Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't download any Software, including anti-virus


  • This topic is locked This topic is locked
117 replies to this topic

#1 maske3344

maske3344

  • Members
  • 204 posts
  • OFFLINE
  •  
  • Local time:09:48 PM

Posted 23 July 2015 - 10:13 PM

I have been getting NSIS error or/and "Windows cannot access the specified device, path, or file" on every installer. I even can't run FRST.

I read articles on how to fix those problems, but I could not find any useful solutions.

 

 

I checked on C drive, and this is what the computer got:

 

Checking file system on C:

The type of the file system is NTFS.

 

A disk check has been scheduled.

Windows will now check the disk.

Cannot open volume for direct access.

autochk cannot run due to an error caused by a recently installed software package.

Use the system restore feature from the control panel to restore the system to a point prior to the recent software package installation.

An unspecified error occurred (766f6c756d652e63 3f1).

 

 

The only software I've download recently is Avast.



BC AdBot (Login to Remove)

 


#2 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,789 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:48 PM

Posted 28 July 2015 - 01:05 PM

Greetings maske3344 and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that.

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. This does not sound like a malware issue but we can take a quick peek at things.

Please uninstall Avast and see if that makes a difference.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#3 maske3344

maske3344
  • Topic Starter

  • Members
  • 204 posts
  • OFFLINE
  •  
  • Local time:09:48 PM

Posted 29 July 2015 - 09:44 PM

Thank you for responding.
 
Well, to tell you the truth, I tried to figure out what's wrong independently, and I somehow was able to install Spyhunter 4, not realizing that it has a reputation of "rogue application".I tried to uninstall it, but it gave me Error 3, so I cannot uninstall it.
 
Also, I ran Malwarebytes and Avast to get rid of few viruses. Then I ran CCleaner.
 
(I also have Anvi Smart Defender, but for some reason, it crashes---when I click on the software to see how much scanning has been done, I only get blank space saying it can't connect and asks if I either want to close the software or wait.)
 
 
 
And today, I found out that I can run FSRT again. I don't know how, but I can.
But I still cannot download (NSIS error) other software that I want to download (like obs).
 
Internet had been running extremely slow but as time elapsed, it has gotten a bit better. Still slow in loading though.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-07-2015
Ran by 구정애 (administrator) on 구정애-PC (29-07-2015 21:23:07)
Running from C:\Users\구정애\Desktop
Loaded Profiles: 구정애 (Available Profiles: 구정애)
Platform: Windows 7 Enterprise Service Pack 1 (X64) Language: 한국어(대한민국)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD2.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Anvisoft) C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD2Srv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Windows\Temp\CreativeCloudSet-Up.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Korean IME Migration] => C:\Program Files\Common Files\Microsoft Shared\IME12\IMEKR\IMKRMIG.EXE [43808 2006-10-26] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-05-26] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Korean IME Migration] => C:\Program Files (x86)\Common Files\microsoft shared\IME12\IMEKR\IMKRMIG.EXE [26400 2006-10-26] (Microsoft Corporation)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [495616 2011-03-08] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [856064 2011-03-08] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.1\bin\EpmNews.exe
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2303152 2015-07-02] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-07-20] (AVAST Software)
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-3555321914-2000873654-4226455716-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-3555321914-2000873654-4226455716-1001\...\Run: [AdobeBridge] => [X]
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-06-13] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-07-20] (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:13081;https=127.0.0.1:8118
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=9&ar=msnhome
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=9&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-3555321914-2000873654-4226455716-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-07-20] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-29] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-07-20] (AVAST Software)
BHO-x32: Microsoft 계정 로그인 도우미 -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-29] (Oracle Corporation)
DPF: HKLM {6CE20149-ABE3-462E-A1B4-5B549971AA38}
DPF: HKLM-x32 {054BF5DC-6052-4235-9DB4-7CCDC28CF8B4} https://nxpartners.okcashbag.com/itrs/meps/ITRSClient.cab
DPF: HKLM-x32 {063F7D71-5E0B-48F2-87D5-F63C5917947E} http://ahnlabdownload.nefficient.co.kr/aos/plugin/aosmgr.cab
DPF: HKLM-x32 {1663ed61-23eb-11d2-b92f-008048fdd814} http://www.epostbank.go.kr/js/scriptx/smsx.cab
DPF: HKLM-x32 {23670005-6E8F-4387-9C5D-E896EB25B898} http://www.iros.go.kr/iris/axbee/AXBeeLauncher.cab
DPF: HKLM-x32 {24F6E6A8-852C-45A8-ADD3-C4AB0D6FD231} https://plugin.inicis.com/wallet61/INIwallet61_vista.cab
DPF: HKLM-x32 {27640517-0513-4D81-A61E-228DC51680F8} http://ck.softforum.co.kr/CKFW/seouletax/CKFW.cab
DPF: HKLM-x32 {286A75C3-11FB-4FB4-AC4A-4DD1B0750050} http://download.banktown.com/kfcc/plugin/down/INIS60.cab
DPF: HKLM-x32 {325A2282-C738-4265-B43D-587926879609} http://www.iros.go.kr/iris/TrustedZoneCtrl.cab
DPF: HKLM-x32 {39461460-2552-4D51-A062-3AB6A7B902E9} http://img.shinhan.com/shttp/install/7209/down/INIS70.cab
DPF: HKLM-x32 {39FC0CF9-86F3-4502-B773-D16706EDEC83} http://img.shinhan.com/rib/common/keyStroke/SoftCamp/403174/SCSK4_WOW64.cab
DPF: HKLM-x32 {3A76E2A8-F8E8-432F-B0C1-91073F128D8E} http://pimg.hanmail.net/uploader/PlanetUpload.cab
DPF: HKLM-x32 {477D5B9A-6479-44F8-9718-9340119B0308} http://www.hanabank.com/resource/download/veraport/down/veraport20.cab
DPF: HKLM-x32 {51B1D5ED-67DC-43F0-A3F8-8502F1A5E404} http://update.nprotect.net/nprotect2007/kfcc/npstarter_0812131.cab
DPF: HKLM-x32 {55218724-9E0F-4A9A-858C-B5E6F5A9C65E} http://kings.cachenet.com/idefense/shinhanlife_20110615/idefense.cab
DPF: HKLM-x32 {56C415FF-EA88-4624-8559-A5D50AA38C19} http://pimg.hanmail.net/cafeOneshot_1099/OneShotEditor.cab
DPF: HKLM-x32 {5DF725B0-23C1-11DB-868D-000D87559872} http://www.mbest.co.kr/helper/mstart/mhelper.CAB
DPF: HKLM-x32 {646232F1-8C70-4806-9499-BA01A59FDA74} http://www.giro.or.kr/html/yessign/cab/yessign7.cab
DPF: HKLM-x32 {6CE20149-ABE3-462E-A1B4-5B549971AA38} C:\Users\구정애\AppData\Local\Temp\2011930\TouchEnKey_Installer_x86.exe
DPF: HKLM-x32 {6FE760D3-7851-4879-8838-62D9881D7177} http://img.shinhan.com/ums/initech/IniMasPlugin.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {8DC067B8-911D-473A-90F1-1171B887CDE0} http://cyimg8.cyworld.com/ImageUpload/CyPictureU1233.cab?20081124
DPF: HKLM-x32 {938527D1-CDB7-4147-998A-B20FCA5CC976} http://cafeimg.daum-img.net/cab9_1/dmcc2.cab?Version=1,0,0,10
DPF: HKLM-x32 {99277D5A-52B3-4B2E-AC38-B0065575FC55} http://ocx.mbest.gscdn.com/get/starplayer/starplayer-0.0.2.46.cab
DPF: HKLM-x32 {B6F3B726-C827-4EAF-848D-CEF4D4FC5E25} http://www.samsunglife.com/cab/SecuiBohumDKIE.cab
DPF: HKLM-x32 {B9B38E70-EEF6-4E3A-AE84-DDE59A053B7C} http://mail.daum.net/hanmail-ax/DaumActiveX/2_0_1_4/DaumActiveX.cab?ver=2,0,1,4
DPF: HKLM-x32 {DFFD6203-ACAF-4AE3-92EA-E0323FBF4BF3} http://www.samsungfire.com/download/secui/SecuiFireIE.cab
DPF: HKLM-x32 {E5A02FD2-A8EF-4E5B-80C1-CB386F95E049} https://plugin.inicis.com/banktown/wallet/plugin/BtPmntClient.cab
DPF: HKLM-x32 {F939FEB8-9518-4A4A-BE60-D10FFB9557F2} http://update.nprotect.net/netizenv55/card/samsungcard/81/npenkIEInstall5.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 209.18.47.61 209.18.47.62
Tcpip\..\Interfaces\{8814FB55-4885-4A88-8046-D5AFDE86C5DD}: [DhcpNameServer] 209.18.47.61 209.18.47.62

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-07-02] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2015-06-05] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-29] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-07-02] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3555321914-2000873654-4226455716-1001: anvisoft.com/AdblockPlugin -> C:\ProgramData\Anvisoft\Anvi Smart Defender 2\extensions\npAdblockPlugin.dll [2014-04-29] (Anvisoft)
FF HKLM-x32\...\Firefox\Extensions: [{jid1-vS7biDmom8YxhA@jetpack}] - error\extensions\{jid1-vS7biDmom8YxhA@jetpack}
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com
FF HKLM-x32\...\Firefox\Extensions: [AllMyTube@Wondershare.com] - C:\ProgramData\Wondershare\AllMyTube\AllMyTube@Wondershare.com
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-07-20]

Chrome:
=======
CHR Profile: C:\Users\구정애\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (NicoNico Audio Extractor) - C:\Users\구정애\AppData\Local\Google\Chrome\User Data\Default\Extensions\eecoahjklhopckkiefihjloeidikepdh [2015-05-28]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\구정애\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\구정애\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Profile: C:\Users\구정애\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Docs) - C:\Users\구정애\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-02]
CHR Extension: (Google Drive) - C:\Users\구정애\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-02]
CHR Extension: (SweetPacks) - C:\Users\구정애\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\banjjklfojcdbofbhbgiedekefohoaff [2013-09-26]
CHR Extension: (YouTube) - C:\Users\구정애\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-09-20]
CHR Extension: (No Name) - C:\Users\구정애\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cepjofekolhpdankoembdgfbpehkfkjm [2013-11-07]
CHR Extension: (Google Search) - C:\Users\구정애\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-09-20]
CHR Extension: (AllCheaipPriCea) - C:\Users\구정애\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\foachahbicoijaadbfcghhdbgiccccnl [2014-05-22]
CHR Extension: (DiagiSaVer) - C:\Users\구정애\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\jlddfmpdgbioghhcdphdgbgbpcpobiel [2014-05-21]
CHR Extension: (AlliSaeVer) - C:\Users\구정애\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mgbfjgdphcfhjeglmjgahpljmcmeokoi [2014-03-06]
CHR Extension: (AVG SafeGuard) - C:\Users\구정애\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2013-10-02]
CHR Extension: (No Name) - C:\Users\구정애\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nemfjadlboooiffmcelkafilagddogim [2013-10-25]
CHR Extension: (Chrome In-App Payments service) - C:\Users\구정애\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-02]
CHR Extension: (Gmail) - C:\Users\구정애\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-09-20]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-07-20]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-07-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [680112 2015-06-09] (Adobe Systems Incorporated)
R3 ASD2Svc; C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD2Srv.exe [1206504 2014-05-28] (Anvisoft)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-07-20] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-07-20] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-04-24] (Freemake) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2015-04-24] (Ellora Assets Corp.) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390672 2012-09-11] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 V3 Service; C:\Program Files\AhnLab\V3Lite30\ASDSvc.exe [634088 2014-03-24] (AhnLab, Inc.)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [89232 2014-07-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AhnFlt2k; C:\Windows\system32\Drivers\AhnFlt2k.sys [74488 2013-04-16] (AhnLab, Inc.)
S3 AhnRec2k; C:\Windows\system32\Drivers\AhnRec2k.sys [27384 2013-04-16] (AhnLab, Inc.)
S3 AhnRghNt; C:\Windows\system32\Drivers\AhnRghNt.sys [58032 2014-02-10] (AhnLab, Inc.)
R1 AMonLWLH; C:\Windows\System32\DRIVERS\amonlwlh.sys [51960 2013-06-04] (AhnLab, Inc.)
R1 AMonTDLH; C:\Windows\system32\Drivers\AMonTDLH.sys [141528 2014-04-18] (AhnLab, Inc.)
S3 AntiStealth_V3LITE30; C:\Program Files\AhnLab\V3Lite30\AHAWKENT.sys [42208 2014-04-04] (AhnLab, Inc.)
S3 AntiStealth_V3LITE30F; C:\Program Files\AhnLab\V3Lite30\TfFRegNt.sys [176864 2014-04-04] (AhnLab, Inc.)
S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
R1 ascrts_V3LITE30; C:\Program Files\AhnLab\V3Lite30\asc\ascrts.sys [3818488 2014-09-25] (AhnLab, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-07-20] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-07-20] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-07-20] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-07-20] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048856 2015-07-20] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-07-20] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150160 2015-07-20] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-07-20] (AVAST Software)
S1 ATamptNt_V3LITE30; C:\Program Files\AhnLab\V3Lite30\AtamptNt.sys [315128 2014-08-06] (AhnLab, Inc.)
S3 Cdm2DrNt; C:\Windows\system32\Drivers\Cdm2DrNt.sys [89824 2014-02-18] (AhnLab, Inc.)
S3 ISMgr; C:\Windows\system32\ImageSAFERDrv64.sys [11256 2009-11-25] ()
S3 JRSUKD25; C:\Windows\system32\JRSUKD25.SYS [19888 2013-04-25] (lumensoft Corporation)
S3 kcrtx64; C:\Windows\system32\kcrtx64.sys [141848 2013-04-25] (Kings Information & Network)
S3 kcrtx86; C:\Windows\SysWOW64\kcrtx86.sys [126048 2012-10-02] (Kings Information & Network)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [113880 2015-07-28] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 MeDCoreD_V3LITE30; C:\Program Files\AhnLab\V3Lite30\MeDCoreD.sys [926112 2014-07-28] (AhnLab, Inc.)
S3 MeDVpDrv_V3LITE30; C:\Program Files\AhnLab\V3Lite30\MeDVpDrv.sys [511376 2014-07-28] (AhnLab, Inc.)
S3 Mkd2Bthf; C:\Windows\System32\drivers\Mkd2Bthf.sys [98104 2012-08-17] (AhnLab, Inc.)
S3 Mkd2Nadr; C:\Windows\System32\drivers\Mkd2Nadr.sys [107832 2012-08-17] (AhnLab, Inc.)
S3 Mkd3kfNt; C:\Windows\System32\drivers\Mkd3kfNt.sys [166200 2012-08-23] (AhnLab, Inc.)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-07-20] (AVAST Software)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
S3 NPFW; C:\Windows\system32\NPFWVT64.sys [154376 2013-09-08] (INCA Internet Co.,Ltd.)
S3 NPFW; C:\Windows\SysWOW64\NPFWVT64.sys [154376 2013-09-08] (INCA Internet Co.,Ltd.)
S3 NPIDS; C:\Windows\system32\NpIdsVt64.sys [89352 2013-09-08] (INCA Internet Co.,Ltd.)
S3 NPIDS; C:\Windows\SysWOW64\NpIdsVt64.sys [89352 2013-09-08] (INCA Internet Co.,Ltd.)
S3 SynUSB64; C:\Windows\System32\DRIVERS\SynUSB64.sys [29432 2007-10-24] (SIA Syncrosoft)
S3 TSFLTDRV_V3LITE30; C:\Program Files\AhnLab\V3Lite30\TSFltDrv.sys [263896 2014-03-05] (AhnLab, Inc.)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-07-20] (Avast Software)
S3 WsAudio_Device; C:\Windows\System32\drivers\VirtualAudio.sys [31080 2013-03-25] (Wondershare)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-29 21:23 - 2015-07-29 21:23 - 00025231 _____ C:\Users\구정애\Desktop\FRST.txt
2015-07-29 21:22 - 2015-07-29 21:23 - 02169856 _____ (Farbar) C:\Users\구정애\Desktop\FRST64.exe
2015-07-28 11:08 - 2015-07-25 13:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 11:08 - 2015-07-25 13:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 11:08 - 2015-07-25 13:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 11:08 - 2015-07-25 13:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 11:08 - 2015-07-25 13:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 11:08 - 2015-07-25 12:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-28 11:07 - 2015-07-25 13:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 11:07 - 2015-07-25 13:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 10:33 - 2015-07-28 10:33 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\6C1C27C5.sys
2015-07-26 21:18 - 2015-07-26 21:19 - 02248704 _____ C:\Users\구정애\Desktop\adwcleaner_4.208.exe
2015-07-25 21:32 - 2015-07-25 21:32 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\7D8E35C9.sys
2015-07-25 21:24 - 2015-07-29 21:02 - 00000616 _____ C:\Windows\setupact.log
2015-07-25 21:24 - 2015-07-27 11:06 - 00001590 _____ C:\Windows\PFRO.log
2015-07-25 21:24 - 2015-07-25 21:24 - 00000000 _____ C:\Windows\setuperr.log
2015-07-24 20:57 - 2015-07-24 20:57 - 00000000 _____ C:\Windows\win.ini
2015-07-24 20:55 - 2015-07-24 20:55 - 00003314 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
2015-07-24 20:55 - 2015-07-24 20:55 - 00000000 ____D C:\Users\구정애\AppData\Roaming\Enigma Software Group
2015-07-24 20:55 - 2015-07-24 20:55 - 00000000 ____D C:\sh4ldr
2015-07-24 20:54 - 2015-07-24 20:54 - 00000000 ____D C:\Program Files\Enigma Software Group
2015-07-23 21:37 - 2015-07-23 21:37 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\3A791DDB.sys
2015-07-21 11:35 - 2015-07-27 16:37 - 00000000 ____D C:\Users\구정애\Documents\FlashIntegro
2015-07-21 11:32 - 2015-07-21 11:35 - 00000000 ____D C:\Users\구정애\Documents\Freemake
2015-07-20 23:20 - 2015-07-21 13:22 - 00000000 ____D C:\Windows\SysWOW64\vbox
2015-07-20 23:20 - 2015-07-21 13:22 - 00000000 ____D C:\Windows\system32\vbox
2015-07-20 23:20 - 2015-07-20 23:20 - 00000000 ____D C:\Users\구정애\AppData\Roaming\AVAST Software
2015-07-20 23:18 - 2015-07-29 11:54 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-20 23:18 - 2015-07-20 23:18 - 00001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-07-20 23:18 - 2015-07-20 23:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-07-20 23:17 - 2015-07-20 23:16 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-07-20 23:17 - 2015-07-20 23:16 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-07-20 23:17 - 2015-07-20 23:16 - 00150160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-07-20 23:17 - 2015-07-20 23:16 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-07-20 23:17 - 2015-07-20 23:16 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-07-20 23:17 - 2015-07-20 23:16 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-07-20 23:17 - 2015-07-20 23:16 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-07-20 23:17 - 2015-07-20 23:15 - 01048856 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-07-20 23:17 - 2015-07-20 23:15 - 00115152 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-07-20 23:16 - 2015-07-20 23:16 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-07-20 23:16 - 2015-07-20 23:16 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-07-20 23:13 - 2015-07-20 23:13 - 00000000 ____D C:\Program Files\AVAST Software
2015-07-20 23:10 - 2015-07-20 23:10 - 00000000 ____D C:\ProgramData\AVAST Software
2015-07-20 15:15 - 2015-07-20 15:15 - 00000003 _____ C:\Windows\system32\HRUPPROG.EXIT
2015-07-20 15:14 - 2015-07-20 15:15 - 00000002 _____ C:\Windows\system32\HRUPPROG.TXT
2015-07-20 12:34 - 2015-07-14 22:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-20 12:34 - 2015-07-14 22:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 12:34 - 2015-07-14 22:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-20 12:34 - 2015-07-14 22:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-20 12:34 - 2015-07-14 21:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-20 12:34 - 2015-07-14 21:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-20 12:34 - 2015-07-14 21:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-20 12:34 - 2015-07-14 21:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-20 12:34 - 2015-07-14 20:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-20 12:34 - 2015-07-14 20:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-19 22:57 - 2015-07-19 22:57 - 00000000 ____D C:\Users\구정애\AppData\Local\SkinSpotlights
2015-07-19 18:47 - 2015-07-20 22:23 - 00000034 _____ C:\Users\구정애\AppData\Roaming\AdobeWLCMCache.dat
2015-07-19 14:44 - 2015-07-19 14:44 - 00003162 _____ C:\Windows\System32\Tasks\{59425DB7-FBA6-4142-B3AB-D5E368390FB9}
2015-07-19 14:32 - 2015-07-19 14:32 - 00001222 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2014.lnk
2015-07-19 13:30 - 2015-07-19 13:30 - 00000364 _____ C:\Windows\Tasks\AdobeAAMUpdater-1.0-구정애-PC-구정애.job
2015-07-19 12:51 - 2015-07-19 12:51 - 00000000 ___RD C:\Users\구정애\Creative Cloud Files
2015-07-19 12:33 - 2015-07-19 12:33 - 00001225 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-07-17 23:13 - 2015-07-17 23:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LoiLo Game Recorder
2015-07-17 23:13 - 2015-07-17 23:13 - 00000000 ____D C:\Program Files\LoiLo
2015-07-15 03:02 - 2015-07-15 03:17 - 00000000 ____D C:\f4cce30899f4688ca4e142dec5
2015-07-15 00:16 - 2015-07-16 08:36 - 00000000 ____D C:\Users\구정애\AppData\Local\SkinSpotlightsReplays
2015-07-14 21:39 - 2015-07-09 12:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-14 21:39 - 2015-07-09 12:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-14 21:39 - 2015-07-09 12:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-14 21:39 - 2015-07-09 12:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-14 21:39 - 2015-07-09 12:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-14 21:39 - 2015-07-09 12:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-14 21:39 - 2015-07-09 12:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-14 21:39 - 2015-07-09 12:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-14 21:39 - 2015-07-09 12:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-14 21:39 - 2015-07-09 12:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-14 21:39 - 2015-07-09 12:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-14 21:39 - 2015-07-09 12:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-14 21:39 - 2015-07-09 12:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-14 21:39 - 2015-07-09 12:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-14 21:39 - 2015-07-09 12:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-14 21:39 - 2015-07-09 12:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-14 21:39 - 2015-07-02 16:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-14 21:39 - 2015-07-02 16:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-14 21:39 - 2015-07-02 15:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-14 21:39 - 2015-07-02 15:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-14 21:39 - 2015-07-02 15:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-14 21:39 - 2015-07-02 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-14 21:39 - 2015-07-02 15:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-14 21:39 - 2015-07-02 15:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-14 21:39 - 2015-07-02 15:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-14 21:39 - 2015-07-02 14:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-14 21:39 - 2015-07-02 14:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-14 21:39 - 2015-07-02 13:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-14 21:39 - 2015-06-26 21:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-14 21:39 - 2015-06-26 21:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-14 21:39 - 2015-06-26 20:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-14 21:39 - 2015-06-26 20:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-14 21:39 - 2015-06-25 13:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-14 21:39 - 2015-06-25 12:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-14 21:39 - 2015-06-25 03:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-14 21:39 - 2015-06-20 14:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-14 21:39 - 2015-06-20 14:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-14 21:39 - 2015-06-20 14:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-14 21:39 - 2015-06-20 14:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-14 21:39 - 2015-06-20 13:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-14 21:39 - 2015-06-19 13:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-14 21:39 - 2015-06-19 13:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-14 21:39 - 2015-06-19 13:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-14 21:39 - 2015-06-19 13:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-14 21:39 - 2015-06-19 13:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-14 21:39 - 2015-06-19 12:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-14 21:39 - 2015-06-19 12:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-14 21:39 - 2015-06-19 12:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-14 21:39 - 2015-06-19 12:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-14 21:39 - 2015-06-19 12:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-14 21:39 - 2015-06-19 12:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-14 21:39 - 2015-06-17 12:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-14 21:39 - 2015-06-17 12:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-14 21:39 - 2015-06-01 19:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-14 21:39 - 2015-06-01 18:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-14 21:38 - 2015-07-04 13:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-14 21:38 - 2015-07-04 12:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-14 21:38 - 2015-07-01 15:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-14 21:38 - 2015-07-01 15:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-14 21:38 - 2015-07-01 15:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-14 21:38 - 2015-07-01 15:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-14 21:38 - 2015-07-01 15:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-14 21:38 - 2015-07-01 15:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-14 21:38 - 2015-07-01 15:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-14 21:38 - 2015-07-01 15:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-14 21:38 - 2015-07-01 15:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-14 21:38 - 2015-07-01 15:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-14 21:38 - 2015-07-01 15:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-14 21:38 - 2015-07-01 15:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-14 21:38 - 2015-07-01 15:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-14 21:38 - 2015-07-01 15:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-14 21:38 - 2015-07-01 15:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-14 21:38 - 2015-07-01 15:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-14 21:38 - 2015-07-01 15:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-14 21:38 - 2015-07-01 15:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-14 21:38 - 2015-07-01 15:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-14 21:38 - 2015-07-01 15:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-14 21:38 - 2015-07-01 15:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-14 21:38 - 2015-07-01 15:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-14 21:38 - 2015-07-01 15:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-14 21:38 - 2015-07-01 15:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-14 21:38 - 2015-07-01 15:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-14 21:38 - 2015-07-01 15:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-14 21:38 - 2015-07-01 15:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-14 21:38 - 2015-07-01 15:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-14 21:38 - 2015-07-01 15:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-14 21:38 - 2015-07-01 15:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-14 21:38 - 2015-07-01 15:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-14 21:38 - 2015-07-01 15:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-14 21:38 - 2015-07-01 15:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-14 21:38 - 2015-07-01 15:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-14 21:38 - 2015-07-01 15:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-14 21:38 - 2015-07-01 14:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-14 21:38 - 2015-07-01 14:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-14 21:38 - 2015-07-01 14:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-14 21:38 - 2015-06-20 15:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-14 21:38 - 2015-06-20 14:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-14 21:38 - 2015-06-20 14:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-14 21:38 - 2015-06-20 14:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-14 21:38 - 2015-06-20 14:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-14 21:38 - 2015-06-20 14:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-14 21:38 - 2015-06-20 14:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-14 21:38 - 2015-06-20 14:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-14 21:38 - 2015-06-20 14:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-14 21:38 - 2015-06-20 14:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-14 21:38 - 2015-06-20 14:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-14 21:38 - 2015-06-20 14:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-14 21:38 - 2015-06-20 14:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-14 21:38 - 2015-06-20 13:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-14 21:38 - 2015-06-20 13:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-14 21:38 - 2015-06-20 13:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-14 21:38 - 2015-06-20 13:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-14 21:38 - 2015-06-20 13:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-14 21:38 - 2015-06-19 13:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-14 21:38 - 2015-06-19 13:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-14 21:38 - 2015-06-19 13:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-14 21:38 - 2015-06-19 13:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-14 21:38 - 2015-06-19 13:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-14 21:38 - 2015-06-19 12:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-14 21:38 - 2015-06-19 12:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-14 21:38 - 2015-06-19 12:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-14 21:38 - 2015-06-15 16:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-14 21:38 - 2015-06-15 16:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-14 21:38 - 2015-06-15 16:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-14 21:38 - 2015-06-15 16:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-14 21:38 - 2015-06-15 16:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-14 21:38 - 2015-06-15 16:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-14 21:38 - 2015-06-15 16:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-14 21:38 - 2015-06-15 16:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-14 21:38 - 2015-06-15 16:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-14 21:38 - 2015-06-15 16:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-14 21:38 - 2015-06-15 16:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-14 21:38 - 2015-06-15 16:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-14 21:38 - 2015-06-11 12:56 - 01112576 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-14 21:38 - 2015-06-11 12:16 - 00162816 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-07-14 21:38 - 2015-06-11 12:15 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-07-14 21:38 - 2015-04-27 14:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-14 21:38 - 2015-04-27 14:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-14 21:38 - 2015-04-27 14:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-14 21:38 - 2015-04-27 14:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-14 21:38 - 2015-04-27 14:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-14 21:38 - 2015-04-27 14:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-14 21:38 - 2015-04-27 14:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-14 21:38 - 2015-04-27 14:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-10 20:43 - 2015-07-10 20:43 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\035A7C6A.sys
2015-07-07 07:51 - 2015-07-07 07:51 - 00001206 _____ C:\Users\구정애\Desktop\VSDC Free Video Editor.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-29 21:23 - 2015-06-01 19:24 - 00000000 ____D C:\FRST
2015-07-29 21:19 - 2015-06-04 12:39 - 00000000 ____D C:\AdwCleaner
2015-07-29 21:15 - 2009-07-13 23:45 - 00022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-29 21:15 - 2009-07-13 23:45 - 00022080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-29 21:11 - 2014-07-29 20:58 - 01936286 _____ C:\Windows\WindowsUpdate.log
2015-07-29 21:06 - 2014-07-12 22:13 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-07-29 21:02 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-29 12:05 - 2012-08-03 17:56 - 00000000 ____D C:\Users\구정애\AppData\Local\Adobe
2015-07-29 11:57 - 2012-08-16 10:50 - 00003876 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0ED2A745-2A78-4582-9550-FBC64779F2DF}
2015-07-28 19:55 - 2014-07-12 20:30 - 00002217 _____ C:\Users\Public\Desktop\Chrome.lnk
2015-07-28 15:05 - 2014-05-06 20:50 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-28 10:36 - 2014-10-14 21:01 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-27 16:59 - 2014-09-24 00:27 - 00000000 ____D C:\Fraps
2015-07-25 14:49 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\Web
2015-07-25 11:45 - 2014-07-25 10:09 - 00000000 ____D C:\adobeTemp
2015-07-25 11:42 - 2014-07-23 20:52 - 00000000 ____D C:\Program Files\Adobe
2015-07-24 20:55 - 2012-07-31 11:14 - 00000000 ____D C:\Users\구정애
2015-07-23 19:34 - 2014-07-09 18:44 - 00000000 ____D C:\Users\구정애\AppData\Local\CrashDumps
2015-07-20 21:01 - 2014-12-29 19:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Downloader(xmlbar)
2015-07-20 20:56 - 2012-08-15 17:23 - 00000000 ____D C:\Users\구정애\AppData\Local\Deployment
2015-07-20 20:48 - 2014-09-18 00:36 - 00000000 ____D C:\Program Files (x86)\Aegisub
2015-07-20 20:47 - 2014-10-14 20:49 - 00000000 ____D C:\Program Files\Speccy
2015-07-20 20:37 - 2009-07-13 23:45 - 05310760 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-20 15:16 - 2015-06-04 21:38 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2015-07-20 15:16 - 2014-04-18 17:07 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2015-07-20 15:16 - 2012-10-10 20:27 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-07-20 14:08 - 2015-06-11 17:29 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-19 18:47 - 2012-07-31 11:39 - 00000000 ____D C:\Users\구정애\AppData\Roaming\Adobe
2015-07-19 18:46 - 2014-07-23 21:48 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-07-19 18:45 - 2012-08-02 19:19 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-07-19 17:06 - 2014-07-23 20:52 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-07-19 17:06 - 2012-08-02 19:17 - 00000000 ____D C:\ProgramData\Adobe
2015-07-19 16:56 - 2012-07-31 20:50 - 00188512 _____ C:\Users\구정애\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-19 13:12 - 2014-07-23 21:51 - 00000000 ____D C:\Users\구정애\Documents\Adobe
2015-07-19 13:06 - 2014-07-23 20:13 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-17 22:33 - 2014-04-16 00:46 - 00000000 ____D C:\Users\구정애\AppData\Local\Sony
2015-07-17 22:33 - 2014-04-16 00:46 - 00000000 ____D C:\ProgramData\Sony
2015-07-17 22:32 - 2014-04-16 00:45 - 00000000 ____D C:\Users\구정애\AppData\Roaming\Sony
2015-07-16 18:06 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\rescache
2015-07-15 17:03 - 2012-09-15 16:25 - 00003680 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 17:03 - 2012-09-15 16:25 - 00003428 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 17:03 - 2012-09-15 16:25 - 00000684 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-15 17:03 - 2012-09-15 16:25 - 00000680 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-15 11:56 - 2014-12-10 05:15 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 11:56 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-15 03:17 - 2013-08-14 10:28 - 00000000 ____D C:\Windows\system32\MRT
2015-07-07 07:51 - 2014-08-01 21:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FlashIntegro
2015-07-07 07:51 - 2014-08-01 21:20 - 00000000 ____D C:\Program Files (x86)\FlashIntegro
2015-07-03 08:43 - 2013-01-20 22:54 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-01 15:11 - 2014-10-14 21:01 - 00001106 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-07-01 15:11 - 2014-10-14 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-07-01 15:11 - 2014-10-14 21:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

==================== Files in the root of some directories =======

2014-09-12 01:15 - 2013-01-22 22:24 - 0137728 _____ (Yamaha Corporation) C:\Program Files (x86)\dbm3.dll
2014-09-12 01:15 - 2012-07-12 11:22 - 0423424 _____ (Yamaha Corporation) C:\Program Files (x86)\DSCL3.dll
2014-09-12 01:15 - 2012-07-15 12:37 - 7962624 _____ (Yamaha Corporation) C:\Program Files (x86)\DSE3.dll
2014-09-12 01:15 - 2011-10-31 10:16 - 24229376 _____ () C:\Program Files (x86)\DSE3_DFT.dll
2014-09-12 01:15 - 2012-05-21 16:41 - 0124416 _____ (Yamaha Corporation) C:\Program Files (x86)\g2pa3_CHS.dll
2014-09-12 01:15 - 2011-11-10 19:56 - 4886528 _____ (Yamaha Corporation) C:\Program Files (x86)\g2pa3_ENG.dll
2014-09-12 01:15 - 2011-11-16 10:46 - 0245248 _____ (Yamaha Corporation) C:\Program Files (x86)\g2pa3_ESP.dll
2014-09-12 01:15 - 2011-10-31 20:34 - 0117760 _____ (Yamaha Corporation) C:\Program Files (x86)\g2pa3_JPN.dll
2014-09-12 01:15 - 2011-11-11 15:23 - 0160256 _____ (Yamaha Corporation) C:\Program Files (x86)\g2pa3_KOR.dll
2014-09-12 01:15 - 2013-01-22 22:54 - 0004553 _____ () C:\Program Files (x86)\readme.txt
2014-09-12 01:15 - 2012-04-16 10:58 - 0076288 _____ (Yamaha Corporation) C:\Program Files (x86)\udm3_eng.dll
2014-09-12 01:14 - 2014-09-12 01:15 - 0028873 _____ () C:\Program Files (x86)\unins000.dat
2014-09-12 01:14 - 2014-09-12 01:14 - 0723445 _____ () C:\Program Files (x86)\unins000.exe
2014-09-12 01:15 - 2012-04-16 11:00 - 0136704 _____ (Yamaha Corporation) C:\Program Files (x86)\vedit3.dll
2014-09-12 01:15 - 2012-06-15 13:53 - 2206339 _____ () C:\Program Files (x86)\VOC3_Manual.pdf
2014-09-12 01:15 - 2012-06-25 15:10 - 3564087 _____ () C:\Program Files (x86)\VOC3_Manual_1028.pdf
2014-09-12 01:15 - 2012-06-20 20:00 - 2329934 _____ () C:\Program Files (x86)\VOC3_Manual_1041.pdf
2014-09-12 01:15 - 2012-06-25 15:13 - 2697506 _____ () C:\Program Files (x86)\VOC3_Manual_1042.pdf
2014-09-12 01:15 - 2011-12-01 22:41 - 1785048 _____ () C:\Program Files (x86)\VOC3_Manual_1049.pdf
2014-09-12 01:15 - 2012-06-25 15:16 - 2270242 _____ () C:\Program Files (x86)\VOC3_Manual_2052.pdf
2014-09-12 01:15 - 2013-01-23 00:36 - 0845312 _____ (Yamaha Corporation) C:\Program Files (x86)\VOCALOID3.exe
2014-09-12 01:15 - 2012-04-24 10:19 - 0624640 _____ (Yamaha Corporation) C:\Program Files (x86)\Vsq3.dll
2014-09-12 01:15 - 2011-10-31 10:16 - 0048653 _____ () C:\Program Files (x86)\vsq3.xsd
2014-09-12 01:15 - 2012-04-16 11:02 - 0177152 _____ (Yamaha Corporation) C:\Program Files (x86)\VstHost3.dll
2014-09-12 01:15 - 2011-10-31 10:16 - 1888256 _____ (Apache Software Foundation) C:\Program Files (x86)\xerces-c_3_1.dll
2014-09-23 22:16 - 2014-09-23 22:16 - 0000000 ___RH () C:\Users\구정애\AppData\Roaming\5d4fb8b441c23ff466f753aca04be8802
2015-02-10 23:27 - 2015-03-25 20:27 - 0000132 _____ () C:\Users\구정애\AppData\Roaming\Adobe GIF Format CS6 Prefs
2014-11-15 04:50 - 2015-05-25 19:57 - 0000132 _____ () C:\Users\구정애\AppData\Roaming\Adobe PNG Format CS6 Prefs
2015-07-19 18:47 - 2015-07-20 22:23 - 0000034 _____ () C:\Users\구정애\AppData\Roaming\AdobeWLCMCache.dat
2014-09-14 23:12 - 2014-09-14 23:12 - 1177208 _____ () C:\Users\구정애\AppData\Roaming\AndyCleanupTool.exe
2014-09-14 23:12 - 2014-09-14 23:12 - 1176696 _____ () C:\Users\구정애\AppData\Roaming\AndyCleanVM.exe
2013-12-21 12:43 - 2014-03-30 13:06 - 0000117 _____ () C:\Users\구정애\AppData\Roaming\WB.CFG
2015-02-10 23:25 - 2015-06-16 17:17 - 0001456 _____ () C:\Users\구정애\AppData\Local\Adobe Save for Web 13.0 Prefs
2013-02-17 09:08 - 2014-10-26 03:01 - 0091136 _____ () C:\Users\구정애\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-02 21:46 - 2015-01-02 21:46 - 0000749 _____ () C:\Users\구정애\AppData\Local\recently-used.xbel
2014-08-03 17:34 - 2014-08-03 18:10 - 0007604 _____ () C:\Users\구정애\AppData\Local\Resmon.ResmonCfg
2012-09-10 06:49 - 2012-09-10 06:49 - 0001050 ____H () C:\Users\구정애\AppData\Local\{793FD447-37EB-4083-B222-2E447297AF07}
2013-12-12 19:47 - 2014-01-19 19:37 - 0000267 _____ () C:\ProgramData\NCleanerInstAgentLog.log
2012-11-27 11:50 - 2014-01-19 19:37 - 0000537 _____ () C:\ProgramData\NVCInstAgentLog.log

Some files in TEMP:
====================
C:\Users\구정애\AppData\Local\Temp\Quarantine.exe
C:\Users\구정애\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-23 20:46

==================== End of log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version:28-07-2015
Ran by 구정애 (2015-07-29 21:24:18)
Running from C:\Users\구정애\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3555321914-2000873654-4226455716-500 - Administrator - Disabled)
Guest (S-1-5-21-3555321914-2000873654-4226455716-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3555321914-2000873654-4226455716-1002 - Limited - Enabled)
구정애 (S-1-5-21-3555321914-2000873654-4226455716-1001 - Administrator - Enabled) => C:\Users\구정애

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: V3 Lite (Disabled - Up to date) {E5865943-7D93-B425-140C-3E676A98873E}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: V3 Lite (Disabled - Up to date) {5EE7B8A7-5BA9-BBAB-2EBC-0515111FCD83}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.0.0 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.1.3.121 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 10.3.181.14 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Premiere Pro CS6 (HKLM-x32\...\{7176B973-6011-43C1-AEBC-2D73FE7C6982}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Korean (HKLM-x32\...\{AC76BA86-7AD7-1042-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Anvi Smart Defender 2.2 (HKLM-x32\...\Anvi Smart Defender) (Version: 2.2 - Anvisoft)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Apple 응용 프로그램 지원 (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.10 - Michael Tippach)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2223 - AVAST Software)
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blender (HKLM\...\Blender) (Version: 2.71 - Blender Foundation)
Build Tools - amd64 (Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.30723 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
ColorDirector (Version: 2.0 - CyberLink Corp.) Hidden
Contents64 (Version: 17.0.0.249 - Corel Corporation) Hidden
CyberLink PowerDirector 11 (HKLM-x32\...\InstallShield_{551F492A-01B0-4DC4-866F-875EC4EDC0A8}) (Version: 11.0.0.2215 - CyberLink Corp.)
CyberLink PowerDirector 11 (Version: 11.0.0.2215 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Entity Framework 6.1.1 Tools for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
Epson Download Navigator (HKLM-x32\...\{10F63395-157F-4B93-AB4D-702A2FF11942}) (Version: 1.0.1 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{FA9D303D-0FB2-49C7-9397-8E6B11EA892D}) (Version: 2.50.0001 - SEIKO EPSON CORPORATION)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.20.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON WorkForce 545 Series Printer Uninstall (HKLM\...\EPSON WorkForce 545 Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
FL Studio 11 (HKLM-x32\...\FL Studio 11) (Version: - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version: - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.4 - Ellora Assets Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.69.5227 - Gretech Corporation)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
ICA (x32 Version: 17.0.0.249 - Corel Corporation) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version: - Image-Line)
IPM_VS_Pro64 (Version: 17.0 - Corel Corporation) Hidden
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 8 Update 20 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180200}) (Version: 8.0.200.26 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
LoiLo Game Recorder (HKLM\...\{89E4163C-BD19-45A9-BCEB-980741786799}_is1) (Version: 1.1.0.1 - LoiLo inc.)
Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile 한국어 언어 팩 (HKLM\...\Microsoft .NET Framework 4 Client Profile KOR Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 1.0.0.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU with Update 3 (HKLM-x32\...\{1ef771b4-b774-439e-a015-23dec292d9a4}) (Version: 12.0.30723.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
MWSnap 3 (HKLM-x32\...\MWSnap 3) (Version: 3.0.0.74 - Mirek Wojtowicz)
Newblue Art Effects for PowerDirector (HKLM\...\NewBlue Art Effects for PowerDirector) (Version: 2.0 - NewBlue)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
Orchestral VST (HKLM-x32\...\{77832A71-8657-46D1-89BC-630243926C9A}) (Version: - )
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PowerDirector (Version: 11.0 - 회사명) Hidden
Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Python Tools Redirection Template (x32 Version: 1.0 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform)
Setup (x32 Version: 17.0.0.249 - Corel Corporation) Hidden
Share64 (Version: 17.0.0.249 - Corel Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.20.9.4533 - Enigma Software Group, LLC)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Trapcode Suite 64-bit (HKLM-x32\...\InstallShield_{5210717F-CAFD-4F21-8DF7-6ED3862725C4}) (Version: 12.1.0 - Red Giant Software)
Trapcode Suite 64-bit (Version: 12.1.0 - Red Giant Software) Hidden
TypeScript Power Tool (x32 Version: 1.0.3.1 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.3.1 - Microsoft Corporation) Hidden
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
V3 Lite (HKLM\...\{5FC548FC_0888_4832_B037_835C34A0B599}) (Version: 3.1.4.314 - AhnLab, Inc.)
Visual Studio 2013 Update 3 (KB2829760) (HKLM-x32\...\{86438e3d-7f83-4dd2-94aa-047e7c3974cb}) (Version: 12.0.30723 - Microsoft Corporation)
Vocaloid3 Free Edition v3.0.5.0 third release (HKLM-x32\...\Vocaloid3 Free Edition v3.0.5.0 third release_is1) (Version: Vocaloid3 Free Edition v3.0.5.0 third release - )
VS Update core components (x32 Version: 12.0.30723 - Microsoft Corporation) Hidden
VSClassic64 (Version: 17.0.0.249 - Corel Corporation) Hidden
VSDC Free Video Converter version 2.4.5.276 (HKLM-x32\...\VSDC Free Video Converter_is1) (Version: 2.4.5.276 - Flash-Integro LLC)
VSDC Free Video Editor version 3.2.1.372 (HKLM-x32\...\VSDC Free Video Editor_is1) (Version: 3.2.1.372 - Flash-Integro LLC)
VSPro64 (Version: 17.0.0.249 - Corel Corporation) Hidden
Windows Live 필수 패키지 (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
μTorrent (HKU\S-1-5-21-3555321914-2000873654-4226455716-1001\...\uTorrent) (Version: 3.4.2.38913 - BitTorrent Inc.)
네이트온 (HKLM-x32\...\{697E41EA-AEBE-4B5F-884E-87B5CD6C70AC}) (Version: - )
사진 갤러리 (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3555321914-2000873654-4226455716-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-3555321914-2000873654-4226455716-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Restore Points =========================

24-07-2015 10:51:45 Windows Update
26-07-2015 19:05:37 Windows 백업
28-07-2015 11:07:29 Windows Update
28-07-2015 15:03:21 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-10-14 20:41 - 2013-09-03 17:19 - 00000833 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {14693EFC-439E-4390-A031-252F31B812FD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {15ED101C-B80D-4CF5-BAE1-BE5B6983AFD6} - System32\Tasks\{CFE4F060-855F-4F37-A8B2-7475C7E9609A} => pcalua.exe -a C:\Users\Public\Videos\camtasiaup.exe -d C:\Users\구정애\Videos
Task: {17B3C934-9F2F-431B-B187-DE1ECE511801} - System32\Tasks\AdobeAAMUpdater-1.0-구정애-PC-구정애 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-05-26] (Adobe Systems Incorporated)
Task: {1E5182D1-4C38-49FB-9F85-173767761F94} - System32\Tasks\{601E723B-55BB-4250-BD75-3D02B5AC738A} => pcalua.exe -a c:\users\구정애\appdata\local\genesis_07240330\genesis_07240330.exe -c /x
Task: {79B25A52-6F29-4305-8602-96C2C50F7C74} - System32\Tasks\{59425DB7-FBA6-4142-B3AB-D5E368390FB9} => pcalua.exe -a "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\Creative Cloud Uninstaller.exe"
Task: {7B48F66C-A601-47F0-BA44-8E258AA5E71B} - System32\Tasks\ASD_Main => C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD2.exe [2014-05-28] (Anvisoft)
Task: {89BA9075-6DE8-4EE1-971F-041FD5195ABE} - System32\Tasks\{BB26F80C-4E83-4867-8979-1D205423AAD7} => pcalua.exe -a C:\Users\구정애\AppData\Local\Temp\{D7F52CAA-5F5D-45AA-B5AB-5DED5DF36A42}\InstallFlashPlayer.exe -d C:\Users\구정애\AppData\Local\Temp\IDC2.tmp -c -iv 6
Task: {900FF484-48C7-4055-93A5-975D34A00AB9} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-07-20] (AVAST Software)
Task: {92E74B19-525D-4F1D-BB4F-BF837F42F226} - System32\Tasks\{9DE7D8B7-9804-4501-8544-084878C83BA8} => pcalua.exe -a C:\Windows\SysWOW64\CKFWSetup.exe -d C:\Windows\SysWOW64 -c /StartDriver
Task: {93687FCA-EF6E-4582-8171-49D6BAC11F5F} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2015-07-24] (Enigma Software Group USA, LLC.)
Task: {9F10E64E-9542-4597-8C4A-06D786550CA2} - System32\Tasks\{C3271B5A-B1C2-43D7-BE9E-CB3F4FD29C29} => pcalua.exe -a D:\utility\flashplayerax.exe -d D:\utility
Task: {9FF85F3C-E9F7-4C64-A804-88CFD5CF3916} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {AADA62F1-9F89-49C3-A085-265B471E4637} - System32\Tasks\{6995B9A8-9405-498C-83E4-0D7DCFA0D376} => pcalua.exe -a F:\SanDiskSecureAccessV2_win.exe -d F:\
Task: {ABAD2D1D-54D1-4E68-8866-74C35220C9B5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-15] (Google Inc)
Task: {C373028E-2044-4B58-96C2-A323368B8D54} - System32\Tasks\{65F29D32-DCD7-4A4D-A1CD-E1C68B46B680} => pcalua.exe -a "C:\Users\구정애\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NR1YGZI2\npEfdsWCtrlSetup.exe" -d C:\Users\구정애\Desktop
Task: {D08E5612-4685-4A2C-BCBA-A9D05EFB596A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-15] (Google Inc)
Task: {D1C5DF0E-3DC6-4D13-AD3C-7DB44E5A1824} - System32\Tasks\{4953AA8C-231C-407B-893F-E3EA688115C1} => pcalua.exe -a C:\Users\구정애\Downloads\wlsetup-web.exe -d C:\Users\구정애\Downloads
Task: {DC190E76-FA82-4E0D-BA74-6517A6B74768} - System32\Tasks\{68C8A82E-2454-4211-B139-13D3613680BE} => pcalua.exe -a C:\Users\구정애\Downloads\Setup.exe -d C:\Users\구정애\Downloads

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\AdobeAAMUpdater-1.0-구정애-PC-구정애.job => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2012-08-02 20:47 - 2011-02-17 20:25 - 00136704 _____ () C:\Windows\System32\zlhp1600.dll
2015-06-13 14:17 - 2015-06-13 14:17 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-09-04 02:33 - 2012-09-11 23:14 - 00390672 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-07-20 23:16 - 2015-07-20 23:16 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-07-20 23:16 - 2015-07-20 23:16 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-29 11:49 - 2015-07-29 11:49 - 02960384 _____ () C:\Program Files\AVAST Software\Avast\defs\15072900\algo.dll
2014-04-29 21:04 - 2014-04-29 21:04 - 00088080 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\libglog.dll
2014-04-29 20:27 - 2014-04-29 20:27 - 00649744 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\sqlite3.dll
2014-05-27 02:02 - 2014-05-27 02:02 - 00041704 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\fsmlib.dll
2014-05-27 02:02 - 2014-05-27 02:02 - 00305896 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\UserProfile.dll
2014-05-27 02:02 - 2014-05-27 02:02 - 00500968 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\http_hook.dll
2014-05-28 04:25 - 2014-05-28 04:25 - 00776936 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\CoreScan.dll
2014-05-27 02:02 - 2014-05-27 02:02 - 01039080 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ASD2Engine.dll
2014-04-29 21:04 - 2014-04-29 21:04 - 00038928 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\fuzzy.dll
2014-04-29 21:04 - 2014-04-29 21:04 - 00093712 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\zlibwapi.dll
2014-05-27 02:02 - 2014-05-27 02:02 - 00135400 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\ExtractImpl.dll
2014-05-27 02:02 - 2014-05-27 02:02 - 00437480 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\InnoExtractDll.dll
2014-05-27 02:02 - 2014-05-27 02:02 - 00030440 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\UnpackImpl.dll
2014-05-27 02:02 - 2014-05-27 02:02 - 00259816 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\pyunpacker.dll
2014-05-27 02:02 - 2014-05-27 02:02 - 00125672 _____ () C:\Program Files (x86)\Anvisoft\Anvi Smart Defender\FileSearcher.dll
2009-07-13 16:03 - 2009-07-13 20:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2014-05-04 16:10 - 2014-10-31 17:37 - 01498112 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2014-05-04 16:10 - 2014-05-19 18:19 - 00137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2015-06-09 22:36 - 2015-06-09 22:36 - 36732592 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-07-28 19:54 - 2015-07-25 03:46 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\libglesv2.dll
2015-07-28 19:54 - 2015-07-25 03:46 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\libegl.dll
2015-07-20 23:16 - 2015-07-20 23:16 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7870 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3555321914-2000873654-4226455716-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\구정애\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 209.18.47.61 - 209.18.47.62
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 0) (EnableLUA: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: ASD2Svc => 2
MSCONFIG\Services: EpsonCustomerParticipation => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: System Update kb70007 => 2
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{41933A54-7209-4B74-87FE-4C84607E1998}] => (Allow) C:\Program Files (x86)\Daum\PotPlayer\daumvsvr.exe
FirewallRules: [{22D29901-A61D-408B-B9E4-7E7077C88294}] => (Allow) C:\Program Files (x86)\Daum\PotPlayer\daumvsvr.exe
FirewallRules: [TCP Query User{2D457712-B2CD-4021-A6B6-D2E4E06D0CA3}C:\program files (x86)\daum\potplayer\potplayer.exe] => (Allow) C:\program files (x86)\daum\potplayer\potplayer.exe
FirewallRules: [UDP Query User{53B1D442-C00A-44A0-8191-43A75933B8F8}C:\program files (x86)\daum\potplayer\potplayer.exe] => (Allow) C:\program files (x86)\daum\potplayer\potplayer.exe
FirewallRules: [TCP Query User{9BD657A6-2666-49D6-B378-27859B2C5162}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{62F03FB0-67C1-4E38-BA16-7F8BEE2F96A4}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{88C88DEC-D852-4D06-AEF6-FF77DBA4B7A8}] => (Allow) E:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{16F7E0DA-1A49-42D6-B99F-CEAC02EDD44A}] => (Allow) E:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [TCP Query User{8CCF7EDB-4F94-4B30-AF4C-B65A8FE4DF0E}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{51B7E63E-836D-431B-BBA8-CAC5FB2E9918}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{82E25F2A-F712-49CE-9DBF-A38DD4F18E74}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{BB155A5F-B7BD-4072-B90E-6C3848D11A89}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [{D4245AC3-7E13-4299-BA0D-2E600FBA6583}] => (Allow) C:\Users\구정애\AppData\Local\Temp\WZSE1.TMP\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{565E4C41-DFE7-4341-B50F-7FF4FA55888F}] => (Allow) C:\Users\구정애\AppData\Local\Temp\WZSE1.TMP\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{E85DB888-10F0-4D2E-A6FB-711278C57B11}] => (Allow) C:\Users\구정애\AppData\Local\Temp\WZSE2.TMP\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{D0ACCA25-13DB-420D-BD56-2EF1A9BD5A82}] => (Allow) C:\Users\구정애\AppData\Local\Temp\WZSE2.TMP\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{ADEB0B0A-10EE-48D6-8D2D-23955ED2B03D}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{BC62BB08-05B4-4A76-AAD3-A346A93D6E1B}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{A30CA9FA-E97B-4DBC-B639-201E47DEF94E}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{98A10AE6-3A15-44D0-87C2-FEDE85BD5A4C}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{DAF7BFE8-883A-4D02-80F8-2CBD30F3ED35}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{F3BFB4BB-978D-42C1-87F6-CD461240D2B5}] => (Allow) C:\Windows\System32\dmwu.exe
FirewallRules: [{3B3B1965-6FF2-44E1-9AB9-69CF1F8028FF}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{1344FCF5-EF25-4EF1-BCF5-A8A6A7AE0D9E}] => (Allow) C:\Windows\SysWOW64\ARFC\wrtc.exe
FirewallRules: [{BF34BFE7-9281-4C87-9D69-7F4A136A3DD8}] => (Allow) C:\Program Files (x86)\SK Communications\NATEON\BIN\NateOnMain.exe
FirewallRules: [{F4DA41CB-6E9E-45D6-83F4-8D4B506702F2}] => (Allow) C:\Program Files (x86)\SK Communications\NATEON\BIN\NateOnMain.exe
FirewallRules: [{107CC74F-4468-4BDE-A827-2E7DFB8BD975}] => (Allow) C:\Program Files\AhnLab\V3Lite30\MUpdate2\duri.ahn
FirewallRules: [{92FAA33B-3F21-4923-8884-9BCE6DE6A309}] => (Allow) C:\Program Files\AhnLab\V3Lite30\MUpdate2\duri.ahn
FirewallRules: [{F6AC9B62-2147-40B0-9AB0-E28867177390}] => (Allow) C:\Program Files (x86)\naver\NaverCommon\NaverAdminAPISvc.exe
FirewallRules: [{D44D5FF4-B3BD-4905-86F8-BA3222B04938}] => (Allow) C:\Program Files (x86)\naver\NaverCommon\NaverAdminAPISvc.exe
FirewallRules: [TCP Query User{8E1A8676-117F-46DA-B30B-CBDFB37782C9}C:\program files (x86)\torntv.com\torntv downloader.exe] => (Block) C:\program files (x86)\torntv.com\torntv downloader.exe
FirewallRules: [UDP Query User{74068007-3D60-40C1-B7DB-3F2E795CA440}C:\program files (x86)\torntv.com\torntv downloader.exe] => (Block) C:\program files (x86)\torntv.com\torntv downloader.exe
FirewallRules: [TCP Query User{20604C10-C265-429D-9C72-CB049B4B949F}C:\program files (x86)\hi-rez studios\hirezgames\tribes\binaries\win32\tribesascend.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\tribes\binaries\win32\tribesascend.exe
FirewallRules: [UDP Query User{D119FFE8-5FD2-4A41-8260-B4CB851545EE}C:\program files (x86)\hi-rez studios\hirezgames\tribes\binaries\win32\tribesascend.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\tribes\binaries\win32\tribesascend.exe
FirewallRules: [{6D4DB1E8-1A20-4F96-850D-995723027A1B}] => (Allow) C:\Program Files (x86)\naver\NaverCommon\NaverAdminAPISvc.exe
FirewallRules: [{378BB3EB-FDF2-40D4-A0F6-6EEDE14B4EF3}] => (Allow) C:\Program Files (x86)\naver\NaverCommon\NaverAdminAPISvc.exe
FirewallRules: [TCP Query User{90862691-04ED-4636-84FA-3B2629FB4D8C}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{DD72BF36-96C0-42DE-B5C1-A1E7BBE97FDB}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{DC42D96A-8C26-43D4-9B03-D65ED7FD1525}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{B6BEAADB-008E-4D6C-B61A-4A2B3B092BC3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{EAF038D6-7942-4C14-95AC-236A5BB92F83}] => (Allow) LPort=2869
FirewallRules: [{D88C881F-820B-4063-9875-1A8445DC6A23}] => (Allow) LPort=1900
FirewallRules: [{D721F7A0-4A03-4501-8553-6F1BC9DB27C3}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{F51196A1-7199-4870-BCF8-7A3325FAA8AD}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{289A5EDA-3B04-432D-B095-F990076D3F5E}] => (Allow) C:\Program Files\Lightworks\ntcardvt.exe
FirewallRules: [{339D1BF3-EB8F-403B-81DD-00051A3CB36E}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoConverter\VideoConverter.exe
FirewallRules: [{53D0888A-5E1B-4152-AB38-D621EE8C05E7}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoConverter\VideoConverter.exe
FirewallRules: [TCP Query User{1AA95035-0A19-4DB9-B729-549C5A07D543}C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe
FirewallRules: [UDP Query User{975E0E9F-C9D8-4A4C-BCC2-6FF77693656E}C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe] => (Allow) C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe
FirewallRules: [TCP Query User{5A59F92E-CE0F-417B-A6F6-8BF1D7EB715C}C:\program files\java\jdk1.8.0_20\bin\jmc.exe] => (Block) C:\program files\java\jdk1.8.0_20\bin\jmc.exe
FirewallRules: [UDP Query User{A1C098CB-DAB4-496E-B16B-FC72F9B53BEA}C:\program files\java\jdk1.8.0_20\bin\jmc.exe] => (Block) C:\program files\java\jdk1.8.0_20\bin\jmc.exe
FirewallRules: [{195966C2-FBAA-4C96-82C6-71D16932A08F}] => (Allow) C:\Program Files\CyberLink\PowerDirector11\PDR10.EXE
FirewallRules: [{296BED9A-B25A-4B7E-8B95-E5DCFC8D0781}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BE55220F-DA8C-469C-9A94-16BC2FF92E93}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4AA04AE8-5153-436E-B2D8-86278406FF36}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A2204516-B0E5-444A-ABF2-7DAFE3109D9A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{13547CB2-2EC1-4E57-B64F-F5D01D4A61BE}C:\program files\andy\andy.exe] => (Allow) C:\program files\andy\andy.exe
FirewallRules: [UDP Query User{751C74D2-B564-47BB-9FC6-40B27634E9A6}C:\program files\andy\andy.exe] => (Allow) C:\program files\andy\andy.exe
FirewallRules: [{DEEE7B5B-D14B-4628-9B99-B1232BCB7582}] => (Block) C:\program files\andy\andy.exe
FirewallRules: [{2F167C5E-4FC2-4BDF-9BC0-3F1E84018082}] => (Block) C:\program files\andy\andy.exe
FirewallRules: [TCP Query User{7FEF9224-8353-4BFF-8627-8B1B5DD5DB2E}C:\smartpixel\bin\smartpixel.exe] => (Allow) C:\smartpixel\bin\smartpixel.exe
FirewallRules: [UDP Query User{DDFF05ED-682D-49F8-9B68-C93A48A1DFBE}C:\smartpixel\bin\smartpixel.exe] => (Allow) C:\smartpixel\bin\smartpixel.exe
FirewallRules: [TCP Query User{6CAC837C-0FC8-47F7-B03E-56623CFEB9EA}C:\program files (x86)\lolreplay\lolreplay.exe] => (Block) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [UDP Query User{10057746-F717-4032-B10C-860E49DCBEB5}C:\program files (x86)\lolreplay\lolreplay.exe] => (Block) C:\program files (x86)\lolreplay\lolreplay.exe
FirewallRules: [TCP Query User{1DC7E37A-DD53-4C5B-980B-1949CB33C1B8}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{A3FEA88D-EBAE-46BC-83B3-8D127963D38F}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{14BE9D98-9375-4184-9D5D-C717FA9C4D00}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{0B705F13-4D2D-444B-8A22-06B5868BEF27}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{238F09DE-ECE6-44CF-9291-44487BF24BED}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{B21E8FEC-B0C4-4317-837E-5373A23204DA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{912FDA99-9B34-4967-8957-87C10720F05F}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\WDExpress.exe
FirewallRules: [{7EC00A9D-CDC8-4697-A3DF-42A0C323F550}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
FirewallRules: [{233E4BA3-03C7-4BEA-A135-9DB062A7FD69}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{F8A5E1F5-4F7B-4385-9765-B48ED92A7898}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [TCP Query User{15101280-87E7-45A6-BC77-DC757D3E6CE9}C:\program files\adobe\adobe media encoder cs6\adobe media encoder.exe] => (Allow) C:\program files\adobe\adobe media encoder cs6\adobe media encoder.exe
FirewallRules: [UDP Query User{2A90FCC8-447A-4A1D-AAE7-FB42BE7F967F}C:\program files\adobe\adobe media encoder cs6\adobe media encoder.exe] => (Allow) C:\program files\adobe\adobe media encoder cs6\adobe media encoder.exe
FirewallRules: [TCP Query User{6E2AB8C3-F9D4-413C-BD1C-02DCAE2CFE0B}C:\users\구정애\appdata\roaming\baidu\baiduyunguanjia\baiduyunguanjia.exe] => (Block) C:\users\구정애\appdata\roaming\baidu\baiduyunguanjia\baiduyunguanjia.exe
FirewallRules: [UDP Query User{4B9A080A-16D4-4AAF-AD0C-2D5912893444}C:\users\구정애\appdata\roaming\baidu\baiduyunguanjia\baiduyunguanjia.exe] => (Block) C:\users\구정애\appdata\roaming\baidu\baiduyunguanjia\baiduyunguanjia.exe
FirewallRules: [TCP Query User{162B7996-F8E8-4BB3-BB58-5E36900BA2AF}C:\users\구정애\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\구정애\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{F069D4B2-80DB-4487-84F5-82FCEDDB042C}C:\users\구정애\appdata\roaming\utorrent\utorrent.exe] => (Block) C:\users\구정애\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{C06503CD-8485-4848-95AD-CDB55D7AC456}C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe] => (Block) C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe
FirewallRules: [UDP Query User{F6649D8B-3953-4FF4-937C-63D245B0F51A}C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe] => (Block) C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe
FirewallRules: [{BEB790A8-8EF2-453D-ADA2-0EBDC19DDE26}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{5370207C-41A6-4DB1-974E-A259C6C9ED66}C:\program files\adobe\adobe premiere pro cs6\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro cs6\adobe premiere pro.exe
FirewallRules: [UDP Query User{D46BE081-BA40-458A-8359-A26EF21ECE32}C:\program files\adobe\adobe premiere pro cs6\adobe premiere pro.exe] => (Allow) C:\program files\adobe\adobe premiere pro cs6\adobe premiere pro.exe
FirewallRules: [TCP Query User{2F4C7181-E60F-49A5-9CCA-61BBEE8010CD}C:\users\구정애\videos\utorrent_3.1.3.exe] => (Allow) C:\users\구정애\videos\utorrent_3.1.3.exe
FirewallRules: [UDP Query User{0D090668-1B36-4366-885F-58925D1932BD}C:\users\구정애\videos\utorrent_3.1.3.exe] => (Allow) C:\users\구정애\videos\utorrent_3.1.3.exe
FirewallRules: [TCP Query User{40B42DCD-9DEF-45B6-8A84-2E216306C378}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [UDP Query User{3530592E-9383-424A-B9EC-085CBA351955}C:\program files (x86)\deluge\deluge.exe] => (Allow) C:\program files (x86)\deluge\deluge.exe
FirewallRules: [TCP Query User{D1F25586-F8EC-46F8-A016-158185E9F78E}C:\program files (x86)\wondershare\allmytube\allmytube.exe] => (Allow) C:\program files (x86)\wondershare\allmytube\allmytube.exe
FirewallRules: [UDP Query User{06A1D334-0AD1-4113-8C52-3AD1A62C813C}C:\program files (x86)\wondershare\allmytube\allmytube.exe] => (Allow) C:\program files (x86)\wondershare\allmytube\allmytube.exe
FirewallRules: [{7957C9F5-BF3E-4C59-B54D-B4473868A11A}] => (Allow) C:\Users\구정애\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7FDAA466-CAB4-4A00-AFA3-BA146353798F}] => (Allow) C:\Users\구정애\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{68156178-18CC-4759-929F-5E9297796842}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [UDP Query User{915176DA-18FD-4902-892E-E3B3F0FB24BF}C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) C:\program files (x86)\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [{403BFA21-1504-41B9-ACE6-D464D2F46722}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{8AE62EDA-1BFF-45EF-9E77-832A3DB66909}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{9C5562F5-9910-430E-ABA3-17E190A816C9}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{C483B7C6-CF49-4F77-879A-269005F7D32D}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{46444588-FA7E-4FD4-A5A7-0C6ABB52C31D}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{1F64B2AD-D5FF-453A-9FAE-0B6800BCB4A2}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [TCP Query User{9149C4A5-FD6D-4529-AD6A-488437E5A053}C:\ubisoft\ghost recon phantoms\ncsa-live\ghostreconphantoms.exe] => (Allow) C:\ubisoft\ghost recon phantoms\ncsa-live\ghostreconphantoms.exe
FirewallRules: [UDP Query User{36617ADE-030C-4380-BF88-2D667FB38128}C:\ubisoft\ghost recon phantoms\ncsa-live\ghostreconphantoms.exe] => (Allow) C:\ubisoft\ghost recon phantoms\ncsa-live\ghostreconphantoms.exe
FirewallRules: [TCP Query User{FE958A8D-3DB9-4542-921B-24081C977C79}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe] => (Block) C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [UDP Query User{18A521FF-9F44-4C71-B725-3EC4C1DEC2FA}C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe] => (Block) C:\users\public\sony online entertainment\installed games\planetside 2\planetside2_x64.exe
FirewallRules: [{280BC54B-4036-42F6-B398-5F1ED035A059}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
FirewallRules: [{32A9F417-4036-421D-92DE-C5EE01FD6E87}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\Video Download Capture.exe
FirewallRules: [{413EDE09-1EDA-4F18-88DF-F6B973F78CDC}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
FirewallRules: [{4EDD8EEA-C3D2-4A39-B5F3-02869BAF4527}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
FirewallRules: [{377A0162-0FD9-4FA9-AE92-CDF5B30B37A6}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll
FirewallRules: [{F49F23C1-86DB-4546-BE92-E7D11F183539}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll
FirewallRules: [{A071774C-D5B2-478F-A0A5-7143A969B1F8}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll
FirewallRules: [{8EB7C17F-ED73-4A5A-8DFF-EA7A04FAAC02}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftAC.dll
FirewallRules: [{6BCD3593-0947-483B-9031-F6FBF53CC958}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll
FirewallRules: [{E9040278-6329-49BB-82EA-3797A2BE8903}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftPlayer.dll
FirewallRules: [{4E0494E6-AE4A-4A3A-A30D-67F620FF404B}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll
FirewallRules: [{F69ACCC7-4654-4250-B56E-DE4800ED1775}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDownloaderHelp.dll
FirewallRules: [{355E494D-DB1E-44C6-A977-2C6097440FAE}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftHDSDump.dll
FirewallRules: [{2844D5D5-E1F5-46F6-AF39-311C09F48EA5}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftHDSDump.dll
FirewallRules: [{26F90D3C-1A45-41BB-B422-B5BCA5F093C3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{D32003ED-D1A9-48BE-93B1-B0DF62917BF5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B6F74D34-5F84-4F26-92A7-9BEFCCF9477C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{E8D45391-E06A-4981-BA14-D1C59889E30D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{82763EE3-B4E5-45B2-B485-5A64E050D172}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{148DDEEF-B9E8-4BC1-A1AE-DDB1BD421CF2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{75D0B41D-6E6F-475E-B839-57307A9E8420}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{1A11C261-8CC1-4E18-9359-AB822F82A055}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\sfm.exe
FirewallRules: [{80724F27-FE28-4CFB-9479-AAE3AD14AD40}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{DD47B6D4-B43A-4EA6-AE73-B49833D155A6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceFilmmaker\game\bin\qsdklauncher.exe
FirewallRules: [{6DB75FDF-F231-4C6D-820C-F304FC4B9C20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceSDK\bin\SDKLauncher.exe
FirewallRules: [{2861320C-335D-4598-BC68-24A4A3B643F2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SourceSDK\bin\SDKLauncher.exe
FirewallRules: [{5EF72E79-5E02-44C0-B5C4-E3BF975F2A04}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{95DC82A2-713E-4634-8744-41BC6DED588A}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{2D932C21-4959-465F-A02E-D0E1B44D85B0}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [{00A3AAAC-7FC3-46BB-8844-84B931FDA0DA}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [{E059C0AD-F1D4-43EE-A5DD-B2601E759F4D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{E582F80D-CB0E-4A58-B16F-1C0BFA0E3381}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{B23CA211-E605-4F4D-B39D-D207C08DDB77}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: ATamptNt_V3LITE30
Description: ATamptNt_V3LITE30
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ATamptNt_V3LITE30
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/28/2015 07:34:22 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Windows Search 서비스가 새 검색 색인을 만들지 못했습니다. 내부 오류 <4, 0x8004117f, 프로젝트를 추가하지 못했습니다. C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.

Error: (07/28/2015 07:34:22 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Windows Search Service가 Jet 속성 저장소를 열 수 없습니다.

자세히:
0x%08x (0x8004117f - 데이터베이스 오류 때문에 콘텐츠 인덱스 서버가 정보를 업데이트하거나 액세스할 수 없습니다. 검색 서비스를 중지하고 다시 시작하십시오. 문제가 지속되면 콘텐츠 인덱스를 다시 설정하고 크롤링하십시오. 일부의 경우에는 콘텐츠 인덱스를 삭제하고 다시 만들어야 할 수도 있습니다. (HRESULT : 0x8004117f))

Error: (07/28/2015 07:34:22 PM) (Source: ESENT) (EventID: 485) (User: )
Description: Windows (2084) Windows: 시스템 오류 32 (0x00000020): "다른 프로세스가 파일을 사용 중이기 때문에 프로세스가 액세스 할 수 없습니다. " 때문에 "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk" 파일을 삭제하려는 시도가 실패했습니다. 파일 삭제 작업이 실패할 것입니다(오류 -1032 (0xfffffbf8)).

Error: (07/28/2015 07:34:12 PM) (Source: ESENT) (EventID: 490) (User: )
Description: Windows (2084) Windows: 시스템 오류 32 (0x00000020): "다른 프로세스가 파일을 사용 중이기 때문에 프로세스가 액세스 할 수 없습니다. " 때문에 "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk" 파일을 읽기/쓰기로 열려는 시도가 실패했습니다. 파일 열기 작업이 실패할 것입니다(오류 -1032 (0xfffffbf8)).

Error: (07/28/2015 07:32:56 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: Windows Search 서비스가 새 검색 색인을 만들지 못했습니다. 내부 오류 <4, 0x8004117f, 프로젝트를 추가하지 못했습니다. C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.

Error: (07/28/2015 07:32:56 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Windows Search Service가 Jet 속성 저장소를 열 수 없습니다.

자세히:
0x%08x (0x8004117f - 데이터베이스 오류 때문에 콘텐츠 인덱스 서버가 정보를 업데이트하거나 액세스할 수 없습니다. 검색 서비스를 중지하고 다시 시작하십시오. 문제가 지속되면 콘텐츠 인덱스를 다시 설정하고 크롤링하십시오. 일부의 경우에는 콘텐츠 인덱스를 삭제하고 다시 만들어야 할 수도 있습니다. (HRESULT : 0x8004117f))

Error: (07/28/2015 07:32:55 PM) (Source: ESENT) (EventID: 485) (User: )
Description: Windows (488) Windows: 시스템 오류 32 (0x00000020): "다른 프로세스가 파일을 사용 중이기 때문에 프로세스가 액세스 할 수 없습니다. " 때문에 "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk" 파일을 삭제하려는 시도가 실패했습니다. 파일 삭제 작업이 실패할 것입니다(오류 -1032 (0xfffffbf8)).

Error: (07/28/2015 07:32:45 PM) (Source: ESENT) (EventID: 490) (User: )
Description: Windows (488) Windows: 시스템 오류 32 (0x00000020): "다른 프로세스가 파일을 사용 중이기 때문에 프로세스가 액세스 할 수 없습니다. " 때문에 "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk" 파일을 읽기/쓰기로 열려는 시도가 실패했습니다. 파일 열기 작업이 실패할 것입니다(오류 -1032 (0xfffffbf8)).

Error: (07/28/2015 07:28:24 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: 인덱서 The catalog is corrupt에 문제가 있어 Windows Search 서비스를 중지하는 중입니다.

자세히:
콘텐츠 인덱스 카탈로그가 손상되었습니다. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/28/2015 07:28:24 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: 인덱스를 초기화할 수 없습니다.

자세히:
콘텐츠 인덱스 카탈로그가 손상되었습니다. (HRESULT : 0xc0041801) (0xc0041801)


System errors:
=============
Error: (07/29/2015 09:23:30 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: 브라우저 서비스가 여러 번 전송 \Device\NetBT_Tcpip_{8814FB55-4885-4A88-8046-D5AFDE86C5DD}에서 백업 목록을 검색하지 못했습니다.
백업 브라우저를 중지하고 있습니다.

Error: (07/29/2015 09:04:57 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: 다음의 부팅-시작 또는 시스템-시작 드라이버를 로드하지 못했습니다.
ATamptNt_V3LITE30

Error: (07/29/2015 09:04:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: 다음 오류로 인해 Windows Live ID Sign-in Assistant 서비스를 시작하지 못했습니다.
%%1053

Error: (07/29/2015 09:04:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Windows Live ID Sign-in Assistant 서비스 연결을 기다리는 동안 제한 시간에 도달했습니다(30000밀리초).

Error: (07/29/2015 09:04:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: 다음 오류로 인해 V3 Lite Service 서비스를 시작하지 못했습니다.
%%1053

Error: (07/29/2015 09:04:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: V3 Lite Service 서비스 연결을 기다리는 동안 제한 시간에 도달했습니다(30000밀리초).

Error: (07/29/2015 09:03:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: 다음 오류로 인해 Freemake Improver 서비스를 시작하지 못했습니다.
%%1053

Error: (07/29/2015 09:03:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Freemake Improver 서비스 연결을 기다리는 동안 제한 시간에 도달했습니다(30000밀리초).

Error: (07/29/2015 09:02:29 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (07/29/2015 09:02:29 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter


Microsoft Office:
=========================
Error: (07/28/2015 07:34:22 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 40x8004117f프로젝트를 추가하지 못했습니다. C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects

Error: (07/28/2015 07:34:22 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: 자세히:
0x%08x (0x8004117f - 데이터베이스 오류 때문에 콘텐츠 인덱스 서버가 정보를 업데이트하거나 액세스할 수 없습니다. 검색 서비스를 중지하고 다시 시작하십시오. 문제가 지속되면 콘텐츠 인덱스를 다시 설정하고 크롤링하십시오. 일부의 경우에는 콘텐츠 인덱스를 삭제하고 다시 만들어야 할 수도 있습니다. (HRESULT : 0x8004117f))

Error: (07/28/2015 07:34:22 PM) (Source: ESENT) (EventID: 485) (User: )
Description: Windows2084Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk-1032 (0xfffffbf8)32 (0x00000020)다른 프로세스가 파일을 사용 중이기 때문에 프로세스가 액세스 할 수 없습니다.

Error: (07/28/2015 07:34:12 PM) (Source: ESENT) (EventID: 490) (User: )
Description: Windows2084Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk-1032 (0xfffffbf8)32 (0x00000020)다른 프로세스가 파일을 사용 중이기 때문에 프로세스가 액세스 할 수 없습니다.

Error: (07/28/2015 07:32:56 PM) (Source: Windows Search Service) (EventID: 1006) (User: )
Description: 40x8004117f프로젝트를 추가하지 못했습니다. C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects

Error: (07/28/2015 07:32:56 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: 자세히:
0x%08x (0x8004117f - 데이터베이스 오류 때문에 콘텐츠 인덱스 서버가 정보를 업데이트하거나 액세스할 수 없습니다. 검색 서비스를 중지하고 다시 시작하십시오. 문제가 지속되면 콘텐츠 인덱스를 다시 설정하고 크롤링하십시오. 일부의 경우에는 콘텐츠 인덱스를 삭제하고 다시 만들어야 할 수도 있습니다. (HRESULT : 0x8004117f))

Error: (07/28/2015 07:32:55 PM) (Source: ESENT) (EventID: 485) (User: )
Description: Windows488Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk-1032 (0xfffffbf8)32 (0x00000020)다른 프로세스가 파일을 사용 중이기 때문에 프로세스가 액세스 할 수 없습니다.

Error: (07/28/2015 07:32:45 PM) (Source: ESENT) (EventID: 490) (User: )
Description: Windows488Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk-1032 (0xfffffbf8)32 (0x00000020)다른 프로세스가 파일을 사용 중이기 때문에 프로세스가 액세스 할 수 없습니다.

Error: (07/28/2015 07:28:24 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: 자세히:
콘텐츠 인덱스 카탈로그가 손상되었습니다. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (07/28/2015 07:28:24 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: 자세히:
콘텐츠 인덱스 카탈로그가 손상되었습니다. (HRESULT : 0xc0041801) (0xc0041801)


CodeIntegrity:
===================================
Date: 2014-07-20 11:59:49.088
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7601.17514_none_36e20fd4506111dd\fveapibase.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-07-20 11:59:48.560
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7601.17514_none_36e20fd4506111dd\fveapibase.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-07-20 11:59:47.245
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7600.16385_none_34b0fc0c53728e43\fveapibase.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-07-20 11:59:46.644
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-securestartup-core_31bf3856ad364e35_6.1.7600.16385_none_34b0fc0c53728e43\fveapibase.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-07-20 11:58:52.398
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-07-20 11:58:51.773
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-s..trics-sensoradapter_31bf3856ad364e35_6.1.7600.16385_none_13881e44d6ccca6b\winbiosensoradapter.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-07-20 11:58:34.021
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-s..rics-storageadapter_31bf3856ad364e35_6.1.7600.16385_none_d67ca3c3b6af653e\winbiostorageadapter.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-07-20 11:58:33.386
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-s..rics-storageadapter_31bf3856ad364e35_6.1.7600.16385_none_d67ca3c3b6af653e\winbiostorageadapter.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-07-20 11:09:13.680
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.17514_none_59537a3710696511\appid.sys because the set of per-page image hashes could not be found on the system.

Date: 2014-07-20 11:09:13.054
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old.000\Windows\winsxs\x86_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.17514_none_59537a3710696511\appid.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: AMD Athlon™ 7550 Dual-Core Processor
Percentage of memory in use: 55%
Total physical RAM: 4095.12 MB
Available physical RAM: 1841.58 MB
Total Virtual: 8188.44 MB
Available Virtual: 5291.61 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.73 GB) (Free:109.99 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:465.74 GB) (Free:0 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BD2B9AAE)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=465.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=465.7 GB) - (Type=OF Extended)

==================== End of log ============================

Attached Files


Edited by Oh My!, 29 July 2015 - 09:46 PM.


#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,789 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:48 PM

Posted 29 July 2015 - 09:50 PM

Greetings.

Can you tell me if you changed any Internet Settings, like adding a Proxy?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 maske3344

maske3344
  • Topic Starter

  • Members
  • 204 posts
  • OFFLINE
  •  
  • Local time:09:48 PM

Posted 29 July 2015 - 10:20 PM

I have not changed the settings, including Proxy.



#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,789 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:48 PM

Posted 29 July 2015 - 10:27 PM

Very good, thanks.

Please consider and do this.

I am ending for the evening but will check back in first thing in the morning.

===================================================

P2P Warning

--------------------

Going over your logs I noticed that you have µTorrent installed. It is pretty much certain that if you continue to use P2P programs, you will get infected again.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.
I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove the program, you can do so via Start > Control Panel > Add/Remove Programs.

If you are still leaning toward using this program, please take a look at this information about Ransomware which can be delivered via P2P file transfers. The newest variation of Ransomware can make it impossible to recover the files this malicious software encrypts. In other words, you will probably lose most if not all of your valuable information, including pictures. In addition it has recently been reported that P2P downloads may be tracked resulting in your IP address being monitored by copyright authorities. .

If you wish to keep it, please do not use it until we are completely done and your machine is determined to be clean and updated.

===================================================

Multiple Antivirus Programs

-------------------

I do not recommend that you have more than one anti virus product installed on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:
  • False Alarms: When the anti virus software tells you that your PC has a virus when it actually doesn't.
  • System Performance Problems: Your system may lock up due to both products attempting to access the same file at the same time.
Therefore please remove all but one of the Antivirus programs currently on your computer, even if only one is running. You can do this via Add/Remove Programs, or Programs and Features in the Control Panel.
 

V3 Lite
avast! Antivirus


===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
HKU\S-1-5-21-3555321914-2000873654-4226455716-1001\...\Run: [AdobeBridge] => [X]
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:13081;https=127.0.0.1:8118
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
DPF: HKLM {6CE20149-ABE3-462E-A1B4-5B549971AA38}
2014-09-12 01:14 - 2014-09-12 01:15 - 0028873 _____ () C:\Program Files (x86)\unins000.dat
2014-09-12 01:14 - 2014-09-12 01:14 - 0723445 _____ () C:\Program Files (x86)\unins000.exe
C:\Users\구정애\AppData\Local\Temp\Quarantine.exe
C:\Users\구정애\AppData\Local\Temp\sqlite3.dll
Task: {1E5182D1-4C38-49FB-9F85-173767761F94} - System32\Tasks\{601E723B-55BB-4250-BD75-3D02B5AC738A} => pcalua.exe -a c:\users\구정애\appdata\local\genesis_07240330\genesis_07240330.exe -c /x
c:\users\구정애\appdata\local\genesis_07240330
Task: {89BA9075-6DE8-4EE1-971F-041FD5195ABE} - System32\Tasks\{BB26F80C-4E83-4867-8979-1D205423AAD7} => pcalua.exe -a C:\Users\구정애\AppData\Local\Temp\{D7F52CAA-5F5D-45AA-B5AB-5DED5DF36A42}\InstallFlashPlayer.exe -d C:\Users\구정애\AppData\Local\Temp\IDC2.tmp -c -iv 6
C:\Users\구정애\AppData\Local\Temp\{D7F52CAA-5F5D-45AA-B5AB-5DED5DF36A42}
Task: {9F10E64E-9542-4597-8C4A-06D786550CA2} - System32\Tasks\{C3271B5A-B1C2-43D7-BE9E-CB3F4FD29C29} => pcalua.exe -a D:\utility\flashplayerax.exe -d D:\utility
Task: {C373028E-2044-4B58-96C2-A323368B8D54} - System32\Tasks\{65F29D32-DCD7-4A4D-A1CD-E1C68B46B680} => pcalua.exe -a "C:\Users\구정애\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NR1YGZI2\npEfdsWCtrlSetup.exe" -d C:\Users\구정애\Desktop
C:\Users\구정애\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NR1YGZI2\npEfdsWCtrlSetup.exe
Folder: C:\f4cce30899f4688ca4e142dec5
cmd: ipconfig /flushdns
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Were you able to uninstall an AV program?
  • Fixlog
  • Update on computer performance

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 maske3344

maske3344
  • Topic Starter

  • Members
  • 204 posts
  • OFFLINE
  •  
  • Local time:09:48 PM

Posted 29 July 2015 - 10:57 PM

Before I remove one of the anti-virus, do you recommend one over the other?

 

I don't know if computer performance improved yet, so I will give it a time.

(In YouTube, I tried to click on the descriptions and titles of my uploaded videos, but they disappear. Do you know anything about this weird problem?)

 

Fix result of Farbar Recovery Scan Tool (x64) Version:28-07-2015
Ran by 구정애 (2015-07-29 22:46:00) Run:3
Running from C:\Users\구정애\Desktop
Loaded Profiles: 구정애 (Available Profiles: 구정애)
Boot Mode: Normal
==============================================

fixlist content:
*****************
HKU\S-1-5-21-3555321914-2000873654-4226455716-1001\...\Run: [AdobeBridge] => [X]
ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled.
ProxyServer: [.DEFAULT] => http=127.0.0.1:13081;https=127.0.0.1:8118
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
DPF: HKLM {6CE20149-ABE3-462E-A1B4-5B549971AA38}
2014-09-12 01:14 - 2014-09-12 01:15 - 0028873 _____ () C:\Program Files (x86)\unins000.dat
2014-09-12 01:14 - 2014-09-12 01:14 - 0723445 _____ () C:\Program Files (x86)\unins000.exe
C:\Users\구정애\AppData\Local\Temp\Quarantine.exe
C:\Users\구정애\AppData\Local\Temp\sqlite3.dll
Task: {1E5182D1-4C38-49FB-9F85-173767761F94} - System32\Tasks\{601E723B-55BB-4250-BD75-3D02B5AC738A} => pcalua.exe -a c:\users\구정애\appdata\local\genesis_07240330\genesis_07240330.exe -c /x
c:\users\구정애\appdata\local\genesis_07240330
Task: {89BA9075-6DE8-4EE1-971F-041FD5195ABE} - System32\Tasks\{BB26F80C-4E83-4867-8979-1D205423AAD7} => pcalua.exe -a C:\Users\구정애\AppData\Local\Temp\{D7F52CAA-5F5D-45AA-B5AB-5DED5DF36A42}\InstallFlashPlayer.exe -d C:\Users\구정애\AppData\Local\Temp\IDC2.tmp -c -iv 6
C:\Users\구정애\AppData\Local\Temp\{D7F52CAA-5F5D-45AA-B5AB-5DED5DF36A42}
Task: {9F10E64E-9542-4597-8C4A-06D786550CA2} - System32\Tasks\{C3271B5A-B1C2-43D7-BE9E-CB3F4FD29C29} => pcalua.exe -a D:\utility\flashplayerax.exe -d D:\utility
Task: {C373028E-2044-4B58-96C2-A323368B8D54} - System32\Tasks\{65F29D32-DCD7-4A4D-A1CD-E1C68B46B680} => pcalua.exe -a "C:\Users\구정애\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NR1YGZI2\npEfdsWCtrlSetup.exe" -d C:\Users\구정애\Desktop
C:\Users\구정애\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NR1YGZI2\npEfdsWCtrlSetup.exe
Folder: C:\f4cce30899f4688ca4e142dec5
cmd: ipconfig /flushdns
*****************

HKU\S-1-5-21-3555321914-2000873654-4226455716-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{6CE20149-ABE3-462E-A1B4-5B549971AA38}" => key removed successfully
HKCR\CLSID\{6CE20149-ABE3-462E-A1B4-5B549971AA38} => key not found.
C:\Program Files (x86)\unins000.dat => moved successfully.
C:\Program Files (x86)\unins000.exe => moved successfully.
C:\Users\구정애\AppData\Local\Temp\Quarantine.exe => moved successfully.
C:\Users\구정애\AppData\Local\Temp\sqlite3.dll => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1E5182D1-4C38-49FB-9F85-173767761F94}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E5182D1-4C38-49FB-9F85-173767761F94}" => key removed successfully
C:\Windows\System32\Tasks\{601E723B-55BB-4250-BD75-3D02B5AC738A} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{601E723B-55BB-4250-BD75-3D02B5AC738A}" => key removed successfully
"c:\users\구정애\appdata\local\genesis_07240330" => File/Folder not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{89BA9075-6DE8-4EE1-971F-041FD5195ABE}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89BA9075-6DE8-4EE1-971F-041FD5195ABE}" => key removed successfully
C:\Windows\System32\Tasks\{BB26F80C-4E83-4867-8979-1D205423AAD7} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BB26F80C-4E83-4867-8979-1D205423AAD7}" => key removed successfully
"C:\Users\구정애\AppData\Local\Temp\{D7F52CAA-5F5D-45AA-B5AB-5DED5DF36A42}" => File/Folder not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F10E64E-9542-4597-8C4A-06D786550CA2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F10E64E-9542-4597-8C4A-06D786550CA2}" => key removed successfully
C:\Windows\System32\Tasks\{C3271B5A-B1C2-43D7-BE9E-CB3F4FD29C29} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C3271B5A-B1C2-43D7-BE9E-CB3F4FD29C29}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C373028E-2044-4B58-96C2-A323368B8D54}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C373028E-2044-4B58-96C2-A323368B8D54}" => key removed successfully
C:\Windows\System32\Tasks\{65F29D32-DCD7-4A4D-A1CD-E1C68B46B680} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{65F29D32-DCD7-4A4D-A1CD-E1C68B46B680}" => key removed successfully
"C:\Users\구정애\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NR1YGZI2\npEfdsWCtrlSetup.exe" => File/Folder not found.

========================= Folder: C:\f4cce30899f4688ca4e142dec5 ========================

2015-07-03 08:43 - 2015-07-03 08:43 - 130333168 _____ (Microsoft Corporation) C:\f4cce30899f4688ca4e142dec5\mrt.exe

====== End of Folder: ======


=========  ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


==== End of Fixlog 22:46:01 ====

Attached Files


Edited by Oh My!, 30 July 2015 - 09:16 AM.


#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,789 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:48 PM

Posted 30 July 2015 - 09:15 AM

I can't really say which one since I don't know anything about V3 Lite. Let me know how your computer performs after you uninstall one of the AV programs.


Edited by Oh My!, 30 July 2015 - 09:18 AM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#9 maske3344

maske3344
  • Topic Starter

  • Members
  • 204 posts
  • OFFLINE
  •  
  • Local time:09:48 PM

Posted 30 July 2015 - 08:48 PM

It says I already uninstalled V3 Lite, but I can still see it in the Control Panel.

So, I double clicked on it again to uninstall, but nothing happens.



#10 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,789 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:48 PM

Posted 30 July 2015 - 08:55 PM

It may simply be a remnant. How is your computer running?


Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#11 maske3344

maske3344
  • Topic Starter

  • Members
  • 204 posts
  • OFFLINE
  •  
  • Local time:09:48 PM

Posted 30 July 2015 - 08:57 PM

I had a delay in booting and opening Chrome.

And I still get NSIS errors.



#12 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,789 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:48 PM

Posted 30 July 2015 - 09:19 PM

Thanks. We may be uninstalling Avast but first I would like you to run the Microsoft Fixit here. Let me know if things improve.

Edited by Oh My!, 30 July 2015 - 09:26 PM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#13 maske3344

maske3344
  • Topic Starter

  • Members
  • 204 posts
  • OFFLINE
  •  
  • Local time:09:48 PM

Posted 30 July 2015 - 09:22 PM

Fixit gave me an error.



#14 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,789 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:08:48 PM

Posted 30 July 2015 - 09:23 PM

Saying it is not compatible?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#15 maske3344

maske3344
  • Topic Starter

  • Members
  • 204 posts
  • OFFLINE
  •  
  • Local time:09:48 PM

Posted 30 July 2015 - 09:27 PM

It says that error has occurred, so the program cannot solve the problem. 

And it gave me a download an utility that can solve this. Should I download it? 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users