5-21-891618105-1069895636-3985352252-1001\...\Run: [Steam] => D:\Games\Steam\steam.exe [1672616 2013-07-09] (Valve Corporation)
HKU\S-1-5-21-891618105-1069895636-3985352252-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3595608 2014-07-25] (Electronic Arts)
HKU\S-1-5-21-891618105-1069895636-3985352252-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)
AppInit_DLLs: C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL => C:\PROGRA~2\NVIDIA~1\3DVISI~1\NVSTIN~1.DLL File Not Found
AppInit_DLLs: , C:\PROGRA~1\NVIDIA~1\NVSTRE~1\rxinput.dll => C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll [653600 2013-07-27] (NVIDIA Corporation)
Startup: C:\Users\jin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\jin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-891618105-1069895636-3985352252-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus13.msn.com/
HKU\S-1-5-21-891618105-1069895636-3985352252-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus13.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll No File
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\jin\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension -> C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF Plugin HKU\S-1-5-21-891618105-1069895636-3985352252-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\jin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM\...\Firefox\Extensions: [tmbepff-7.5@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1107\7.5.1107\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [tmbepff-7.5@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1107\7.5.1107\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://asus13.msn.com/
CHR Profile: C:\Users\jin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-20]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (YouTube) - C:\Users\jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-20]
CHR Extension: (Adblock Plus) - C:\Users\jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-12-20]
CHR Extension: (Google Search) - C:\Users\jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-20]
CHR Extension: (Google Wallet) - C:\Users\jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\jin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-20]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-12-29] (Adobe Systems) [File not signed]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-16] (ASUSTeK Computer Inc.)
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [243728 2012-05-23] (CyberLink)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-07-09] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14984480 2013-07-27] (NVIDIA Corporation)
R2 TiMiniService; C:\Program Files\Trend Micro\Titanium\TiMiniService.exe [248640 2012-07-25] (Trend Micro Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AiCharger; C:\Windows\SysWow64\drivers\AiCharger.sys [14848 2012-03-22] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-02] ()
R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek                                            )
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39712 2013-05-14] (NVIDIA Corporation)
R3 rzdaendpt; C:\Windows\System32\drivers\rzdaendpt.sys [33448 2014-09-04] (Razer Inc)
R3 rzvkeyboard; C:\Windows\System32\drivers\rzvkeyboard.sys [31912 2014-09-04] (Razer Inc)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-24 17:11 - 2014-11-24 17:11 - 00015539 _____ () C:\Users\jin\Desktop\FRST.txt
2014-11-24 09:42 - 2014-11-24 09:42 - 00003080 _____ () C:\WINDOWS\System32\Tasks\{4DB501C4-FB14-4745-BB73-B526057DD3FE}
2014-11-18 15:20 - 2014-11-09 16:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-11-18 15:20 - 2014-11-09 16:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-11-18 15:20 - 2014-11-09 16:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2014-11-18 15:20 - 2014-11-09 16:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2014-11-14 01:55 - 2014-11-24 07:40 - 00016016 _____ () C:\Users\jin\Desktop\clickerHeroSave.txt
2014-11-13 15:36 - 2014-11-24 17:11 - 00000000 ____D () C:\FRST
2014-11-13 15:35 - 2014-11-24 14:49 - 02118144 _____ (Farbar) C:\Users\jin\Desktop\FRST64.exe
2014-11-13 06:20 - 2014-11-13 06:20 - 00000658 _____ () C:\DelFix.txt
2014-11-13 05:59 - 2014-11-13 05:59 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-11-13 05:40 - 2014-11-13 05:40 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-11-13 05:32 - 2014-11-13 05:33 - 00037624 _____ () C:\WINDOWS\system32\Drivers\TrueSight.sys
2014-11-13 05:32 - 2014-11-13 05:32 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-11-13 05:21 - 2014-11-13 05:21 - 00000000 ____D () C:\WINDOWS\ERDNT
2014-11-13 05:20 - 2014-11-13 05:20 - 00000943 _____ () C:\Users\UpdatusUser\Desktop\NTREGOPT.lnk
2014-11-13 05:20 - 2014-11-13 05:20 - 00000924 _____ () C:\Users\UpdatusUser\Desktop\ERUNT.lnk
2014-11-13 05:20 - 2014-11-13 05:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-11-13 05:20 - 2014-11-13 05:20 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-11-13 05:00 - 2014-11-13 05:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-11-13 04:54 - 2014-11-13 05:46 - 00003836 _____ () C:\WINDOWS\PFRO.log
2014-11-13 04:37 - 2014-11-13 04:37 - 00000000 __SHD () C:\Users\jin\AppData\Local\EmieUserList
2014-11-13 04:37 - 2014-11-13 04:37 - 00000000 __SHD () C:\Users\jin\AppData\Local\EmieSiteList
2014-11-11 15:02 - 2014-10-09 18:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-11-11 15:02 - 2014-10-09 18:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2014-11-11 15:02 - 2014-10-09 18:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-11-11 15:02 - 2014-10-08 00:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-11-11 15:02 - 2014-10-08 00:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2014-11-11 15:02 - 2014-10-08 00:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-11-11 15:02 - 2014-10-08 00:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2014-11-11 15:02 - 2014-10-07 23:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-11-11 15:02 - 2014-10-07 23:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-11-11 15:02 - 2014-10-07 23:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2014-11-11 15:02 - 2014-10-07 23:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-11-11 15:02 - 2014-10-07 23:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-11-11 15:02 - 2014-10-07 22:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-11-11 15:02 - 2014-09-27 00:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-11-11 15:02 - 2014-09-26 22:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-11-11 15:02 - 2014-09-26 20:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-11-11 15:02 - 2014-09-26 20:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-11-11 15:02 - 2014-09-26 20:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-11-11 15:01 - 2014-10-18 02:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-11-11 15:01 - 2014-10-18 01:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-11-11 15:01 - 2014-10-18 01:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-11-11 15:01 - 2014-10-18 00:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-11-11 15:01 - 2014-10-17 23:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-11-11 15:01 - 2014-10-17 23:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-11-11 15:01 - 2014-10-17 23:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-11-11 15:01 - 2014-10-17 23:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-11-11 15:01 - 2014-10-17 23:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-11 15:01 - 2014-10-17 23:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-11-11 15:01 - 2014-10-17 23:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-11-11 15:01 - 2014-10-17 23:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-11-11 15:01 - 2014-10-17 23:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-11-11 15:01 - 2014-10-17 23:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-11-11 15:01 - 2014-10-17 23:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-11-11 15:01 - 2014-10-17 23:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-11-11 15:01 - 2014-10-17 00:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-11-11 15:01 - 2014-10-16 23:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-11-11 15:01 - 2014-10-12 19:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-11-11 15:01 - 2014-10-10 17:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-11-11 15:01 - 2014-10-10 17:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-11-11 15:01 - 2014-10-08 00:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-11-11 15:01 - 2014-10-08 00:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-11-11 15:01 - 2014-10-07 23:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-11-11 15:01 - 2014-10-07 22:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-11-11 15:01 - 2014-10-07 22:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-11-11 15:00 - 2014-09-21 21:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-11-11 15:00 - 2014-09-21 20:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-11-11 15:00 - 2014-09-21 20:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-11-11 15:00 - 2014-09-21 19:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-11-11 15:00 - 2014-09-18 17:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-11-11 15:00 - 2014-09-02 15:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2014-11-11 15:00 - 2014-09-02 15:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2014-11-11 14:59 - 2014-10-30 22:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-11-11 14:59 - 2014-10-30 22:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2014-11-11 14:59 - 2014-10-30 22:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2014-11-11 14:59 - 2014-10-30 22:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2014-11-11 14:59 - 2014-10-30 22:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2014-11-11 14:59 - 2014-10-30 22:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2014-11-11 14:59 - 2014-10-30 22:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-11-11 14:59 - 2014-10-30 22:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-11-11 14:59 - 2014-10-30 22:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-11-11 14:59 - 2014-10-30 22:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-11 14:59 - 2014-10-30 22:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-11-11 14:59 - 2014-10-30 22:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-11-11 14:59 - 2014-10-30 22:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-11-11 14:59 - 2014-10-30 21:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-11-11 14:59 - 2014-10-30 21:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-11-11 14:59 - 2014-10-30 21:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2014-11-11 14:59 - 2014-10-30 21:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2014-11-11 14:59 - 2014-10-30 21:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2014-11-11 14:59 - 2014-10-30 21:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-11-11 14:59 - 2014-10-30 21:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-11-11 14:59 - 2014-10-30 21:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-11-11 14:59 - 2014-10-30 21:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-11-11 14:59 - 2014-10-30 21:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-11-11 14:59 - 2014-10-30 21:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-11-11 14:59 - 2014-10-30 21:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-11-11 14:59 - 2014-10-30 21:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-11 14:59 - 2014-10-30 21:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-11-11 14:59 - 2014-10-30 21:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2014-11-11 14:59 - 2014-10-30 21:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2014-11-11 14:59 - 2014-10-30 21:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-11-11 14:59 - 2014-10-30 21:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-11-11 14:59 - 2014-10-30 21:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-11-11 14:59 - 2014-10-30 21:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-11-11 14:59 - 2014-10-30 21:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-11-11 14:59 - 2014-10-30 21:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-11-11 14:59 - 2014-10-30 21:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-11-11 14:59 - 2014-10-30 21:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-11-11 14:59 - 2014-10-30 21:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-11-11 14:59 - 2014-10-30 21:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-11-11 14:59 - 2014-10-30 21:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-11-11 14:59 - 2014-10-30 21:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-11-11 14:59 - 2014-10-30 20:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-11-11 14:59 - 2014-10-30 20:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-11-11 14:59 - 2014-10-30 20:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-11-11 14:59 - 2014-10-30 20:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-11-11 14:59 - 2014-10-30 20:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2014-11-11 14:59 - 2014-10-30 20:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-11-11 14:59 - 2014-10-30 20:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2014-11-11 14:59 - 2014-10-30 20:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2014-11-11 14:59 - 2014-10-30 20:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2014-11-11 14:59 - 2014-10-30 20:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2014-11-11 14:59 - 2014-10-30 20:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2014-11-11 14:59 - 2014-10-30 20:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-11-11 14:59 - 2014-10-30 20:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2014-11-11 14:59 - 2014-10-30 20:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-11-11 14:59 - 2014-10-30 20:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-11-11 14:59 - 2014-10-30 20:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-11-11 14:59 - 2014-10-30 20:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-11-11 14:59 - 2014-10-30 20:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-11-11 14:59 - 2014-10-30 20:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-11-11 14:59 - 2014-10-30 20:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-11-11 14:59 - 2014-10-30 20:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-11-11 14:59 - 2014-10-30 20:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2014-11-11 14:59 - 2014-10-30 20:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2014-11-11 14:59 - 2014-10-30 20:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2014-11-11 14:59 - 2014-10-30 20:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-11-11 14:59 - 2014-10-30 20:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-11-11 14:59 - 2014-10-30 20:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-11-11 14:59 - 2014-10-30 20:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2014-11-11 14:59 - 2014-10-30 20:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-11-11 14:59 - 2014-10-30 19:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-11 14:59 - 2014-10-30 19:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2014-11-11 14:59 - 2014-10-30 19:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-11-11 14:59 - 2014-10-30 19:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2014-11-11 14:59 - 2014-10-30 19:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-11-11 14:59 - 2014-10-30 19:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2014-11-11 14:59 - 2014-10-30 19:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-11-11 14:59 - 2014-10-30 19:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-11-11 14:59 - 2014-10-30 19:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-11-11 14:59 - 2014-10-30 19:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-11-11 14:59 - 2014-10-30 19:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-11-11 14:59 - 2014-10-30 19:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-11-11 14:59 - 2014-10-30 19:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-11-11 14:59 - 2014-10-30 19:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-11-11 14:59 - 2014-10-30 19:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-11-11 14:59 - 2014-10-30 19:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-11-11 14:59 - 2014-10-30 19:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-11-11 14:59 - 2014-10-30 19:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-11-11 14:59 - 2014-10-30 19:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2014-11-11 14:59 - 2014-10-30 19:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-11-11 14:59 - 2014-10-30 19:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-11-11 14:59 - 2014-10-30 19:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-11-11 14:59 - 2014-10-22 22:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-11-11 14:59 - 2014-10-22 22:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-11-11 14:59 - 2014-10-06 23:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-11-11 14:59 - 2014-10-06 23:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-11-11 14:59 - 2014-10-06 23:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-11 14:59 - 2014-10-06 23:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-11-11 14:59 - 2014-10-06 23:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2014-11-11 14:59 - 2014-10-06 20:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-11-11 14:59 - 2014-10-06 20:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-11-11 14:59 - 2014-10-06 20:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-11-11 14:59 - 2014-10-06 20:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-11-11 14:59 - 2014-10-06 18:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-11 14:59 - 2014-10-06 18:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-11-11 14:59 - 2014-08-30 17:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-11-11 14:59 - 2014-08-27 19:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-11-11 14:59 - 2014-08-22 22:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-11-11 14:59 - 2014-08-22 22:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-11-11 14:58 - 2014-09-09 23:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-11-11 14:58 - 2014-09-07 20:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-11-11 14:58 - 2014-09-07 20:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-11-11 14:58 - 2014-09-07 15:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-11-11 14:58 - 2014-09-04 15:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-11-11 14:58 - 2014-09-04 15:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-11-11 14:58 - 2014-09-03 20:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-11 14:58 - 2014-09-03 19:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-11-11 14:58 - 2014-09-03 18:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-11-11 14:58 - 2014-09-03 17:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-11-11 14:58 - 2014-08-30 17:17 - 00148800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-11-11 14:58 - 2014-08-30 15:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-11-11 14:58 - 2014-08-30 15:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-11 14:58 - 2014-08-30 14:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2014-11-11 14:58 - 2014-08-30 14:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-11 14:58 - 2014-08-30 13:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2014-11-11 14:58 - 2014-08-30 13:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-11-11 14:58 - 2014-08-27 17:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-11-11 14:58 - 2014-08-27 17:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-11-11 14:58 - 2014-08-22 22:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-11-11 14:58 - 2014-08-22 22:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-11-11 14:58 - 2014-08-22 21:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-11 14:58 - 2014-08-01 17:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-11-11 14:58 - 2014-08-01 17:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-11-10 17:46 - 2014-08-14 17:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-11-10 17:44 - 2014-08-23 00:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-11-10 17:44 - 2014-08-23 00:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-11-10 17:44 - 2014-08-22 23:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-11-10 17:44 - 2014-08-22 22:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-11-10 17:44 - 2014-08-22 21:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-11-10 17:43 - 2014-08-15 21:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-11-10 17:43 - 2014-08-15 21:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-11-10 17:43 - 2014-08-15 20:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-11-10 17:43 - 2014-08-15 20:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-11-10 17:43 - 2014-08-15 20:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-11-10 17:43 - 2014-08-15 18:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-11-10 17:43 - 2014-08-15 18:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-11-10 17:43 - 2014-08-15 17:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-11-10 17:43 - 2014-08-15 17:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-11-10 17:43 - 2014-08-15 17:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-11-10 17:43 - 2014-08-15 17:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-11-10 17:43 - 2014-08-15 17:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-11-10 17:43 - 2014-08-15 17:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-11-10 17:43 - 2014-08-15 17:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-11-10 17:43 - 2014-08-15 17:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-11-10 17:43 - 2014-08-15 17:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-10 17:43 - 2014-08-15 17:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-11-10 17:43 - 2014-08-15 17:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-11-10 17:43 - 2014-08-15 17:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-11-10 17:43 - 2014-08-15 17:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-11-10 17:43 - 2014-08-15 17:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-11-10 17:43 - 2014-08-15 17:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-11-10 17:43 - 2014-08-15 17:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-11-10 17:43 - 2014-08-15 17:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-11-10 17:43 - 2014-08-15 17:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-11-10 17:43 - 2014-08-15 17:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-11-10 17:43 - 2014-08-15 17:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-11-10 17:43 - 2014-08-15 17:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-11-10 17:43 - 2014-08-15 17:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-11-10 17:43 - 2014-08-15 17:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-11-10 17:42 - 2014-08-01 17:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-11-10 17:42 - 2014-07-23 20:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-11-10 17:42 - 2014-07-23 20:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-11-10 17:42 - 2014-07-15 11:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-11-10 17:42 - 2014-07-15 01:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-11-10 17:42 - 2014-07-15 01:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-11-10 17:42 - 2014-07-15 01:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-11-10 17:42 - 2014-07-11 21:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-11-10 17:42 - 2014-07-09 21:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll
2014-11-10 17:42 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-11-10 17:42 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-11-10 17:42 - 2014-06-01 19:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-11-10 17:42 - 2014-05-30 23:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-11-10 17:42 - 2014-05-30 23:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-11-10 17:42 - 2014-05-30 21:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-11-10 17:42 - 2014-05-30 21:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-11-10 17:42 - 2014-05-30 21:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-11-10 17:42 - 2014-05-27 02:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-11-10 17:42 - 2014-05-27 02:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-11-10 17:42 - 2014-05-02 22:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-11-10 17:42 - 2014-05-02 22:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-11-10 17:42 - 2014-05-02 22:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-11-10 17:42 - 2014-05-02 22:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-11-10 17:42 - 2014-05-02 21:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-11-10 17:42 - 2014-05-02 21:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-11-10 17:42 - 2014-05-02 21:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-11-10 17:42 - 2014-05-02 16:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-11-10 17:42 - 2014-04-29 23:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-11-10 17:42 - 2014-04-29 23:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-11-10 17:42 - 2014-04-29 23:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-11-10 17:42 - 2014-04-29 23:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-11-10 17:42 - 2014-04-29 22:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-11-10 17:42 - 2014-04-29 21:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-11-10 17:42 - 2014-04-29 21:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-11-10 17:42 - 2014-04-29 21:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-11-10 17:42 - 2014-04-29 21:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-11-10 17:42 - 2014-04-29 21:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-11-10 17:42 - 2014-04-29 21:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-11-10 17:42 - 2014-04-29 20:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-11-10 17:42 - 2014-04-29 20:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-11-10 17:42 - 2014-04-29 20:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-11-10 17:42 - 2014-04-29 20:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-11-10 17:42 - 2014-04-29 20:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-11-10 17:42 - 2014-04-29 20:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-11-10 17:42 - 2014-04-28 15:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-11-10 17:42 - 2014-04-26 09:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-11-10 17:42 - 2014-04-14 02:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-11-10 17:42 - 2014-04-14 01:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-11-10 17:42 - 2014-04-13 22:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-11-09 01:28 - 2014-11-13 04:32 - 00000000 ___DC () C:\WINDOWS\Panther
2014-11-09 01:27 - 2014-11-09 01:27 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-11-09 01:27 - 2014-11-09 01:27 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-11-09 01:27 - 2014-11-09 01:27 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-11-09 01:27 - 2014-11-09 01:27 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-11-09 01:27 - 2014-11-09 01:27 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-11-09 01:27 - 2014-11-09 01:27 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-11-09 01:26 - 2014-11-09 01:26 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-11-09 01:24 - 2014-11-09 01:24 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-11-09 01:24 - 2014-11-09 01:24 - 00000000 ____D () C:\Program Files\MSBuild
2014-11-09 01:24 - 2014-11-09 01:24 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-11-09 01:24 - 2014-11-09 01:24 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-11-09 01:24 - 2012-07-08 22:43 - 00645952 ____R (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorA.sys
2014-11-09 01:23 - 2013-08-02 21:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-11-09 01:23 - 2013-08-02 21:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-11-09 01:23 - 2013-08-02 21:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-11-09 01:23 - 2013-08-02 21:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-11-09 00:59 - 2014-11-22 08:32 - 00000000 ____D () C:\Users\jin\OneDrive
2014-11-09 00:58 - 2014-11-09 00:58 - 00000000 ____D () C:\Users\jin\AppData\Local\Razer
2014-11-09 00:57 - 2014-11-09 00:57 - 00001449 _____ () C:\Users\jin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-09 00:57 - 2014-11-09 00:57 - 00000020 ___SH () C:\Users\jin\ntuser.ini
2014-11-09 00:52 - 2014-11-09 00:52 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-11-09 00:40 - 2014-11-09 00:40 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-11-09 00:37 - 2014-11-09 00:37 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-11-09 00:36 - 2014-11-09 00:59 - 00000000 ____D () C:\Users\jin
2014-11-09 00:36 - 2014-11-09 00:52 - 00028578 _____ () C:\WINDOWS\diagwrn.xml
2014-11-09 00:36 - 2014-11-09 00:52 - 00028578 _____ () C:\WINDOWS\diagerr.xml
2014-11-09 00:36 - 2014-11-09 00:37 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-09 00:36 - 2014-11-09 00:37 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-11-09 00:36 - 2014-11-09 00:37 - 00000000 ___RD () C:\Users\jin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-09 00:36 - 2014-11-09 00:37 - 00000000 ___RD () C:\Users\jin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-11-09 00:36 - 2014-09-24 00:23 - 00000369 _____ () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-11-09 00:36 - 2014-09-24 00:23 - 00000369 _____ () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-11-09 00:36 - 2014-09-24 00:23 - 00000369 _____ () C:\Users\jin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-11-09 00:36 - 2014-09-24 00:23 - 00000369 _____ () C:\Users\jin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-11-09 00:36 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-09 00:36 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\jin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-09 00:36 - 2013-08-22 08:36 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-09 00:36 - 2013-08-22 08:36 - 00000000 ____D () C:\Users\jin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-09 00:33 - 2014-11-09 00:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-11-09 00:32 - 2014-11-09 00:57 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-11-09 00:32 - 2014-11-09 00:32 - 00000000 ____D () C:\ProgramData\Razer
2014-11-09 00:32 - 2014-11-09 00:32 - 00000000 ____D () C:\Program Files\ASUS
2014-11-09 00:31 - 2014-11-22 08:20 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-09 00:31 - 2014-11-09 00:38 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-11-09 00:31 - 2013-09-05 02:47 - 00061216 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-11-09 00:31 - 2013-09-05 02:47 - 00053024 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2014-11-09 00:31 - 2013-08-29 15:43 - 06599968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-11-09 00:31 - 2013-08-29 15:43 - 03452192 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-11-09 00:31 - 2013-08-29 15:43 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-11-09 00:31 - 2013-08-29 15:43 - 00920864 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-11-09 00:31 - 2013-08-29 15:43 - 00219424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-11-09 00:31 - 2013-08-29 15:43 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-11-09 00:31 - 2013-08-29 13:28 - 03349466 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-11-09 00:30 - 2014-11-24 11:51 - 01465076 _____ () C:\WINDOWS\WindowsUpdate.log
2014-11-09 00:30 - 2014-11-09 00:38 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-11-09 00:30 - 2014-11-09 00:38 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-11-09 00:30 - 2014-11-09 00:30 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-11-09 00:30 - 2014-11-09 00:30 - 00000000 ____D () C:\Program Files\Realtek
2014-11-08 23:32 - 2014-11-09 00:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-08 23:32 - 2014-11-08 23:32 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-11-08 23:32 - 2014-11-08 23:32 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-11-08 23:32 - 2014-11-08 23:32 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-11-08 23:32 - 2014-11-08 23:32 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-11-08 23:32 - 2014-11-08 23:32 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-29 01:56 - 2014-11-13 04:54 - 00000000 ____D () C:\WINDOWS\system32\AutoUpdateLicense
2014-10-28 23:16 - 2014-10-21 20:34 - 00010777 ____N () C:\WINDOWS\system32\AutoconfigV2.cab
2014-10-28 23:16 - 2014-10-21 20:33 - 00581016 ____N () C:\WINDOWS\system32\AutoUpdate.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-24 17:09 - 2012-12-20 17:04 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-24 16:02 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-11-24 15:02 - 2012-12-20 17:08 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-891618105-1069895636-3985352252-1001
2014-11-24 14:58 - 2014-10-19 04:55 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-11-24 08:53 - 2012-08-31 16:12 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-11-23 18:09 - 2012-12-20 17:04 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-22 08:32 - 2013-12-22 05:34 - 00000448 ____H () C:\WINDOWS\Tasks\SK.Enabler-S-1495795506.job
2014-11-22 08:24 - 2014-09-24 00:15 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-11-22 08:20 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-11-22 08:20 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-11-22 03:47 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-11-19 08:06 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-11-17 07:21 - 2012-12-20 19:06 - 00000000 ____D () C:\Users\jin\AppData\Roaming\Skype
2014-11-13 19:31 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-11-13 05:47 - 2012-12-20 17:00 - 00000000 ____D () C:\Users\jin\AppData\Local\VirtualStore
2014-11-13 05:46 - 2014-10-19 04:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-13 05:22 - 2014-10-19 04:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-13 05:22 - 2013-10-22 00:10 - 00001121 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-13 05:00 - 2013-10-14 20:11 - 00000841 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-11-13 05:00 - 2013-10-14 20:11 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-13 04:54 - 2013-08-22 07:44 - 00412488 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-11-13 04:52 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-11-13 04:52 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-11-13 04:52 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-13 04:52 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-11-13 04:52 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-11-13 04:52 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-11-13 04:52 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-11-13 04:35 - 2013-03-04 21:58 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-11-12 18:04 - 2012-12-20 17:04 - 00003886 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-12 18:04 - 2012-12-20 17:04 - 00003650 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-11 17:15 - 2013-08-13 21:10 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-11-11 17:14 - 2012-12-21 17:48 - 103374192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-11-11 06:02 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-11-09 01:28 - 2013-12-13 10:42 - 00000000 ____D () C:\Recovery
2014-11-09 01:28 - 2013-08-22 08:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-11-09 01:27 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-11-09 01:27 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-11-09 01:27 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-11-09 00:59 - 2012-12-20 17:00 - 00000000 ____D () C:\Users\jin\AppData\Local\Packages
2014-11-09 00:58 - 2012-12-20 17:01 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-11-09 00:52 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-11-09 00:52 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-11-09 00:48 - 2013-08-22 08:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-11-09 00:47 - 2013-08-22 08:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-11-09 00:47 - 2012-12-20 16:59 - 00880342 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-11-09 00:41 - 2014-08-07 14:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-11-09 00:41 - 2014-04-29 11:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-11-09 00:41 - 2014-03-29 10:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Full Flush Poker 8.2
2014-11-09 00:41 - 2014-03-03 11:36 - 00000000 ____D () C:\Users\jin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RivaTuner Statistics Server
2014-11-09 00:41 - 2013-12-29 19:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2014-11-09 00:41 - 2013-10-27 00:26 - 00000000 ____D () C:\Users\jin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
2014-11-09 00:41 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-11-09 00:41 - 2013-08-19 01:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-11-09 00:41 - 2013-08-04 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\osu!
2014-11-09 00:41 - 2013-06-06 23:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall
2014-11-09 00:41 - 2013-05-29 04:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-11-09 00:41 - 2013-03-18 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mass Effect 3
2014-11-09 00:41 - 2013-01-22 19:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-11-09 00:41 - 2013-01-19 15:48 - 00000000 ____D () C:\Users\jin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-09 00:41 - 2013-01-19 15:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-09 00:41 - 2012-12-20 22:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-11-09 00:41 - 2012-12-20 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-09 00:41 - 2012-09-25 03:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-11-09 00:41 - 2012-09-25 03:18 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-11-09 00:41 - 2012-08-31 16:34 - 00000000 ____D () C:\WINDOWS\nl
2014-11-09 00:41 - 2012-08-31 16:34 - 00000000 ____D () C:\WINDOWS\it
2014-11-09 00:41 - 2012-08-31 16:34 - 00000000 ____D () C:\WINDOWS\fr
2014-11-09 00:41 - 2012-08-31 16:34 - 00000000 ____D () C:\WINDOWS\es
2014-11-09 00:41 - 2012-08-31 16:34 - 00000000 ____D () C:\WINDOWS\el
2014-11-09 00:41 - 2012-08-31 16:33 - 00000000 ____D () C:\WINDOWS\en
2014-11-09 00:41 - 2012-08-31 16:33 - 00000000 ____D () C:\WINDOWS\de
2014-11-09 00:41 - 2012-08-31 16:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2014-11-09 00:41 - 2012-08-31 14:42 - 00000000 ____D () C:\WINDOWS\en-GB
2014-11-09 00:40 - 2014-09-23 23:33 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-11-09 00:40 - 2014-09-23 23:33 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-11-09 00:40 - 2014-09-23 23:33 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-11-09 00:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-11-09 00:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-11-09 00:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-11-09 00:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2014-11-09 00:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-11-09 00:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-11-09 00:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-11-09 00:40 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-11-09 00:40 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-11-09 00:40 - 2013-08-22 06:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-11-09 00:40 - 2012-07-25 22:37 - 00000000 ____D () C:\Users\Default.migrated
2014-11-09 00:39 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Resources
2014-11-09 00:39 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-11-09 00:39 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\IME
2014-11-09 00:39 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Help
2014-11-09 00:38 - 2013-08-22 08:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-11-09 00:38 - 2013-08-22 08:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-11-09 00:38 - 2013-08-22 08:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-11-09 00:38 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Common Files\System
2014-11-09 00:38 - 2013-08-22 08:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-11-09 00:38 - 2013-07-11 21:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-11-09 00:38 - 2013-03-04 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-11-09 00:38 - 2013-01-02 07:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
2014-11-09 00:38 - 2012-09-25 03:22 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUSDVD
2014-11-09 00:38 - 2012-08-31 16:35 - 00000000 ____D () C:\ProgramData\PRICache
2014-11-09 00:38 - 2012-08-31 16:10 - 00000000 ____D () C:\Program Files\Trend Micro
2014-11-09 00:38 - 2012-08-31 16:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-11-09 00:37 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-11-09 00:37 - 2013-01-12 11:01 - 00000000 ____D () C:\Users\jin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ESEA
2014-11-09 00:37 - 2012-12-20 17:01 - 00000000 ____D () C:\Users\jin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trend Micro Titanium Internet Security
2014-11-09 00:29 - 2013-08-22 06:36 - 00000000 __RHD () C:\Users\Default
2014-11-08 23:51 - 2012-07-26 01:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-11-08 23:32 - 2013-12-26 02:26 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-07 17:49 - 2013-03-27 02:27 - 00001254 _____ () C:\Users\jin\Desktop\the bible.txt
2014-11-06 16:17 - 2012-12-22 10:52 - 00000157 _____ () C:\WINDOWS\SysWOW64\SystemPreferences.xml
2014-10-30 04:25 - 2013-05-28 22:25 - 00275080 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-10-29 17:55 - 2014-09-24 02:55 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-10-29 17:55 - 2014-09-24 02:55 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
 
Some content of TEMP:
====================
C:\Users\jin\AppData\Local\Temp\dllnt_dump.dll
C:\Users\jin\AppData\Local\Temp\Quarantine.exe
C:\Users\jin\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-11-23 02:59
 
==================== End Of Log ============================


Edited by majinsoo, 24 November 2014 - 07:16 PM.


#9 majinsoo

majinsoo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:29 AM

Posted 24 November 2014 - 07:16 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2014 01
Ran by jin at 2014-11-24 17:11:26
Running from C:\Users\jin\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.02 - ASUSTeK Computer Inc.)
ASUS Easy Update (HKLM-x32\...\{E7AA854E-6756-424E-84C2-4E47D5729AFF}) (Version: 2.00.28 - ASUSTeK Computer Inc)
ASUS Music Maker (HKLM-x32\...\MAGIX_{5E00D8DF-905B-41C7-B562-C126DE3A4167}) (Version: 18.0.3.3 - MAGIX AG)
ASUS Music Maker (Version: 18.0.3.3 - MAGIX AG) Hidden
ASUS MX Suite (HKLM-x32\...\MAGIX_{9204F334-2A46-49F1-89C4-65CEB7AC1974}) (Version: 1.13.0.121 - MAGIX AG)
ASUS MX Suite (Version: 1.13.0.121 - MAGIX AG) Hidden
ASUS Video easy (HKLM-x32\...\MAGIX_{7DB84618-76E3-4999-A9A0-D7D756E14129}) (Version: 3.0.1.42 - MAGIX AG)
ASUS Video easy (Version: 3.0.1.42 - MAGIX AG) Hidden
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
CPUID HWMonitor 1.23 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - THQ)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.00 - ASUSTeK Computer Inc.)
ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version:  - Lars Hederer)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Full Flush Poker 8.2 (HKLM-x32\...\Full Flush Poker 8.2) (Version: 8.2.12.201402241200 - Full Flush Poker)
Galeria de Fotografias (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.65 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 12 Essentials OEM.a01 (HKLM-x32\...\{2AC099EA-CC1C-4E4E-BDFC-0353DCF13DD0}) (Version: 12.5.00400 - Nero AG)
NVIDIA 3D Vision Controller Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.49 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6 - NVIDIA Corporation)
NVIDIA Graphics Driver 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.1 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Pokemon Showdown (HKLM-x32\...\Pokemon Showdown) (Version:  - "Pokemon Showdown")
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.2.4-1.0.7299.14 - raidcall.com)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.40 - Ralink)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.17.22879 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.0.0 (HKLM-x32\...\RTSS) (Version: 6.0.0 - Unwinder)
SHIELD Streaming (Version: 1.05.19 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
Trend Micro Titanium (Version: 6.00 - Trend Micro Inc.) Hidden
Trend Micro Titanium Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 6.0 - Trend Micro Inc.)
Unity Web Player (HKU\S-1-5-21-891618105-1069895636-3985352252-1001\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
Why ASUS PC (HKLM-x32\...\{5648F9D9-299E-408C-AC1F-59DC75894A1F}) (Version: 1.00.02 - ASUSTeK Computer Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Συλλογή φωτογραφιών (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
16-11-2014 15:35:41 Scheduled Checkpoint
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {00FDFAED-B825-4974-9499-4A4D2992F405} - System32\Tasks\ASUS\ASUS Smart Cooling Helper => C:\Program Files (x86)\ASUS\AI Suite II\Smart Cooling\AsSmartCoolingService.exe [2012-03-28] (ASUSTeK Computer Inc.)
Task: {19C4882D-B4F4-412E-8548-B04FC83E5455} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-20] (Google Inc.)
Task: {1D9C5BCD-2366-4A1D-9D65-60923513B1D7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-11-11] (Microsoft Corporation)
Task: {3CA99914-31D9-4F5F-85BE-782B67308F9B} - System32\Tasks\SK.Enabler-S-1495795506 => c:\programdata\quickset\sk.enabler\SK.Enabler.exe <==== ATTENTION
Task: {65DE41DD-CC4E-47EF-A26F-353FE047051D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-20] (Google Inc.)
Task: {AB4EC3E5-0820-485C-8A16-E06120D33E29} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {B07D340C-9A99-48B8-B9C6-4020FBC6A637} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-29] (Piriform Ltd)
Task: {DDCAF06A-2C4C-4EB2-872B-2A496D6E79EA} - System32\Tasks\TVT\LenovoWERMonitor => C:\Program Files (x86)\Common Files\lenovo\SUP\sup_wermonitor.exe [2014-03-14] (Microsoft)
Task: {F9E0A4E2-533F-42D3-B3B0-ABEE290F4F19} - System32\Tasks\{78D36BA1-98C9-455F-BD26-F6415C6FFB4F} => Chrome.exe http://ui.skype.com/ui/0/6.18.0.106/en/abandoninstall?page=tsProgressBar
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SK.Enabler-S-1495795506.job => c:\programdata\quickset\sk.enabler\SK.Enabler.exe <==== ATTENTION
 
==================== Loaded Modules (whitelisted) =============
 
2012-08-31 16:09 - 2012-06-01 02:42 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2013-07-31 05:51 - 2013-07-27 01:48 - 00267040 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libzmq.dll
2012-08-31 16:12 - 2012-05-02 12:24 - 00064512 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc80-mt-1_49.dll
2012-08-31 16:12 - 2012-05-02 12:27 - 00049664 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc80-mt-1_49.dll
2012-08-31 16:09 - 2014-11-22 08:20 - 00026624 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2012-08-31 16:09 - 2010-06-28 19:58 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2012-09-25 03:14 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-11-21 09:09 - 2014-11-14 14:15 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\libglesv2.dll
2014-11-21 09:09 - 2014-11-14 14:15 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\libegl.dll
2014-11-21 09:09 - 2014-11-14 14:15 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\pdf.dll
2014-11-21 09:09 - 2014-11-14 14:15 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.65\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\jin\OneDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-891618105-1069895636-3985352252-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-891618105-1069895636-3985352252-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-891618105-1069895636-3985352252-1001\...\StartupApproved\Run: => "EADM"
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-891618105-1069895636-3985352252-500 - Administrator - Disabled)
Guest (S-1-5-21-891618105-1069895636-3985352252-501 - Limited - Disabled)
jin (S-1-5-21-891618105-1069895636-3985352252-1001 - Administrator - Enabled) => C:\Users\jin
UpdatusUser (S-1-5-21-891618105-1069895636-3985352252-1004 - Limited - Enabled) => C:\Users\UpdatusUser
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/23/2014 00:12:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (11/23/2014 08:47:16 AM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=39.0.2171.65;lang=;guid=6084967E005A439084AA4583716C96F2;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\92788444-7f93-4de8-a3c3-2efa5b6e0e4b.dmp
 
Error: (11/23/2014 08:05:43 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (11/23/2014 07:23:57 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (11/23/2014 04:01:22 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program chrome.exe version 39.0.2171.65 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: d8c
 
Start Time: 01d006eb29417287
 
Termination Time: 4294967295
 
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
Report Id: 0de6d18e-7300-11e4-bf2d-3085a9a69f8c
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (11/22/2014 04:02:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (11/22/2014 08:23:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IAStorDataMgrSvc.exe, version: 11.5.0.1207, time stamp: 0x4ffb4350
Faulting module name: IAStorUtil.ni.dll, version: 11.5.0.1207, time stamp: 0x4ffb434b
Exception code: 0xc0000005
Fault offset: 0x0002f3fd
Faulting process id: 0x504
Faulting application start time: 0xIAStorDataMgrSvc.exe0
Faulting application path: IAStorDataMgrSvc.exe1
Faulting module path: IAStorDataMgrSvc.exe2
Report Id: IAStorDataMgrSvc.exe3
Faulting package full name: IAStorDataMgrSvc.exe4
Faulting package-relative application ID: IAStorDataMgrSvc.exe5
 
Error: (11/22/2014 08:23:03 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: IAStorDataMgrSvc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
 
Error: (11/22/2014 08:20:54 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]
 
Error: (11/22/2014 08:20:51 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]
 
 
System errors:
=============
Error: (11/22/2014 08:23:13 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (11/22/2014 08:20:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
Error: (11/22/2014 08:20:51 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1326
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (11/15/2014 06:42:42 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (11/13/2014 05:49:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (11/13/2014 05:46:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
Error: (11/13/2014 05:46:47 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1326
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (11/13/2014 05:45:52 AM) (Source: DCOM) (EventID: 10010) (User: JSP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (11/13/2014 05:45:22 AM) (Source: DCOM) (EventID: 10010) (User: JSP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
Error: (11/13/2014 05:44:02 AM) (Source: DCOM) (EventID: 10010) (User: JSP)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}
 
 
Microsoft Office Sessions:
=========================
Error: (11/23/2014 00:12:16 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (11/23/2014 08:47:16 AM) (Source: Chrome) (EventID: 1) (User: NT AUTHORITY)
Description: Chrome has encountered a fatal error.
ver=39.0.2171.65;lang=;guid=6084967E005A439084AA4583716C96F2;is_machine=1;oop=1;upload=1;minidump=C:\Program Files (x86)\Google\CrashReports\92788444-7f93-4de8-a3c3-2efa5b6e0e4b.dmp
 
Error: (11/23/2014 08:05:43 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (11/23/2014 07:23:57 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (11/23/2014 04:01:22 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: chrome.exe39.0.2171.65d8c01d006eb294172874294967295C:\Program Files (x86)\Google\Chrome\Application\chrome.exe0de6d18e-7300-11e4-bf2d-3085a9a69f8c
 
Error: (11/22/2014 04:02:58 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (11/22/2014 08:23:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IAStorDataMgrSvc.exe11.5.0.12074ffb4350IAStorUtil.ni.dll11.5.0.12074ffb434bc00000050002f3fd50401d006682fd26786C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exeC:\WINDOWS\assembly\NativeImages_v4.0.30319_32\IAStorUtil\3f0e11a8d07dffdc09655286b5e5a8f8\IAStorUtil.ni.dll72f3e613-725b-11e4-bf2d-3085a9a69f8c
 
Error: (11/22/2014 08:23:03 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: IAStorDataMgrSvc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
Stack:
   at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()
   at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()
   at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()
 
Error: (11/22/2014 08:20:54 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcUnregistering VAD endpoint [0]
 
Error: (11/22/2014 08:20:51 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registered successfully [0]
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-3770 CPU @ 3.40GHz
Percentage of memory in use: 12%
Total physical RAM: 16335.67 MB
Available physical RAM: 14371.18 MB
Total Pagefile: 18767.67 MB
Available Pagefile: 16229.99 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:149.56 GB) (Free:63.19 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (New Volume) (Fixed) (Total:1862.89 GB) (Free:1829.76 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: 73B3BF2A)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================


#10 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:29 PM

Posted 25 November 2014 - 12:18 PM

Hi,

Step 1

frst.pngfrstfix.png
Please download the attached fixlist txt.gif and save it in the same directory as FRST.

  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.

Attached File  fixlist.txt   487bytes   3 downloads

Step 2


Don't remove on your own anything that HitmanPro detects!
This scanner, as it is a really good for checking, has been known for deleting files instead of curing them, which in some cases may render the machine unbootable.
Any removals will be done manually after careful analysis of the scan results!


Please download hitmanpro_32.pngHitmanPro 32-bit / HitmanPro 64-bit by SurfRight and save it to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click onhitmanpro.pngicon and select admin.PNGRun as Administrator to start the tool.
  • If the program won't run please run it while holding down the left CTRL key until it's loaded!
  • Click on the Next button (1). You must agree with the terms of EULA (2 - if asked).
  • Check the box beside "No, I only want to perform a one-time scan to check this computer" and click on the Next button. (3)
  • The program will start to scan the computer. It would only take several minutes.
  • When the scan is done click on Save Log (4) and close HitmanPro! (5)
  • Copy and paste the content of the log file in your next reply.

hitman.gif


Step 3

Scan withesetlogo.pngOnline Scanner:

  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start installer.pngwith administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Choose the following settings:

settings.png

  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log filelog.pngis created at logpath.png
    Copy and paste the content of this log file in your next reply.

esetlog.png
Note: Do not forget to re-enable your antivirus application after running the above scan!
eset.gif

Step 4

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste the log in your next reply.

lesestoff.png

Can you please tell me which problems still persist now?
How is the computer running?


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#11 majinsoo

majinsoo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:29 AM

Posted 25 November 2014 - 01:48 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 23-11-2014 01

Ran by jin at 2014-11-25 11:24:18 Run:1
Running from C:\Users\jin\Desktop
Loaded Profile: jin (Available profiles: jin & UpdatusUser)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Task: {3CA99914-31D9-4F5F-85BE-782B67308F9B} - System32\Tasks\SK.Enabler-S-1495795506 => c:\programdata\quickset\sk.enabler\SK.Enabler.exe <==== ATTENTION
c:\programdata\quickset\sk.enabler 
Task: C:\WINDOWS\Tasks\SK.Enabler-S-1495795506.job => c:\programdata\quickset\sk.enabler\SK.Enabler.exe <==== ATTENTION
HKLM-x32\...\Run: [] => [X]
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
EmptyTemp:
*****************
 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3CA99914-31D9-4F5F-85BE-782B67308F9B}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3CA99914-31D9-4F5F-85BE-782B67308F9B}" => Key deleted successfully.
C:\Windows\System32\Tasks\SK.Enabler-S-1495795506 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SK.Enabler-S-1495795506" => Key deleted successfully.
"c:\programdata\quickset\sk.enabler" => File/Directory not found.
C:\WINDOWS\Tasks\SK.Enabler-S-1495795506.job => Moved successfully.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => Key deleted successfully.
EmptyTemp: => Removed 551 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====

HitmanPro 3.7.9.232
www.hitmanpro.com
 
   Computer name . . . . : JSP
   Windows . . . . . . . : 6.3.0.9600.X64/8
   User name . . . . . . : JSP\jin
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free
 
   Scan date . . . . . . : 2014-11-25 11:31:24
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 3m 24s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
 
   Threats . . . . . . . : 0
   Traces  . . . . . . . : 1
 
   Objects scanned . . . : 1,751,381
   Files scanned . . . . : 45,162
   Remnants scanned  . . : 735,870 files / 970,349 keys
 
Suspicious files ____________________________________________________________
 
   C:\Users\jin\Desktop\FRST64.exe
      Size . . . . . . . : 2,118,144 bytes
      Age  . . . . . . . : 0.9 days (2014-11-24 14:49:09)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 00EAA9915EDE35DCF294023D59351A0FBFD132D6C0E3E5729FF1352009726F49
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -0.2s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Results\Resource\{4D6157E3-E085-49BB-93DF-C80FE19DD2D2}
          0.0s C:\Users\jin\Desktop\FRST64.exe
 
 
 

and ESET scanner it says "Can not get update is proxy configured?"


Edited by majinsoo, 25 November 2014 - 01:47 PM.


#12 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:29 PM

Posted 25 November 2014 - 01:51 PM

Please run MiniToolBox and afterwards try ESET again.

Step 1

rzqZvBe.pngMiniToolBox

  • Please download MiniToolBox and save the file to your Desktop.
  • Close any open windows.
  • Right-Click MiniToolBox.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Check the following items:
    • njvAG80.png
    • 6N6QY9z.png
    • zmWTIXg.png
    • VAFn5gg.png
    • AtULTyM.png
    • 4roTXa5.png
    • kLju9nY.png
    • chxHkm0.png
    • 6KiAnDw.png
    • bKYHfhP.png
    • rO2mCup.png & Ii0HSu5.png
    • fd89mAB.png
    • vz7b54X.png
  • Click 9Z8u2SR.png.
  • A log (Result.txt) will be created on your Desktop. Copy the contents of the log and paste in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#13 majinsoo

majinsoo
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:05:29 AM

Posted 25 November 2014 - 06:28 PM

MiniToolBox by Farbar  Version: 21-07-2014
Ran by jin (administrator) on 25-11-2014 at 14:26:36
Running from "C:\Users\jin\Desktop"
Microsoft Windows 8.1  (X64)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
 
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Ethernet (Connected)
802.11n Wireless LAN Card = Wi-Fi 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Wi-Fi 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 12" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="wireless_6" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="wireless_0" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ethernet_3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Jsp
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.co.comcast.net.
 
Wireless LAN adapter Local Area Connection* 12:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 20-68-9D-3F-0B-1B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Ethernet:
 
   Connection-specific DNS Suffix  . : hsd1.co.comcast.net.
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 30-85-A9-A6-9F-8C
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2601:1:9380:1692:6c98:233e:fd57:5a0a(Preferred) 
   Temporary IPv6 Address. . . . . . : 2601:1:9380:1692:c27:5123:78cd:b934(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::6c98:233e:fd57:5a0a%4(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.0.0.2(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, November 25, 2014 11:25:26 AM
   Lease Expires . . . . . . . . . . : Tuesday, December 2, 2014 11:25:25 AM
   Default Gateway . . . . . . . . . : fe80::21d:d1ff:fe25:38e1%4
                                       10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 252755784
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-F3-3B-4C-30-85-A9-A6-9F-8C
   DNS Servers . . . . . . . . . . . : 2001:558:feed::1
                                       2001:558:feed::2
                                       75.75.75.75
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Wireless LAN adapter Wi-Fi 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : 802.11n Wireless LAN Card
   Physical Address. . . . . . . . . : 20-68-9D-3F-0B-19
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter isatap.hsd1.co.comcast.net.:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 13:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6abd:2c37:379f:f5ff:fffd(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::2c37:379f:f5ff:fffd%9(Preferred) 
   Default Gateway . . . . . . . . . : 
   DHCPv6 IAID . . . . . . . . . . . : 150994944
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-17-F3-3B-4C-30-85-A9-A6-9F-8C
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  cdns01.comcast.net
Address:  2001:558:feed::1
 
Name:    google.com
Addresses:  2607:f8b0:400f:801::1007
 74.125.225.194
 74.125.225.197
 74.125.225.198
 74.125.225.192
 74.125.225.201
 74.125.225.206
 74.125.225.199
 74.125.225.200
 74.125.225.196
 74.125.225.195
 74.125.225.193
 
 
Pinging google.com [2607:f8b0:400f:800::100e] with 32 bytes of data:
Reply from 2607:f8b0:400f:800::100e: time=10ms 
Reply from 2607:f8b0:400f:800::100e: time=10ms 
 
Ping statistics for 2607:f8b0:400f:800::100e:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 10ms, Maximum = 10ms, Average = 10ms
Server:  cdns01.comcast.net
Address:  2001:558:feed::1
 
Name:    yahoo.com
Addresses:  206.190.36.45
 98.139.183.24
 98.138.253.109
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=39ms TTL=51
Reply from 206.190.36.45: bytes=32 time=43ms TTL=51
 
Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 39ms, Maximum = 43ms, Average = 41ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...20 68 9d 3f 0b 1b ......Microsoft Wi-Fi Direct Virtual Adapter
  4...30 85 a9 a6 9f 8c ......Realtek PCIe GBE Family Controller
  3...20 68 9d 3f 0b 19 ......802.11n Wireless LAN Card
  1...........................Software Loopback Interface 1
  5...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
  9...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1         10.0.0.2     10
         10.0.0.0    255.255.255.0         On-link          10.0.0.2    266
         10.0.0.2  255.255.255.255         On-link          10.0.0.2    266
       10.0.0.255  255.255.255.255         On-link          10.0.0.2    266
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link          10.0.0.2    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link          10.0.0.2    266
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  4    266 ::/0                     fe80::21d:d1ff:fe25:38e1
  1    306 ::1/128                  On-link
  9    306 2001::/32                On-link
  9    306 2001:0:9d38:6abd:2c37:379f:f5ff:fffd/128
                                    On-link
  4    266 2601:1:9380:1692::/64    On-link
  4    266 2601:1:9380:1692:c27:5123:78cd:b934/128
                                    On-link
  4    266 2601:1:9380:1692:6c98:233e:fd57:5a0a/128
                                    On-link
  4    266 fe80::/64                On-link
  9    306 fe80::/64                On-link
  9    306 fe80::2c37:379f:f5ff:fffd/128
                                    On-link
  4    266 fe80::6c98:233e:fd57:5a0a/128
                                    On-link
  1    306 ff00::/8                 On-link
  4    266 ff00::/8                 On-link
  9    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [53760] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [68096] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [64000] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [21504] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [270848] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [67584] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [87040] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [84480] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30208] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [338432] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (11/25/2014 00:52:01 PM) (Source: Application Hang) (User: )
Description: The program chrome.exe version 39.0.2171.65 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 13a4
 
Start Time: 01d008dd4945850a
 
Termination Time: 4294967295
 
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
Report Id: 8479f357-74dc-11e4-bf30-3085a9a69f8c
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (11/25/2014 00:09:54 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (11/25/2014 00:08:54 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (11/25/2014 11:43:38 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (11/25/2014 11:43:37 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (11/25/2014 11:41:38 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (11/25/2014 11:41:37 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (11/25/2014 11:40:12 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (11/25/2014 11:40:10 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (11/25/2014 11:35:32 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
 
System errors:
=============
Error: (11/25/2014 11:27:48 AM) (Source: Service Control Manager) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (11/25/2014 11:25:30 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
Error: (11/25/2014 11:25:30 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1326
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (11/25/2014 11:24:42 AM) (Source: DCOM) (User: JSP)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
 
Error: (11/25/2014 11:24:42 AM) (Source: DCOM) (User: JSP)
Description: {4AA0A5C4-1B9B-4F2E-99D7-99C6AEC83474}
 
Error: (11/25/2014 03:33:53 AM) (Source: Service Control Manager) (User: )
Description: The Intel® Rapid Storage Technology service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (11/25/2014 03:31:34 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
Error: (11/25/2014 03:31:34 AM) (Source: Service Control Manager) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1326
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (11/25/2014 03:31:26 AM) (Source: EventLog) (User: )
Description: The previous system shutdown at 3:29:20 AM on ‎11/‎25/‎2014 was unexpected.
 
Error: (11/25/2014 03:29:27 AM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
 
Microsoft Office Sessions:
=========================
Error: (11/25/2014 00:52:01 PM) (Source: Application Hang)(User: )
Description: chrome.exe39.0.2171.6513a401d008dd4945850a4294967295C:\Program Files (x86)\Google\Chrome\Application\chrome.exe8479f357-74dc-11e4-bf30-3085a9a69f8c
 
Error: (11/25/2014 00:09:54 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\jin\Desktop\esetsmartinstaller_enu.exe
 
Error: (11/25/2014 00:08:54 PM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (11/25/2014 11:43:38 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\jin\Desktop\esetsmartinstaller_enu.exe
 
Error: (11/25/2014 11:43:37 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\jin\Desktop\esetsmartinstaller_enu.exe
 
Error: (11/25/2014 11:41:38 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\jin\Desktop\esetsmartinstaller_enu.exe
 
Error: (11/25/2014 11:41:37 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\jin\Desktop\esetsmartinstaller_enu.exe
 
Error: (11/25/2014 11:40:12 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\jin\Desktop\esetsmartinstaller_enu.exe
 
Error: (11/25/2014 11:40:10 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\jin\Desktop\esetsmartinstaller_enu.exe
 
Error: (11/25/2014 11:35:32 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\jin\Desktop\esetsmartinstaller_enu.exe
 
 
 
=========================== Installed Programs ============================
Adobe Bridge 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.0000 - Adobe System Incorporated) Hidden
Adobe Help Center 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Stock Photos 1.0 (x32 Version: 001.000.000 - Adobe Systems) Hidden
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.02 - ASUSTeK Computer Inc.)
ASUS Easy Update (HKLM-x32\...\{E7AA854E-6756-424E-84C2-4E47D5729AFF}) (Version: 2.00.28 - ASUSTeK Computer Inc)
ASUS Music Maker (HKLM-x32\...\MAGIX_{5E00D8DF-905B-41C7-B562-C126DE3A4167}) (Version: 18.0.3.3 - MAGIX AG)
ASUS Music Maker (Version: 18.0.3.3 - MAGIX AG) Hidden
ASUS MX Suite (HKLM-x32\...\MAGIX_{9204F334-2A46-49F1-89C4-65CEB7AC1974}) (Version: 1.13.0.121 - MAGIX AG)
ASUS MX Suite (Version: 1.13.0.121 - MAGIX AG) Hidden
ASUS Video easy (HKLM-x32\...\MAGIX_{7DB84618-76E3-4999-A9A0-D7D756E14129}) (Version: 3.0.1.42 - MAGIX AG)
ASUS Video easy (Version: 3.0.1.42 - MAGIX AG) Hidden
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4126.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4126.52 - CyberLink Corp.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
CPUID HWMonitor 1.23 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - THQ)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.00 - ASUSTeK Computer Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Full Flush Poker 8.2 (HKLM-x32\...\Full Flush Poker 8.2) (Version: 8.2.12.201402241200 - Full Flush Poker)
Galeria de Fotografias (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.65 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java Auto Updater (x32 Version: 2.1.71.14 - Oracle, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 12 Essentials OEM.a01 (HKLM-x32\...\{2AC099EA-CC1C-4E4E-BDFC-0353DCF13DD0}) (Version: 12.5.00400 - Nero AG)
Nero ControlCenter (x32 Version: 11.0.15200 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.0003 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.17800 - Nero AG) Hidden
Nero Express (x32 Version: 12.0.19000 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 12.0.1000 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.2000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
NVIDIA 3D Vision Controller Driver 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.49 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Control Panel 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.6 - NVIDIA Corporation)
NVIDIA Graphics Driver 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2702 - NVIDIA Corporation) Hidden
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
NVIDIA Update Components (Version: 7.2.17 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.1 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Pokemon Showdown (HKLM-x32\...\Pokemon Showdown) (Version:  - "Pokemon Showdown")
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.2.4-1.0.7299.14 - raidcall.com)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.40 - Ralink)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.17.22879 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6657 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.0.0 (HKLM-x32\...\RTSS) (Version: 6.0.0 - Unwinder)
SHIELD Streaming (Version: 1.05.19 - NVIDIA Corporation) Hidden
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
Trend Micro Titanium (Version: 6.00 - Trend Micro Inc.) Hidden
Trend Micro Titanium Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 6.0 - Trend Micro Inc.)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
Why ASUS PC (HKLM-x32\...\{5648F9D9-299E-408C-AC1F-59DC75894A1F}) (Version: 1.00.02 - ASUSTeK Computer Inc.)
Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live ??? (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Windows Live ??? (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
S?????? f?t???af??? (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
???? (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
??? (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
 
========================= Devices: ================================
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 12%
Total physical RAM: 16335.67 MB
Available physical RAM: 14212.6 MB
Total Pagefile: 18767.67 MB
Available Pagefile: 16384.77 MB
Total Virtual: 4095.88 MB
Available Virtual: 3977.98 MB
 
========================= Partitions: =====================================
 
1 Drive c: (Windows) (Fixed) (Total:149.56 GB) (Free:64.52 GB) NTFS
2 Drive d: (New Volume) (Fixed) (Total:1862.89 GB) (Free:1829.76 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\JSP
 
Administrator            Guest                    jin                      
UpdatusUser              
 
========================= Restore Points ==================================
 
25-11-2014 16:58:20 Scheduled Checkpoint
 
**** End of log ****

ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=12
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=c685e00901604a498870ba303421aa72
# engine=21263
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-11-25 10:49:01
# local_time=2014-11-25 03:49:01 (-0700, Mountain Standard Time)
# country="United States"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 7173660 0 0
# scanned=231466
# found=2
# cleaned=0
# scan_time=4820
sh=0E7B632CB9FA7EADF49D45BD6586A59DC78E879F ft=1 fh=c71c001190c4ea49 vn="Win32/InstalleRex.M potentially unwanted application" ac=I fn="C:\ProgramData\InstallMate\{81F2F87C-77E5-44FE-A615-3FC75A11DA8A}\Custom.dll"
sh=0E7B632CB9FA7EADF49D45BD6586A59DC78E879F ft=1 fh=c71c001190c4ea49 vn="Win32/InstalleRex.M potentially unwanted application" ac=I fn="C:\Users\All Users\InstallMate\{81F2F87C-77E5-44FE-A615-3FC75A11DA8A}\Custom.dll"

Edited by majinsoo, 25 November 2014 - 06:28 PM.


#14 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:29 PM

Posted 25 November 2014 - 06:29 PM

lesestoff.png

Can you please tell me which problems still persist now?
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#15 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:02:29 PM

Posted 29 November 2014 - 09:23 AM

Hi,

3 Day Inactivity

This is the third day since my last post. Are you still there?

If you need more time, just let me know.

If you do not post within 48 hours, this thread will be closed due to inactivity.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users