Jump to content

Not able to open Malwarebytes, Admin Required Programs


Recommended Posts

Hi,

 

I was using my Windows 8 CPU when I had relogged in and found that I couldn't open one of my programs (that required administrator). Figured out there could be a problem, so I tried to access Malwarebytes. When I say open the program, I can allow it to run but nothing happens at all. I've tried Charmeleon and tested all but no Command Prompt appears. Tried to use RKill, won't do anything either, can open but won't do anything.

 

If it would help I was infected with Trovi two days back.

 

Regards

Link to post
Share on other sites

Hello and welcome to Malwarebytes,

 

P2P/Piracy Warning:

 

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

 

Follow the instructions in the following link to show hidden files:

 

http://www.bleepingcomputer.com/tutorials/how-to-see-hidden-files-in-windows/

 

Next,

 

Download Farbar Recovery Scan Tool and save it to your desktop.

 

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.


Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

Thanks,

 

Kevin..

Link to post
Share on other sites

Sorry for double post.

 

Here are the attached txt's

 

FRST

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by (administrator) on DELL on 14-03-2015 22:11:38
Running from C:\Users\User\Downloads
Loaded Profiles: (administrator) & UpdatusUser (Available profiles: (administrator) & UpdatusUser)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
Failed to access process -> firefox.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Spotify Ltd) C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [682904 2012-09-20] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-02-04] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3153547000-893765435-3105596823-1001\...\Run: [spotify] => C:\Users\User\AppData\Roaming\Spotify\Spotify.exe [6737976 2015-01-27] (Spotify Ltd)
HKU\S-1-5-21-3153547000-893765435-3105596823-1001\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [107848 2015-02-14] (Google Inc.)
HKU\S-1-5-21-3153547000-893765435-3105596823-1001\...\Run: [spotify Web Helper] => C:\Users\User\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2015-01-27] (Spotify Ltd)
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\VC64Loader.dll File Not Found
AppInit_DLLs:  C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-18] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-18] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3153547000-893765435-3105596823-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-au/?ocid=iehp
URLSearchHook: [s-1-5-21-3153547000-893765435-3105596823-1002] ATTENTION ==> Default URLSearchHook is missing.
SearchScopes: HKU\S-1-5-21-3153547000-893765435-3105596823-1001 -> {1A95DC8F-4A6D-4938-B715-50B59B516306} URL =
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-02-04] (AVAST Software)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-02-04] (AVAST Software)
Tcpip\Parameters: [DhcpNameServer] 211.29.132.12 198.142.0.51 198.142.235.14

FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\bu4k8nya.default-1426141415084
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-06] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin HKU\S-1-5-21-3153547000-893765435-3105596823-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)
FF Plugin HKU\S-1-5-21-3153547000-893765435-3105596823-1001: @talk.google.com/O1DPlugin -> C:\Users\User\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-01-27] (Google)
FF Plugin HKU\S-1-5-21-3153547000-893765435-3105596823-1001: @tools.google.com/Google Update;version=3 -> C:\Users\User\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-14] (Google Inc.)
FF Plugin HKU\S-1-5-21-3153547000-893765435-3105596823-1001: @tools.google.com/Google Update;version=9 -> C:\Users\User\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-14] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-01-27] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-01-27] (Google)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-02-04]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-02-04]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-02-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-02-04] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-02-04] (Avast Software)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321024 2013-08-22] (Microsoft Corporation)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-26] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-09-25] ()
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3398544 2014-11-12] (INCA Internet Co., Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [1153840 2012-09-25] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-02-04] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [87912 2015-02-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-02-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-02-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-02-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-02-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-02-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-02-04] ()
S3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [132608 2015-01-30] (Microsoft Corporation)
S3 BthHFAud; C:\Windows\System32\drivers\BthHfAud.sys [32768 2014-10-08] (Microsoft Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-14] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [4309032 2012-10-11] (Intel Corporation)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-02-04] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
R3 dump_wmimmc; \??\C:\Program Files (x86)\SEGA\PHANTASYSTARONLINE2\pso2_bin\GameGuard\dump_wmimmc.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-14 22:11 - 2015-03-14 22:12 - 00011685 _____ () C:\Users\User\Downloads\FRST.txt
2015-03-14 22:11 - 2015-03-14 22:11 - 02095616 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe
2015-03-14 22:11 - 2015-03-14 22:11 - 00000000 ____D () C:\FRST
2015-03-14 21:16 - 2015-03-14 21:17 - 16502728 _____ (Malwarebytes Corp.) C:\Users\User\Downloads\mbar-1.09.1.1004.exe
2015-03-14 21:03 - 2015-03-14 21:03 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\User\Downloads\iExplore.exe
2015-03-14 21:02 - 2015-03-14 21:02 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\User\Downloads\rkill.exe
2015-03-14 20:39 - 2015-03-14 20:39 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\derpaderp.exe
2015-03-14 15:26 - 2015-03-14 19:11 - 00000000 ___RD () C:\Users\User\OneDrive
2015-03-14 13:53 - 2015-03-14 13:54 - 00000197 _____ () C:\Windows\system32\2015-03-14-02-53-55.003-AvastVBoxSVC.exe-2640.log
2015-03-14 13:34 - 2015-03-14 13:35 - 00000197 _____ () C:\Windows\system32\2015-03-14-02-34-53.081-AvastVBoxSVC.exe-2404.log
2015-03-14 10:53 - 2015-03-14 10:54 - 00000197 _____ () C:\Windows\system32\2015-03-13-23-53-39.022-AvastVBoxSVC.exe-2784.log
2015-03-13 20:56 - 2015-03-13 20:58 - 00000197 _____ () C:\Windows\system32\2015-03-13-09-56-34.012-AvastVBoxSVC.exe-2092.log
2015-03-13 17:44 - 2015-03-13 17:45 - 00000012 _____ () C:\Users\User\Desktop\New Text Document.txt
2015-03-13 17:38 - 2015-03-13 17:39 - 00000197 _____ () C:\Windows\system32\2015-03-13-06-38-15.081-AvastVBoxSVC.exe-2920.log
2015-03-13 16:37 - 2015-03-13 16:37 - 00000000 ____D () C:\Program Files\Common Files\INCA Shared
2015-03-13 16:37 - 2014-11-12 02:29 - 03398544 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\GameMon.des
2015-03-13 16:37 - 2005-01-02 23:43 - 00004682 _____ (INCA Internet Co., Ltd.) C:\Windows\SysWOW64\npptNT2.sys
2015-03-13 16:37 - 2003-07-19 08:17 - 00005174 _____ () C:\Windows\SysWOW64\nppt9x.vxd
2015-03-13 16:14 - 2015-03-13 16:14 - 00001354 _____ () C:\Users\User\Desktop\Phantasy Star Online 2.lnk
2015-03-13 16:14 - 2015-03-13 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phantasy Star Online 2
2015-03-13 15:45 - 2015-03-13 16:18 - 00000000 ____D () C:\Users\User\Documents\SEGA
2015-03-13 15:45 - 2015-03-13 15:45 - 00000000 ____D () C:\Program Files (x86)\SEGA
2015-03-13 06:55 - 2015-03-13 06:55 - 00000197 _____ () C:\Windows\system32\2015-03-12-19-55-43.084-AvastVBoxSVC.exe-2720.log
2015-03-12 07:23 - 2015-03-12 07:23 - 00000197 _____ () C:\Windows\system32\2015-03-11-20-23-49.008-AvastVBoxSVC.exe-2552.log
2015-03-11 22:45 - 2015-03-14 20:37 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-03-11 22:45 - 2015-03-14 15:24 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-11 22:45 - 2015-03-11 22:45 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.4.1028.exe
2015-03-11 22:45 - 2015-03-11 22:45 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-03-11 22:45 - 2015-03-11 22:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-03-11 22:45 - 2015-03-11 22:45 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-11 22:45 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-03-11 22:45 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-03-11 22:45 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-03-11 20:28 - 2015-03-12 07:26 - 00000000 ____D () C:\Users\User\Desktop\PSO2_Full_Client_2.0221.4
2015-03-11 20:26 - 2015-03-11 20:26 - 00000878 _____ () C:\Users\User\Desktop\BitTorrent.lnk
2015-03-11 20:25 - 2015-03-11 20:25 - 01744472 _____ (BitTorrent Inc.) C:\Users\User\Downloads\BitTorrent.exe
2015-03-11 19:27 - 2015-02-04 10:58 - 00264000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-03-11 19:27 - 2015-02-04 10:58 - 00114496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-03-11 19:27 - 2015-02-04 10:58 - 00044024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-03-11 19:27 - 2015-02-03 10:53 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\winshfhc.dll
2015-03-11 19:27 - 2015-02-03 10:53 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winshfhc.dll
2015-03-11 19:26 - 2015-02-08 10:57 - 01090048 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2015-03-11 19:26 - 2015-02-08 10:49 - 00791040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2015-03-11 19:26 - 2015-02-07 10:09 - 00396419 _____ () C:\Windows\system32\ApnDatabase.xml
2015-03-11 19:26 - 2015-02-06 12:28 - 02257408 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-03-11 19:26 - 2015-02-06 12:08 - 01943040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-03-11 19:26 - 2015-02-06 07:24 - 01113920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-03-11 19:26 - 2015-02-03 11:03 - 03551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2015-03-11 19:26 - 2015-02-03 11:02 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2015-03-11 19:26 - 2015-01-31 10:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-03-11 19:26 - 2015-01-31 10:29 - 02484224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-03-11 19:26 - 2015-01-30 14:01 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthA2DP.sys
2015-03-11 19:26 - 2015-01-30 14:01 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidbth.sys
2015-03-11 19:26 - 2015-01-30 14:00 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rfcomm.sys
2015-03-11 19:26 - 2015-01-30 13:03 - 01488896 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2015-03-11 19:26 - 2015-01-30 13:03 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2015-03-11 19:26 - 2015-01-30 13:02 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2015-03-11 19:26 - 2015-01-30 12:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2015-03-11 19:26 - 2015-01-30 12:42 - 01204224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2015-03-11 19:26 - 2015-01-30 12:40 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2015-03-11 19:26 - 2015-01-30 12:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2015-03-11 19:26 - 2015-01-30 12:29 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atlthunk.dll
2015-03-11 19:26 - 2015-01-30 12:24 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2015-03-11 19:26 - 2015-01-30 12:24 - 00250880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2015-03-11 19:26 - 2015-01-30 12:16 - 00266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2015-03-11 19:26 - 2015-01-30 12:08 - 00346112 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2015-03-11 19:26 - 2015-01-30 12:06 - 00278016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2015-03-11 19:26 - 2015-01-29 12:58 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\photowiz.dll
2015-03-11 19:26 - 2015-01-29 12:29 - 00290816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\photowiz.dll
2015-03-11 19:26 - 2015-01-29 12:11 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 19:26 - 2015-01-29 12:04 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-03-11 19:26 - 2015-01-29 12:04 - 00864256 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2015-03-11 19:26 - 2015-01-29 12:00 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-03-11 19:26 - 2015-01-29 11:59 - 02773504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-03-11 19:26 - 2015-01-29 11:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-03-11 19:26 - 2015-01-29 11:50 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-03-11 19:26 - 2015-01-29 11:49 - 02459136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-03-11 19:26 - 2015-01-28 13:24 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\StorageContextHandler.dll
2015-03-11 19:26 - 2015-01-28 12:47 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StorageContextHandler.dll
2015-03-11 19:26 - 2015-01-28 10:47 - 02501368 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2015-03-11 19:26 - 2015-01-28 10:41 - 02207488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2015-03-11 19:26 - 2015-01-27 14:44 - 00933888 _____ (Microsoft Corporation) C:\Windows\system32\calc.exe
2015-03-11 19:26 - 2015-01-24 12:51 - 00816128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\calc.exe
2015-03-11 19:26 - 2015-01-23 18:17 - 00723072 _____ (Microsoft Corporation) C:\Windows\system32\SHCore.dll
2015-03-11 19:26 - 2015-01-23 16:02 - 00560392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SHCore.dll
2015-03-11 19:26 - 2014-12-11 16:36 - 00046456 _____ (Microsoft Corporation) C:\Windows\system32\LockScreenContentServer.exe
2015-03-11 19:26 - 2014-10-29 13:46 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2015-03-11 19:26 - 2014-10-29 13:46 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthenum.sys
2015-03-11 19:26 - 2014-10-29 13:45 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2015-03-11 19:26 - 2014-10-29 13:43 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\printui.exe
2015-03-11 19:26 - 2014-10-29 13:34 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2015-03-11 19:26 - 2014-10-29 13:34 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2015-03-11 19:26 - 2014-10-29 13:34 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\WSReset.exe
2015-03-11 19:26 - 2014-10-29 13:04 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\findnetprinters.dll
2015-03-11 19:26 - 2014-10-29 13:03 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\fsquirt.exe
2015-03-11 19:26 - 2014-10-29 12:58 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.exe
2015-03-11 19:26 - 2014-10-29 12:52 - 00289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll
2015-03-11 19:26 - 2014-10-29 12:51 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-03-11 19:26 - 2014-10-29 12:48 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2015-03-11 19:26 - 2014-10-29 12:45 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2015-03-11 19:26 - 2014-10-29 12:45 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2015-03-11 19:26 - 2014-10-29 12:28 - 00055808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\findnetprinters.dll
2015-03-11 19:26 - 2014-10-29 12:28 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\atlthunk.dll
2015-03-11 19:26 - 2014-10-29 12:20 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-03-11 19:26 - 2014-10-29 12:19 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\eappprxy.dll
2015-03-11 19:26 - 2014-10-29 12:15 - 00199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2015-03-11 19:26 - 2014-10-29 12:13 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2015-03-11 19:26 - 2014-10-29 11:59 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappprxy.dll
2015-03-11 19:26 - 2014-10-29 11:55 - 00223744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2015-03-11 19:26 - 2014-10-29 11:55 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2015-03-11 19:26 - 2014-10-29 11:44 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2015-03-11 19:26 - 2014-10-29 11:41 - 00269312 _____ (Microsoft Corporation) C:\Windows\system32\DafPrintProvider.dll
2015-03-11 19:26 - 2014-10-29 11:35 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DafPrintProvider.dll
2015-03-11 19:26 - 2014-10-08 18:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BthHfAud.sys
2015-03-11 16:13 - 2015-03-11 20:23 - 00000000 ____D () C:\Users\User\Desktop\save
2015-03-11 16:13 - 2015-03-06 13:53 - 00430080 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-03-11 16:13 - 2015-03-06 13:33 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-03-11 16:13 - 2015-02-26 10:26 - 04178944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-03-11 16:13 - 2015-02-21 12:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-03-11 16:13 - 2015-02-21 11:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-03-11 16:13 - 2015-02-21 11:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-03-11 16:13 - 2015-02-20 14:03 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-03-11 16:13 - 2015-02-20 13:58 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-03-11 16:13 - 2015-02-20 13:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-03-11 16:13 - 2015-02-20 13:20 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-03-11 16:13 - 2015-02-20 13:15 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-03-11 16:13 - 2015-02-20 12:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-03-11 16:13 - 2015-02-20 12:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-03-11 16:13 - 2015-02-20 12:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-03-11 16:13 - 2015-01-31 10:20 - 00203264 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2015-03-11 16:13 - 2015-01-29 02:41 - 07472960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-03-11 16:13 - 2015-01-29 02:41 - 01733440 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-03-11 16:13 - 2015-01-29 02:41 - 01498360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-03-11 16:13 - 2015-01-27 15:22 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-03-11 16:13 - 2015-01-27 13:11 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-03-11 16:13 - 2014-10-29 14:56 - 00027456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-03-11 16:13 - 2014-10-29 13:49 - 00003072 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-03-11 16:13 - 2014-10-29 13:44 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-03-11 16:13 - 2014-10-29 13:44 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-03-11 16:13 - 2014-10-29 13:37 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\rfxvmt.dll
2015-03-11 16:13 - 2014-10-29 13:04 - 00003072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-03-11 16:13 - 2014-10-29 13:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-03-11 16:13 - 2014-10-29 13:00 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-03-11 16:12 - 2015-02-21 11:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-03-11 16:12 - 2015-02-21 11:27 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-03-11 16:12 - 2015-02-21 10:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-03-11 16:12 - 2015-02-21 10:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-03-11 16:12 - 2015-02-20 13:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-03-11 16:12 - 2015-02-20 13:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-03-11 16:12 - 2015-02-20 13:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-03-11 16:12 - 2015-02-20 13:35 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-03-11 16:12 - 2015-02-20 13:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-03-11 16:12 - 2015-02-20 13:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-03-11 16:12 - 2015-02-20 13:07 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-03-11 16:12 - 2015-02-20 13:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-03-11 16:12 - 2015-02-20 13:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-03-11 16:12 - 2015-02-20 13:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-03-11 16:12 - 2015-02-20 12:59 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-03-11 16:12 - 2015-02-20 12:56 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-03-11 16:12 - 2015-02-20 12:52 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-03-11 16:12 - 2015-02-20 12:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-03-11 16:12 - 2015-02-20 12:49 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-03-11 16:12 - 2015-02-20 12:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-03-11 16:12 - 2015-02-20 12:30 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-03-11 16:12 - 2015-02-20 12:29 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-03-11 16:12 - 2015-02-20 12:26 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-03-11 16:12 - 2015-02-20 12:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-03-11 16:12 - 2015-02-20 12:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-03-11 16:12 - 2015-02-20 12:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-03-11 16:12 - 2015-02-20 12:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-03-11 16:12 - 2015-02-20 12:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-03-11 16:12 - 2015-02-20 11:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-03-11 16:12 - 2015-02-20 11:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-03-11 16:12 - 2015-02-13 04:40 - 22291584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-03-11 16:12 - 2015-02-13 04:34 - 19731824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-03-11 16:12 - 2015-01-30 05:45 - 01763352 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2015-03-11 16:12 - 2015-01-30 05:34 - 01488040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2015-03-11 16:12 - 2015-01-28 12:31 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2015-03-11 16:12 - 2015-01-28 12:11 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2015-03-11 16:12 - 2015-01-21 16:54 - 01384712 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-03-11 16:12 - 2015-01-21 16:15 - 01123848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-03-11 16:10 - 2015-03-11 16:10 - 00000000 ____D () C:\Users\User\Documents\New folder
2015-03-08 08:50 - 2015-03-08 08:50 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-08 08:10 - 2015-03-08 08:11 - 00000197 _____ () C:\Windows\system32\2015-03-07-21-10-44.027-AvastVBoxSVC.exe-2480.log
2015-03-05 17:37 - 2015-03-05 17:37 - 00000197 _____ () C:\Windows\system32\2015-03-05-06-37-21.010-AvastVBoxSVC.exe-3280.log
2015-03-01 18:40 - 2015-03-01 18:42 - 00000197 _____ () C:\Windows\system32\2015-03-01-07-40-39.033-AvastVBoxSVC.exe-2512.log
2015-02-25 17:11 - 2014-12-14 08:28 - 00513488 _____ () C:\Windows\SysWOW64\locale.nls
2015-02-25 17:11 - 2014-12-14 08:28 - 00513488 _____ () C:\Windows\system32\locale.nls
2015-02-25 17:11 - 2014-10-29 12:27 - 01200128 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2015-02-25 17:11 - 2014-10-29 12:27 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2015-02-25 17:11 - 2014-10-29 12:04 - 00868352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2015-02-25 17:11 - 2014-10-29 12:04 - 00200704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2015-02-22 16:07 - 2015-02-22 16:08 - 00000197 _____ () C:\Windows\system32\2015-02-22-05-07-43.047-AvastVBoxSVC.exe-3540.log
2015-02-19 20:54 - 2015-02-19 20:54 - 00003028 _____ () C:\Windows\System32\Tasks\{6814C38D-70DE-4620-AF22-CBF0FCDC7738}
2015-02-17 17:43 - 2015-02-17 17:44 - 00000197 _____ () C:\Windows\system32\2015-02-17-06-43-39.051-AvastVBoxSVC.exe-4020.log
2015-02-14 21:50 - 2015-02-14 21:50 - 00002471 _____ () C:\Users\User\Desktop\PlanetSide 2.lnk
2015-02-14 20:51 - 2015-02-14 20:51 - 00943248 _____ (Dashlane inc.) C:\Users\User\Downloads\Dashlane_Launcher_bfirefox-1422555155.exe
2015-02-14 20:47 - 2015-03-14 20:52 - 00000914 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3153547000-893765435-3105596823-1001UA.job
2015-02-14 20:47 - 2015-03-14 20:52 - 00000862 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3153547000-893765435-3105596823-1001Core.job
2015-02-14 20:47 - 2015-02-14 20:47 - 00880208 _____ (Google Inc.) C:\Users\User\Downloads\GoogleVoiceAndVideoSetup.exe
2015-02-14 20:47 - 2015-02-14 20:47 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3153547000-893765435-3105596823-1001UA
2015-02-14 20:47 - 2015-02-14 20:47 - 00003478 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3153547000-893765435-3105596823-1001Core
2015-02-12 20:28 - 2015-02-12 20:28 - 00000197 _____ () C:\Windows\system32\2015-02-12-09-28-32.012-AvastVBoxSVC.exe-2908.log
2015-02-12 17:22 - 2015-01-16 09:43 - 00563504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-02-12 17:22 - 2015-01-16 09:43 - 00177984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-02-12 17:22 - 2015-01-14 15:22 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-02-12 17:22 - 2015-01-14 14:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-02-12 17:22 - 2014-12-19 19:57 - 00788680 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2015-02-12 17:22 - 2014-12-19 19:25 - 00602776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2015-02-12 17:22 - 2014-12-09 14:45 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2015-02-12 17:22 - 2014-12-09 12:56 - 00538624 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2015-02-12 17:22 - 2014-10-29 13:51 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-02-12 17:22 - 2014-10-29 13:50 - 00736768 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-02-12 17:22 - 2014-10-29 13:06 - 00736768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-02-12 17:22 - 2014-10-29 13:06 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-02-12 17:22 - 2014-10-29 13:02 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-02-12 17:22 - 2014-10-29 13:02 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-02-12 17:22 - 2014-10-29 12:57 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-02-12 17:22 - 2014-10-29 12:31 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-02-12 17:22 - 2014-10-29 12:15 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-02-12 17:22 - 2014-10-29 12:15 - 00005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-02-12 17:22 - 2014-10-29 12:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-02-12 17:22 - 2014-10-29 12:13 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-02-12 17:22 - 2014-10-29 12:13 - 00008704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-02-12 17:21 - 2015-02-04 10:38 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-02-12 17:21 - 2015-02-04 10:08 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-02-12 17:21 - 2015-02-04 10:08 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-02-12 17:21 - 2015-02-03 10:11 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-02-12 17:21 - 2015-02-03 10:11 - 00894464 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-02-12 17:21 - 2015-02-03 10:11 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-02-12 17:21 - 2015-01-20 05:42 - 01487976 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-02-12 17:21 - 2015-01-12 13:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-02-12 17:21 - 2015-01-12 12:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-02-12 17:21 - 2015-01-12 12:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-02-12 17:21 - 2015-01-12 12:23 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-14 22:03 - 2015-01-21 03:48 - 00818732 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-14 22:03 - 2013-08-23 02:36 - 00000000 ____D () C:\Windows\system32\sru
2015-03-14 22:02 - 2015-01-27 18:44 - 00000000 ____D () C:\Users\User\AppData\Roaming\Spotify
2015-03-14 22:02 - 2015-01-21 03:43 - 01140654 _____ () C:\Windows\WindowsUpdate.log
2015-03-14 20:56 - 2015-02-06 18:58 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-03-14 19:45 - 2013-08-23 02:36 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-03-14 19:33 - 2015-01-21 03:50 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3153547000-893765435-3105596823-1001
2015-03-14 19:18 - 2015-02-04 19:32 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-03-14 19:13 - 2015-01-27 16:26 - 00003906 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{7207D024-38B7-4EBC-910C-572324DCA071}
2015-03-14 19:10 - 2013-08-23 02:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-03-14 15:28 - 2015-01-21 03:44 - 00000000 ____D () C:\Users\User\AppData\Local\Packages
2015-03-14 13:51 - 2013-08-23 01:46 - 00017011 _____ () C:\Windows\setupact.log
2015-03-14 13:51 - 2013-08-23 01:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-13 17:35 - 2013-08-23 00:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-13 06:53 - 2013-08-23 01:44 - 00337808 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-13 06:52 - 2015-01-21 03:40 - 00041428 _____ () C:\Windows\PFRO.log
2015-03-13 06:35 - 2013-08-23 02:36 - 00000000 ___RD () C:\Windows\ToastData
2015-03-13 06:35 - 2013-08-23 02:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-13 06:35 - 2013-08-23 02:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-13 06:35 - 2013-08-23 02:36 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-13 06:35 - 2013-08-23 02:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-03-13 06:35 - 2013-08-23 02:36 - 00000000 ____D () C:\Program Files\Windows Defender
2015-03-13 06:35 - 2013-08-23 02:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2015-03-13 06:34 - 2013-08-23 02:36 - 00000000 ____D () C:\Windows\WinStore
2015-03-13 04:53 - 2013-08-23 02:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-13 04:52 - 2015-01-28 19:30 - 00000000 ____D () C:\Windows\system32\MRT
2015-03-13 04:49 - 2015-01-28 19:30 - 122905848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-03-11 23:03 - 2015-01-27 16:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-05 08:24 - 2013-08-23 02:38 - 00792032 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-03-05 08:24 - 2013-08-23 02:38 - 00178144 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-16 18:49 - 2015-01-27 18:44 - 00000000 ____D () C:\Users\User\AppData\Local\Spotify
2015-02-14 21:50 - 2015-01-28 18:20 - 00002501 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlanetSide 2.lnk
2015-02-14 21:50 - 2015-01-28 18:20 - 00000000 ___HD () C:\Windows\msdownld.tmp
2015-02-14 21:50 - 2015-01-28 18:20 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-02-14 21:44 - 2013-08-23 02:36 - 00000000 ____D () C:\Windows\rescache
2015-02-14 20:47 - 2015-02-04 19:32 - 00000000 ____D () C:\Users\User\AppData\Local\Google
2015-02-14 20:47 - 2015-01-27 16:27 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla
2015-02-14 20:45 - 2015-01-28 18:56 - 00000000 ____D () C:\Users\User\Documents\ManiaPlanet
2015-02-14 19:16 - 2015-01-28 18:53 - 00000000 ____D () C:\ProgramData\ManiaPlanet
2015-02-13 21:17 - 2015-01-28 18:53 - 00000000 ____D () C:\Program Files (x86)\ManiaPlanet
2015-02-12 17:28 - 2015-01-31 11:24 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-02-12 17:28 - 2015-01-31 11:24 - 00000000 ____D () C:\Windows\system32\appraiser

Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\Uninstaller-4380.exe
C:\Users\User\AppData\Local\Temp\Uninstaller-4720.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-03-13 04:49

==================== End Of Log ============================

 

Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by (administrator) at 2015-03-14 22:12:31
Running from C:\Users\User\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
BitTorrent (HKU\S-1-5-21-3153547000-893765435-3105596823-1001\...\BitTorrent) (Version: 7.9.2.38914 - BitTorrent Inc.)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.214 - ALPS ELECTRIC CO., LTD.)
Google Talk Plugin (HKLM-x32\...\{C77CC230-7417-3F01-B70D-52583DC9FEC9}) (Version: 5.40.2.0 - Google)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2867 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{E77289CF-12B9-4CAB-A49E-FEAE947F4D95}) (Version: 15.5.4.0423 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{1593C708-5535-47A4-8C0F-F8D4BE2B4560}) (Version: 15.05.6000.1620 - Intel Corporation)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version:  - Nadeo)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 en-US)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 35.0.1 - Mozilla)
NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
Phantasy Star Online 2 (HKLM-x32\...\http://pso2.jp/appid/release/asiasoft_sg_is1)(Version:  - Asiasoft)
PlanetSide 2 (HKU\S-1-5-21-3153547000-893765435-3105596823-1001\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.21.200.26 - Client Connect LTD) <==== ATTENTION
Spotify (HKU\S-1-5-21-3153547000-893765435-3105596823-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
WinRAR 5.21 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.1 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3153547000-893765435-3105596823-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3153547000-893765435-3105596823-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)

==================== Restore Points  =========================

22-02-2015 19:13:59 Scheduled Checkpoint
27-02-2015 17:30:39 Windows Update
12-03-2015 07:38:19 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-23 00:25 - 2013-08-23 00:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {15EBE461-BEF1-4076-BE18-70D1B1C40493} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-02-04] (AVAST Software)
Task: {1B339BBE-5EBA-4063-B9AF-1114B7BB9B6F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-03-13] (Microsoft Corporation)
Task: {229A672F-2151-4AF0-9AF2-70D2DE29116D} - System32\Tasks\{6814C38D-70DE-4620-AF22-CBF0FCDC7738} => pcalua.exe -a E:\autohtml.exe -d E:\
Task: {32F88649-D3AE-430A-A038-680205AC2ECA} - \avayvaxxvae No Task File <==== ATTENTION
Task: {9CB2714B-A3FE-48B5-9599-B841A7B96789} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-06] (Adobe Systems Incorporated)
Task: {C95B985D-3F33-46B5-9789-B0EAC52F8CD3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3153547000-893765435-3105596823-1001UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-14] (Google Inc.)
Task: {E234AC7F-CF9B-4D92-AE57-1F888DEE1C06} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3153547000-893765435-3105596823-1001Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-14] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3153547000-893765435-3105596823-1001Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3153547000-893765435-3105596823-1001UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2015-02-04 19:31 - 2015-02-04 19:31 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-02-04 19:31 - 2015-02-04 19:31 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2015-01-21 04:46 - 2013-10-23 19:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-12-18 14:42 - 2013-12-18 14:42 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2015-01-21 04:44 - 2012-10-26 15:08 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-03-14 10:53 - 2015-03-14 10:53 - 02922496 _____ () C:\Program Files\AVAST Software\Avast\defs\15031302\algo.dll
2015-02-04 19:31 - 2015-02-04 19:31 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2015-03-14 20:32 - 2015-03-14 20:32 - 02922496 _____ () C:\Program Files\AVAST Software\Avast\defs\15031400\algo.dll
2015-01-21 04:43 - 2012-06-26 05:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2013-12-18 14:42 - 2013-12-18 14:42 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2015-03-14 10:29 - 2015-03-14 10:29 - 38714440 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\User\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3153547000-893765435-3105596823-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 211.29.132.12 - 198.142.0.51

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-3153547000-893765435-3105596823-500 - Administrator - Disabled)
(administrator) (S-1-5-21-3153547000-893765435-3105596823-1001 - Administrator - Enabled) => C:\Users\User
Guest (S-1-5-21-3153547000-893765435-3105596823-501 - Limited - Disabled)
UpdatusUser (S-1-5-21-3153547000-893765435-3105596823-1002 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/14/2015 09:16:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dell)
Description: Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/14/2015 09:01:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dell)
Description: Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/14/2015 08:46:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dell)
Description: Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/14/2015 08:31:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dell)
Description: Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/14/2015 08:16:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dell)
Description: Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/14/2015 08:01:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dell)
Description: Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/14/2015 07:44:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dell)
Description: Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/14/2015 07:38:36 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database

Error: (03/14/2015 07:35:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dell)
Description: Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (03/14/2015 07:31:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dell)
Description: Activation of app Microsoft.SkypeApp_kzf8qxf38zg5c!App failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============
Error: (03/14/2015 10:11:18 PM) (Source: DCOM) (EventID: 10010) (User: Dell)
Description: {88F5E7B2-09B9-471E-895A-25247585905C}

Error: (03/14/2015 10:09:40 PM) (Source: DCOM) (EventID: 10010) (User: Dell)
Description: {06622D85-6856-4460-8DE1-A81921B41C4B}

Error: (03/14/2015 10:09:38 PM) (Source: DCOM) (EventID: 10010) (User: Dell)
Description: {06622D85-6856-4460-8DE1-A81921B41C4B}

Error: (03/14/2015 10:09:10 PM) (Source: DCOM) (EventID: 10010) (User: Dell)
Description: {06622D85-6856-4460-8DE1-A81921B41C4B}

Error: (03/14/2015 10:09:10 PM) (Source: DCOM) (EventID: 10010) (User: Dell)
Description: {06622D85-6856-4460-8DE1-A81921B41C4B}

Error: (03/14/2015 10:09:10 PM) (Source: DCOM) (EventID: 10010) (User: Dell)
Description: {06622D85-6856-4460-8DE1-A81921B41C4B}

Error: (03/14/2015 10:09:10 PM) (Source: DCOM) (EventID: 10010) (User: Dell)
Description: {06622D85-6856-4460-8DE1-A81921B41C4B}

Error: (03/14/2015 10:01:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TCP/IP NetBIOS Helper service failed to start due to the following error:
%%1069

Error: (03/14/2015 10:01:37 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The lmhosts service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error:
%%8

To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

Error: (03/14/2015 09:17:17 PM) (Source: DCOM) (EventID: 10010) (User: Dell)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}


Microsoft Office Sessions:
=========================
Error: (03/14/2015 09:16:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dell)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927141

Error: (03/14/2015 09:01:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dell)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927141

Error: (03/14/2015 08:46:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dell)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927141

Error: (03/14/2015 08:31:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dell)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927141

Error: (03/14/2015 08:16:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dell)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927141

Error: (03/14/2015 08:01:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dell)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927141

Error: (03/14/2015 07:44:10 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dell)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927141

Error: (03/14/2015 07:38:36 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: -2147024883

Error: (03/14/2015 07:35:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dell)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927141

Error: (03/14/2015 07:31:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Dell)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927141


==================== Memory info ===========================

Processor: Intel® Core i7-3630QM CPU @ 2.40GHz
Percentage of memory in use: 25%
Total physical RAM: 8049.71 MB
Available physical RAM: 5981.9 MB
Total Pagefile: 9329.71 MB
Available Pagefile: 7001.62 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.17 GB) (Free:840.48 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 090470D1)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Link to post
Share on other sites

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

 

Next,

 

Please run a Threat Scan with MBAM.  If you're unable to run or complete the scan as shown below please see the following:

MBAM Clean Removal Process 2x

Follow the relevant steps and ensure to run mbam-clean tool after UNinstalling Malwarebytes.

 

When reinstalling the program please try the latest version from here:

http://www.malwarebytes.org/mwb-download/

Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link

Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.

Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.

Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.

 

Next,

 

Download AdwCleaner by Xplode onto your Desktop.


Double click on Adwcleaner.exe to run the tool.
Click on Scan
Once the scan is done, click on the Clean button. <<<--- Ensure this option is completed
You will get a prompt asking to close all programs. Click OK.
Click OK again to reboot your computer.
A text file will open after the restart. Please post the content of that logfile in your reply.
You can also find the logfile at C:\AdwCleaner[sn].txt. Where n in the scan reference number

 

Next,

 

thisisujrt.gif Please download Junkware Removal Tool to your desktop.


Shut down your protection software now to avoid potential conflicts. (re-enable when done)
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

 

Next,

 

 

herdprotect-logo-200x200.png Scan with HerdProtect

 

Please download HerdProtect by Reason Software (portable edition) and save the file to your desktop.

 

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

 


Right-click on herdprotect-logo-200x200.png icon and select RunAsAdmin.jpg Run as Administrator to install the scanner.
It will ask for the location - leave the default one (%ProgramFiles%) or select another, convenient one.
Agree to the terms, select Launch herdProtect and click Finish.
Click Scan. It may take a while, depending on your system and connection specs. Please be patient.
When it finishes click on Save Results.
A Notepad with a report should open.

 

Please include the contents of that report in your next reply.

 

This type of scan often produces false positives. In any case do not remove on your own any of its findings! Removal will be made after the careful analysis of the scan results.

Upon completion of the cleaning you may remove HerdProtect if you wish so. To do it just delete its directory (chosen by you when installing the tool).

 

Let me see those logs, also give an update on any remaining issues or concerns.....

 

Thanks,

 

Kevin.....

 

 

 

Fixlist.txt

Link to post
Share on other sites

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 16/03/2015
Scan Time: 6:08:38 PM
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.03.16.01
Rootkit Database: v2015.02.25.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: (administrator)

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 373623
Time Elapsed: 17 min, 19 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Link to post
Share on other sites

# AdwCleaner v4.112 - Logfile created 16/03/2015 at 19:01:45
# Updated 09/03/2015 by Xplode
# Database : 2015-03-15.1 [server]
# Operating system : Windows 8.1 Pro  (x64)
# Username : (administrator) - DELL
# Running from : C:\Users\User\Downloads\AdwCleaner(2).exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Users\User\Desktop\Save

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\SPPDCOM
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v36.0.1 (x86 en-US)


*************************

AdwCleaner[R0].txt - [1010 bytes] - [16/03/2015 18:59:24]
AdwCleaner[s0].txt - [947 bytes] - [16/03/2015 19:01:45]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1005  bytes] ##########
 

Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows 8.1 Pro x64
Ran by (administrator) on Mon 16/03/2015 at 19:06:24.25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 16/03/2015 at 19:11:24.46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Link to post
Share on other sites

Just saying, it said that this wasn't the full scan, if u want I can do the second scan for you as well.

 

Saved date:          16/03/2015 8:07:33 PM
Files detected:     13
Files scanned:         7,752
Processes scanned:     65
Modules scanned:     616
ASEPs scanned:         466
Downloads scanned:     0
Deep analysis:         2/1
---------------------------------------------------------------------------------

Files

---------------------------------------------------------------------------------

File path:         c:\windows\system32\igd10umd64.dll
Publisher:         Intel Corporation
MD5:             efa67664e181eaf2dea190ee71c0c9ab
SHA-1:             40123015a8bd2d4ad992f47256a1a92f5d0f3d7e
Created:         21/01/2015 4:44:04 AM
Detections:         1
Determination:         Ignore detections (false positive)
            - Emsisoft Anti-Malware as Gen:Variant.Kazy.308139 (Undefined)

---------------------------------------------------------------------------------

File path:         c:\windows\system32\drivers\intcdaud.sys
Publisher:         Intel® Corporation
MD5:             f5495b38bfb9149925f54f65ab40efbf
SHA-1:             3fbef8ee216245a0b26e3fb24f6345605a0b440b
Created:         21/01/2015 4:44:04 AM
Detections:         1
Determination:         Ignore detections (false positive)
            - Emsisoft Anti-Malware as Gen:Variant.Adware.SMSHoax.95 (Adware)

---------------------------------------------------------------------------------

File path:         c:\users\user\appdata\local\temp\quarantine.exe
Publisher:         
MD5:             81415579b23e99e00dbae8188b229c51
SHA-1:             4cfe98a0b250732af55021720bc20caebc53125e
Created:         8/11/2014 7:33:34 PM
Detections:         2
Determination:         Inconclusive
            - Norman as DarkComet.CQ (Undefined)
            - Rising Antivirus as PE:Backdoor.Win32.DarkKomet.b!1075356506 (Undefined)

---------------------------------------------------------------------------------

File path:         c:\users\user\appdata\local\temp\jrt\nircmd.dat
Publisher:         NirSoft
MD5:             466a42aea0abdf4c6b610f0f5e61cfa2
SHA-1:             7e7998642babcb567ff7845cfaf4f3636ce209f7
Created:         16/03/2015 7:05:19 PM
Detections:         1
Determination:         Ignore detections (false positive)
            - ViRobot as RiskTool.Nircmd.43520

---------------------------------------------------------------------------------

File path:         c:\users\user\downloads\7z920.exe
Publisher:         
MD5:             b3fdf6e7b0aecd48ca7e4921773fb606
SHA-1:             55283ad59439134673fc32fc097bdd9ae920fbc6
Created:         30/01/2015 8:38:32 PM
Detections:         1
Determination:         Ignore detections (false positive)
            - Bkav FE as W32.Clod966.Trojan (Undefined)

---------------------------------------------------------------------------------

File path:         c:\users\user\downloads\adwcleaner(1).exe
Publisher:         
MD5:             95300ba672a14e3ae6740cb3cb41db7b
SHA-1:             2b02174d3e80e73721e78422fcd70681b743ebe9
Created:         15/03/2015 8:29:24 AM
Detections:         3
Determination:         Inconclusive
            - Norman as DarkComet.CQ (Undefined)
            - Rising Antivirus as PE:Backdoor.Win32.DarkKomet.b!1075356506 (Undefined)
            - Qihoo 360 Security as HEUR/QVM11.1.Malware.Gen (Undefined)

---------------------------------------------------------------------------------

File path:         c:\users\user\downloads\adwcleaner(2).exe
Publisher:         
MD5:             95300ba672a14e3ae6740cb3cb41db7b
SHA-1:             2b02174d3e80e73721e78422fcd70681b743ebe9
Created:         16/03/2015 6:09:04 PM
Detections:         3
Determination:         Inconclusive
            - Norman as DarkComet.CQ (Undefined)
            - Rising Antivirus as PE:Backdoor.Win32.DarkKomet.b!1075356506 (Undefined)
            - Qihoo 360 Security as HEUR/QVM11.1.Malware.Gen (Undefined)

---------------------------------------------------------------------------------

File path:         c:\users\user\downloads\adwcleaner.exe
Publisher:         
MD5:             95300ba672a14e3ae6740cb3cb41db7b
SHA-1:             2b02174d3e80e73721e78422fcd70681b743ebe9
Created:         15/03/2015 8:08:19 AM
Detections:         3
Determination:         Inconclusive
            - Norman as DarkComet.CQ (Undefined)
            - Rising Antivirus as PE:Backdoor.Win32.DarkKomet.b!1075356506 (Undefined)
            - Qihoo 360 Security as HEUR/QVM11.1.Malware.Gen (Undefined)

---------------------------------------------------------------------------------

File path:         c:\users\user\downloads\dashlane_launcher_bfirefox-1422555155.exe
Publisher:         Dashlane inc.
Signer:         Dashlane
MD5:             60462ebbe126b295489524e558344f05
SHA-1:             d4b635f17d251db7ffdf85ca4ab347ad56a0a72b
Created:         14/02/2015 8:51:30 PM
Detections:         3
Determination:         Ignore detections (false positive)
            - Trend Micro House Call as Suspicious_GEN.F47V0129 (Undefined)
            - Vba32 AntiVirus as suspected of Trojan.Downloader.gen (Undefined)
            - Rising Antivirus as NS:PUF.SilenceInstaller!1.9DDF (Undefined)

---------------------------------------------------------------------------------

File path:         c:\users\user\downloads\frst64.exe
Publisher:         Farbar
MD5:             f58676de827dd9a5f3a44a698e8b4663
SHA-1:             bc7834bdbca38477a8ccf4a3027487f8e18f6170
Created:         14/03/2015 10:11:11 PM
Detections:         1
Determination:         Ignore detections (false positive)
            - Jiangmin as Trojan/PSW.Autoit.ic (Undefined)

---------------------------------------------------------------------------------

File path:         c:\users\user\downloads\ps2_setup.exe
Publisher:         
Signer:         Sony Online Entertainment
MD5:             91b4c2ec7bb52ebc80dc76a1f3b9dfb4
SHA-1:             0c3eb3ec1855c676654c57e9d1e531ba9a58ad5e
Created:         31/01/2015 12:06:56 PM
Detections:         2
Determination:         Ignore detections (false positive)
            - Antiy Labs AVL as Trojan[backdoor]/Win32.Agent (Undefined)
            - Vba32 AntiVirus as suspected of Trojan.Downloader.gen.h (Undefined)

---------------------------------------------------------------------------------

File path:         c:\windows\syswow64\ext-ms-win-cluster-clusapi-l1-1-1.dll
Publisher:         Microsoft Corporation
MD5:             6f5557e3f97cb2a957da5dcdaf1e22c1
SHA-1:             c2a27e776fbfc3666642425dcc5f2b34bb41cb10
Created:         22/08/2013 2:14:14 PM
Detections:         1
Determination:         Ignore detections (false positive)
            - The Hacker as Backdoor/Bifrose.fxu (Undefined)

---------------------------------------------------------------------------------

File path:         c:\windows\syswow64\kbdcherp.dll
Publisher:         Microsoft Corporation
MD5:             f992fe1d923f59f806442449f3ea557b
SHA-1:             d216f5bc5d466c1c9d94aa57a28c5226b214bdbc
Created:         22/08/2013 2:15:06 PM
Detections:         1
Determination:         Ignore detections (false positive)
            - The Hacker as Trojan/Kryptik.ahcy (Undefined)
 

Link to post
Share on other sites

If the new account causes problems are you able to revert back? Run couple final scans :-

 

Please download RogueKiller and save it to your desktop from the following link: http://www.bleepingcomputer.com/download/roguekiller/

 


Quit all running programs.
For Windows XP, double-click to start.
For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
Read and accept the EULA (End User Licene Agreement)
Click Scan to scan the system.
When the scan completes select "Report", log will open. Close the program > Don't Fix anything!
Post back the report which should also be located here:

 

Next,

 

Please download aswMBR from here: http://files.avast.com/files/rootkit-scanner/aswmbr.exe Save to your desktop.

 


Double click theaswMBR.exe icon, and click Run
There will be a short delay before the next dialog box comes up. Please just wait a minute or two.
When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.
Click the Scan button to start the scan once the update has finished downloading
On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

 

Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record).

 

Zip up MBR.dat and attach to your reply.. Also let me know if there are any specific issues or concerns remaining..

 

Thanks,

 

Kevin....

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.