Jump to content

Malwarebytes won't run, unable to remove malware


Recommended Posts

As title states. I've tried chameleon, but it fails to update mbam and it fails to launch it as well. Quick disclaimer: I'm currently working on a neighbor's computer as a favor. I'm not responsible for anything installed on this PC. uTorrent was installed, and I've removed it. If anything else is found, please let me know and I'll be happy to remove that as well. I've also ran a mbam-clean to remove mbam that was already installed on the pc and downloaded the latest from your site. I was actually unable to download anything from your site on this pc so I downloaded on mine and then transferred the files over.

 

Now, here's my FRST:

 

Quote

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
Ran by libijany (administrator) on LIBIJANY-HP (22-03-2016 14:25:22)
Running from C:\Users\libijany\Desktop\frst
Loaded Profiles: libijany (Available Profiles: libijany)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ABBYY) C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(AVAST Software) C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\HPTouchSmartSyncCalReminderApp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7461480 2011-09-08] (Realtek Semiconductor)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-09-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-08-12] (PDF Complete Inc)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [495616 2011-03-09] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKU\S-1-5-21-4030832826-1627693913-1931243672-1001\...\Run: [GoogleChromeAutoLaunch_845DCCF179085D87568F9D49F1AD79D6] => C:\Users\libijany\AppData\Local\Chromium\Application\chrome.exe [667136 2015-08-11] (The Chromium Authors)
HKU\S-1-5-21-4030832826-1627693913-1931243672-1001\...\Run: [SMSetup] => "C:\Users\libijany\AppData\Local\Temp\~sp3698.tmp" "C:\Users\libijany\AppData\Local\Temp\~sp3698.tmp"  /cnid "903578" /hp /ntp_ie /wait /dsie /dsff /dsgc  /S /ms /restart <===== ATTENTION
HKU\S-1-5-21-4030832826-1627693913-1931243672-1001\...\Run: [ComcastAntispyClient] => "C:\Program Files (x86)\comcasttb\ComcastSpywareScan\ComcastAntispy.exe" /hide
HKU\S-1-5-21-4030832826-1627693913-1931243672-1001\...\MountPoints2: G - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-4030832826-1627693913-1931243672-1001\...\MountPoints2: {968e8a64-f278-11e3-a2f2-047d7b733fcc} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-4030832826-1627693913-1931243672-1001\...\MountPoints2: {e2bae52c-5dbf-11e2-9020-047d7b733fcc} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-4030832826-1627693913-1931243672-1001\...\MountPoints2: {e2bae581-5dbf-11e2-9020-047d7b733fcc} - G:\HTC_Sync_Manager_PC.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers: [ExplorerEx] -> {E056AFDD-03E9-4D73-8D33-8FCCBCA73438} =>  No File
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 10 C:\ProgramData\System32\SafeGuard32.dll No File 
Winsock: Catalog5-x64 10 C:\ProgramData\System32\SafeGuard64.dll [3587000 2015-12-30] ()
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{21C27A73-102E-4675-A881-104356039D20}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A4A3B9A4-17FF-4F63-B3B7-78293B1420E5}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
HKU\S-1-5-21-4030832826-1627693913-1931243672-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://nav.brotstation.com?uid={3ba738118d5b43029a56a7f934694944}&r=eg
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.navegaki.com?q={searchTerms}&uid={3ba738118d5b43029a56a7f934694944}&r=eg
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://nav.brotstation.com?uid={3ba738118d5b43029a56a7f934694944}&r=eg
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.navegaki.com?q={searchTerms}&uid={3ba738118d5b43029a56a7f934694944}&r=eg
HKU\S-1-5-21-4030832826-1627693913-1931243672-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://nav.brotstation.com?uid={3ba738118d5b43029a56a7f934694944}&r=eg
HKU\S-1-5-21-4030832826-1627693913-1931243672-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://nav.brotstation.com?uid={3ba738118d5b43029a56a7f934694944}&r=eg
HKU\S-1-5-21-4030832826-1627693913-1931243672-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.navegaki.com?q={searchTerms}&uid={3ba738118d5b43029a56a7f934694944}&r=eg
HKU\S-1-5-21-4030832826-1627693913-1931243672-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.navegaki.com?q={searchTerms}&uid={3ba738118d5b43029a56a7f934694944}&r=eg
URLSearchHook: HKLM-x32 - (No Name) - {1c68c940-1b2f-46eb-bd8c-2e1612ff6a58} - No File
URLSearchHook: HKU\S-1-5-21-4030832826-1627693913-1931243672-1001 - (No Name) - {1c68c940-1b2f-46eb-bd8c-2e1612ff6a58} - No File
URLSearchHook: HKU\S-1-5-21-4030832826-1627693913-1931243672-1001 - (No Name) - {9b138bf3-1d40-4e7e-84bb-2975198ad938} - No File
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> OldSearch URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSERBM&pc=MSERT1
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM -> {3852876A-41D6-47DC-91DE-3FD9D00D2DBE} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM -> {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = hxxp://www.25searchengines.com/?tag=abs&q={searchTerms}
SearchScopes: HKLM -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM -> {FF2AA5E7-2895-446C-8943-260E6AE30E4B} URL = hxxp://www.25searchengines.com/?tag=abs&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.navegaki.com?q={searchTerms}&uid={3ba738118d5b43029a56a7f934694944}&r=eg
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {3852876A-41D6-47DC-91DE-3FD9D00D2DBE} URL = hxxp://www.amazon.com/s/ref=azs_osd_iea?ie=UTF-8&tag=hp-us1-vsb-20&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=hxxp://www.ebay.com/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.navegaki.com?q={searchTerms}&uid={3ba738118d5b43029a56a7f934694944}&r=eg
SearchScopes: HKU\S-1-5-21-4030832826-1627693913-1931243672-1001 -> DefaultScope {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.navegaki.com?q={searchTerms}&uid={3ba738118d5b43029a56a7f934694944}&r=eg
SearchScopes: HKU\S-1-5-21-4030832826-1627693913-1931243672-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.25searchengines.com/?tag=abs&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4030832826-1627693913-1931243672-1001 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = 
SearchScopes: HKU\S-1-5-21-4030832826-1627693913-1931243672-1001 -> {3852876A-41D6-47DC-91DE-3FD9D00D2DBE} URL = 
SearchScopes: HKU\S-1-5-21-4030832826-1627693913-1931243672-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://www.25searchengines.com/?tag=abs&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4030832826-1627693913-1931243672-1001 -> {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = hxxp://www.25searchengines.com/?tag=abs&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4030832826-1627693913-1931243672-1001 -> {AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9} URL = 
SearchScopes: HKU\S-1-5-21-4030832826-1627693913-1931243672-1001 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://www.25searchengines.com/?tag=abs&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4030832826-1627693913-1931243672-1001 -> {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = hxxp://www.25searchengines.com/?tag=abs&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4030832826-1627693913-1931243672-1001 -> {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = 
SearchScopes: HKU\S-1-5-21-4030832826-1627693913-1931243672-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = 
SearchScopes: HKU\S-1-5-21-4030832826-1627693913-1931243672-1001 -> {E921F400-D383-4B1B-9DE6-FCFCACFC1173} URL = hxxp://search.navegaki.com?q={searchTerms}&uid={3ba738118d5b43029a56a7f934694944}&r=eg
SearchScopes: HKU\S-1-5-21-4030832826-1627693913-1931243672-1001 -> {FF2AA5E7-2895-446C-8943-260E6AE30E4B} URL = hxxp://www.25searchengines.com/?tag=abs&q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll => No File
BHO-x32: No Name -> {1c68c940-1b2f-46eb-bd8c-2e1612ff6a58} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-12-18] (Oracle Corporation)
BHO-x32: No Name -> {7d69ed06-0171-4379-9528-08df51092727} -> No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-12-18] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2015-05-06] (Hewlett-Packard)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - No Name - {1c68c940-1b2f-46eb-bd8c-2e1612ff6a58} -  No File
Toolbar: HKU\S-1-5-21-4030832826-1627693913-1931243672-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-4030832826-1627693913-1931243672-1001 -> No Name - {1C68C940-1B2F-46EB-BD8C-2E1612FF6A58} -  No File
Toolbar: HKU\S-1-5-21-4030832826-1627693913-1931243672-1001 -> No Name - {65C72339-FB1D-4155-84E1-9AFACEE02D6F} -  No File
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\libijany\AppData\Roaming\Mozilla\Firefox\Profiles\5s2ej8yp.default
FF DefaultSearchEngine: navegaki
FF DefaultSearchEngine.US: Default
FF DefaultSearchUrl: hxxps://search.yahoo.com/yhs/search
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: navegaki
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-12] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2012-06-13] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-08-08] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-12-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-12-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\12\NP_wtapp.dll [2015-10-12] ()
FF Plugin HKU\S-1-5-21-4030832826-1627693913-1931243672-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\libijany\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-06-06] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4030832826-1627693913-1931243672-1001: SkypePlugin -> C:\Users\libijany\AppData\Local\SkypePlugin\7.6.0.295\npGatewayNpapi.dll [2015-09-14] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-4030832826-1627693913-1931243672-1001: SkypePlugin64 -> C:\Users\libijany\AppData\Local\SkypePlugin\7.6.0.295\npGatewayNpapi-x64.dll [2015-09-14] (Skype Technologies S.A.)
FF user.js: detected! => C:\Users\libijany\AppData\Roaming\Mozilla\Firefox\Profiles\5s2ej8yp.default\user.js [2016-03-11]
FF SearchPlugin: C:\Users\libijany\AppData\Roaming\Mozilla\Firefox\Profiles\5s2ej8yp.default\searchplugins\navegaki.xml [2016-03-22]
FF SearchPlugin: C:\Users\libijany\AppData\Roaming\Mozilla\Firefox\Profiles\5s2ej8yp.default\searchplugins\yahoo-avast.xml [2014-09-09]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\xfinitylcsearch.xml [2016-02-12]
FF Extension: Primary Color 1.0.1 - C:\Users\libijany\AppData\Roaming\Mozilla\Firefox\Profiles\5s2ej8yp.default\extensions\{6ceebe73-9730-4a43-a221-4314539715ee}.xpi [2016-03-11] [not signed]
FF Extension: Find Search Window - C:\Users\libijany\AppData\Roaming\Mozilla\Firefox\Profiles\5s2ej8yp.default\Extensions\{6f59777e-73de-4f48-8227-e86029144c04}.xpi [2016-03-11] [not signed]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM-x32\...\Firefox\Extensions: [5zffxtbr@CouponXplorer_5z.com] - C:\Program Files (x86)\CouponXplorer_5z\bar\1.bin => not found

Chrome: 
=======
CHR HomePage: Default -> hxxps://www.google.com/
CHR RestoreOnStartup: Default -> "hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRghHeQgNAF9DRxgUJF8PTA1HRVcOeAgLWRQURFARcQ0JVg0QRFcFIk0FA1oDB0VXfV5bFElXTwhlKVdcMlwQU1ZLF1BWBVYG"
CHR StartupUrls: Default -> "hxxps://www.google.com/"
CHR Profile: C:\Users\libijany\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Agariomods) - C:\Users\libijany\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhjgdbihpkphlammdaeicdemggagfbdo [2016-03-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\libijany\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-06]
CHR HKU\S-1-5-21-4030832826-1627693913-1931243672-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gnlaniokgfckpjblpafbfchhghecmifi] - C:\Users\libijany\AppData\Local\CRE\gnlaniokgfckpjblpafbfchhghecmifi.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gnlaniokgfckpjblpafbfchhghecmifi] - C:\Users\libijany\AppData\Local\CRE\gnlaniokgfckpjblpafbfchhghecmifi.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gpneloifkenkdnebjkadkmnfekfpggdi] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 CalendarSynchService; C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Calendar\Service\GCalService.exe [16384 2011-08-16] (Hewlett-Packard) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-10-12] (WildTangent)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [26680 2016-02-18] (Hewlett-Packard Company)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-08-12] (PDF Complete Inc)
S2 SkypeUpdateEx; C:\Program Files (x86)\SkypeUpdateEx\SkypeUpdateEx.exe [167352 2016-03-18] (skype.cog.cc)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 XBox; C:\Users\libijany\AppData\Roaming\XBox\XBLive.exe [5906904 2016-02-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation)
R3 netr28x; C:\Windows\System32\DRIVERS\netr28x.sys [2473616 2014-12-10] (MediaTek Inc.)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation)
R1 {092a4b80-b5d0-4a0c-b46a-3fc8c0ca7312}Gw64; C:\Windows\System32\drivers\{092a4b80-b5d0-4a0c-b46a-3fc8c0ca7312}Gw64.sys [48456 2016-03-11] (StdLib)
R1 {594b7dcd-724a-4f09-ae90-74d1b77bc484}Gw64; C:\Windows\System32\drivers\{594b7dcd-724a-4f09-ae90-74d1b77bc484}Gw64.sys [48456 2016-03-15] (StdLib)
R1 {6ceebe73-9730-4a43-a221-4314539715ee}Gw64; C:\Windows\System32\drivers\{6ceebe73-9730-4a43-a221-4314539715ee}Gw64.sys [48456 2016-03-11] (StdLib)
R1 {bfca5c75-b8a6-4c3f-a399-5256dde4bfed}Gw64; C:\Windows\System32\drivers\{bfca5c75-b8a6-4c3f-a399-5256dde4bfed}Gw64.sys [48456 2016-03-20] (StdLib)
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
S3 cpuz134; \??\C:\Users\libijany\AppData\Local\Temp\cpuz134\cpuz134_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-22 14:10 - 2016-03-22 14:25 - 00000000 ____D C:\FRST
2016-03-22 14:00 - 2016-03-22 14:03 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-03-22 14:00 - 2016-03-22 14:00 - 00001108 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-03-22 14:00 - 2016-03-22 14:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-22 14:00 - 2016-03-22 14:00 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-22 14:00 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-03-22 14:00 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-03-21 23:07 - 2016-03-21 23:24 - 00002155 _____ C:\Windows\epplauncher.mif
2016-03-21 23:03 - 2016-03-21 23:23 - 00002079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-03-21 23:03 - 2016-03-21 23:23 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-03-21 23:03 - 2016-03-21 23:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-03-21 22:47 - 2016-02-05 14:56 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\tbs.dll
2016-03-21 22:47 - 2016-02-05 14:54 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\fveapibase.dll
2016-03-21 22:47 - 2016-02-05 13:33 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tbs.dll
2016-03-21 22:47 - 2016-02-02 14:57 - 00511488 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-03-21 22:47 - 2016-02-01 15:08 - 00114624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-03-21 22:47 - 2016-02-01 14:59 - 03243008 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-03-21 22:47 - 2016-02-01 14:59 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2016-03-21 22:47 - 2016-02-01 14:59 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2016-03-21 22:47 - 2016-02-01 14:56 - 01940992 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-03-21 22:47 - 2016-02-01 14:56 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-03-21 22:47 - 2016-02-01 14:49 - 02364928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-03-21 22:47 - 2016-02-01 14:49 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2016-03-21 22:47 - 2016-02-01 14:49 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2016-03-21 22:47 - 2016-02-01 14:45 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-03-21 22:47 - 2015-12-16 14:55 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2016-03-21 22:47 - 2015-12-16 14:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2016-03-21 22:47 - 2015-12-16 14:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2016-03-21 22:47 - 2015-12-16 14:53 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2016-03-21 22:47 - 2015-12-16 14:48 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2016-03-21 22:47 - 2015-12-16 14:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2016-03-21 22:47 - 2015-12-16 14:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2016-03-21 22:47 - 2015-12-16 14:47 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2016-03-21 22:47 - 2015-08-05 13:56 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2016-03-21 22:47 - 2015-08-05 13:06 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2016-03-21 22:47 - 2015-06-03 16:21 - 00451080 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2016-03-21 22:44 - 2016-01-20 20:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-03-21 22:37 - 2016-03-22 14:25 - 00000000 ____D C:\Users\libijany\Desktop\frst
2016-03-21 22:14 - 2016-03-21 22:16 - 00001420 _____ C:\Users\libijany\Desktop\Rkill.txt
2016-03-21 21:41 - 2016-03-21 21:45 - 00000000 ____D C:\AdwCleaner
2016-03-21 21:30 - 2016-03-21 21:30 - 00000000 ____D C:\Windows\3
2016-03-21 21:23 - 2016-03-22 14:02 - 00000000 ____D C:\Users\libijany\Desktop\older
2016-03-21 20:25 - 2016-03-21 20:25 - 00000000 ____D C:\Users\libijany\AppData\Local\VS Revo Group
2016-03-21 20:25 - 2016-03-21 20:25 - 00000000 ____D C:\ProgramData\VS Revo Group
2016-03-21 20:11 - 2016-03-22 14:00 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-03-20 19:26 - 2016-03-20 12:20 - 00048456 _____ (StdLib) C:\Windows\system32\Drivers\{bfca5c75-b8a6-4c3f-a399-5256dde4bfed}Gw64.sys
2016-03-15 03:50 - 2016-03-15 00:15 - 00048456 _____ (StdLib) C:\Windows\system32\Drivers\{594b7dcd-724a-4f09-ae90-74d1b77bc484}Gw64.sys
2016-03-12 00:29 - 2016-03-11 21:17 - 00048456 _____ (StdLib) C:\Windows\system32\Drivers\{6ceebe73-9730-4a43-a221-4314539715ee}Gw64.sys
2016-03-11 23:26 - 2016-03-11 23:26 - 00000258 __RSH C:\ProgramData\ntuser.pol
2016-03-11 23:22 - 2016-03-21 21:30 - 00000000 ____D C:\Program Files (x86)\SkypeUpdateEx
2016-03-11 23:22 - 2016-03-12 08:04 - 00000000 ____D C:\ProgramData\System32
2016-03-11 23:22 - 2016-03-11 23:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MixVideoPlayer
2016-03-11 23:21 - 2016-03-11 15:07 - 00048456 _____ (StdLib) C:\Windows\system32\Drivers\{092a4b80-b5d0-4a0c-b46a-3fc8c0ca7312}Gw64.sys
2016-03-11 23:18 - 2016-03-22 14:03 - 00000034 _____ C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}
2016-03-11 23:13 - 2016-03-11 23:13 - 00000000 ____D C:\Users\libijany\AppData\Roaming\XBox
2016-03-11 23:11 - 2016-03-11 23:22 - 00000000 ____D C:\Program Files (x86)\MixVideoPlayer
2016-03-11 23:08 - 2016-03-11 23:14 - 00000000 ____D C:\Users\libijany\AppData\Local\Setup Wizard
2016-03-11 22:48 - 2016-03-11 22:48 - 00000000 ____D C:\Users\libijany\AppData\LocalLow\CallingID
2016-03-09 19:13 - 2009-07-13 21:47 - 00070224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ref.dat
2016-03-09 15:08 - 2016-02-12 14:52 - 03169792 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-03-09 15:08 - 2016-02-12 14:52 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-03-09 15:08 - 2016-02-12 14:52 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-03-09 15:08 - 2016-02-12 14:44 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-03-09 15:08 - 2016-02-12 14:39 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-03-09 15:08 - 2016-02-12 14:22 - 02610688 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-03-09 15:08 - 2016-02-12 14:19 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-03-09 15:08 - 2016-02-12 14:18 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-03-09 15:08 - 2016-02-12 14:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-03-09 15:08 - 2016-02-12 14:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-03-09 15:08 - 2016-02-12 14:18 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-03-09 15:08 - 2016-02-12 14:18 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-03-09 15:08 - 2016-02-12 14:06 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-03-09 15:08 - 2016-02-12 14:05 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-03-09 15:08 - 2016-02-12 14:05 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-03-09 15:08 - 2016-02-12 14:05 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-03-09 15:08 - 2016-02-09 05:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll
2016-03-09 15:08 - 2016-02-04 13:52 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-03-09 15:08 - 2015-11-19 10:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-03-09 15:08 - 2015-11-19 10:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 15:08 - 2015-11-19 10:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 15:08 - 2015-11-19 10:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 15:08 - 2015-11-19 10:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2016-03-09 15:08 - 2015-11-19 10:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-03-09 15:08 - 2015-11-19 10:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2016-03-09 15:08 - 2015-11-19 10:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2016-03-09 15:08 - 2015-11-19 10:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2016-03-09 15:08 - 2015-11-19 10:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2016-03-09 15:08 - 2015-11-19 10:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2016-03-09 15:07 - 2016-02-09 02:53 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-03-09 15:07 - 2016-02-09 02:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-03-09 15:07 - 2016-02-08 17:05 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-03-09 15:07 - 2016-02-08 16:51 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-03-09 15:07 - 2016-02-08 16:39 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-03-09 15:07 - 2016-02-08 16:39 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-03-09 15:07 - 2016-02-08 16:38 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-03-09 15:07 - 2016-02-08 16:38 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-03-09 15:07 - 2016-02-08 16:37 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-03-09 15:07 - 2016-02-08 16:34 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-03-09 15:07 - 2016-02-08 16:32 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-03-09 15:07 - 2016-02-08 16:31 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-03-09 15:07 - 2016-02-08 16:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-03-09 15:07 - 2016-02-08 16:28 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-03-09 15:07 - 2016-02-08 16:28 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-03-09 15:07 - 2016-02-08 16:28 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-03-09 15:07 - 2016-02-08 16:20 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-03-09 15:07 - 2016-02-08 16:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-03-09 15:07 - 2016-02-08 16:15 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-03-09 15:07 - 2016-02-08 16:13 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-03-09 15:07 - 2016-02-08 16:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-03-09 15:07 - 2016-02-08 16:11 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-03-09 15:07 - 2016-02-08 16:10 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-03-09 15:07 - 2016-02-08 16:10 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-03-09 15:07 - 2016-02-08 16:05 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-03-09 15:07 - 2016-02-08 16:03 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-03-09 15:07 - 2016-02-08 16:02 - 13012480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-03-09 15:07 - 2016-02-08 16:02 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-03-09 15:07 - 2016-02-08 16:01 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-03-09 15:07 - 2016-02-08 16:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-03-09 15:07 - 2016-02-08 15:43 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-03-09 15:07 - 2016-02-08 15:39 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-03-09 15:07 - 2016-02-08 15:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-03-09 15:07 - 2016-02-08 14:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-03-09 15:07 - 2016-02-08 14:41 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-03-09 15:07 - 2016-02-08 14:27 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-03-09 15:07 - 2016-02-08 14:27 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-03-09 15:07 - 2016-02-08 14:26 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-03-09 15:07 - 2016-02-08 14:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-03-09 15:07 - 2016-02-08 14:26 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-03-09 15:07 - 2016-02-08 14:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-03-09 15:07 - 2016-02-08 14:19 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-03-09 15:07 - 2016-02-08 14:18 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-03-09 15:07 - 2016-02-08 14:16 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-03-09 15:07 - 2016-02-08 14:15 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-03-09 15:07 - 2016-02-08 14:14 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-03-09 15:07 - 2016-02-08 14:14 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-03-09 15:07 - 2016-02-08 14:13 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-03-09 15:07 - 2016-02-08 14:13 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-03-09 15:07 - 2016-02-08 14:06 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-03-09 15:07 - 2016-02-08 14:03 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-03-09 15:07 - 2016-02-08 13:55 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-03-09 15:07 - 2016-02-08 13:54 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-03-09 15:07 - 2016-02-08 13:52 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-03-09 15:07 - 2016-02-08 13:51 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-03-09 15:07 - 2016-02-08 13:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-03-09 15:07 - 2016-02-08 13:47 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-03-09 15:07 - 2016-02-08 13:37 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-03-09 15:07 - 2016-02-08 13:35 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-03-09 15:07 - 2016-02-08 13:34 - 00798720 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-03-09 15:07 - 2016-02-08 13:33 - 14613504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-03-09 15:07 - 2016-02-08 13:33 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-03-09 15:07 - 2016-02-08 13:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-03-09 15:07 - 2016-02-08 13:19 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-03-09 15:07 - 2016-02-08 13:07 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-03-09 15:07 - 2016-02-08 12:55 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-03-09 15:07 - 2016-02-03 14:58 - 00862208 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-03-09 15:07 - 2016-02-03 14:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-03-09 15:07 - 2016-02-03 14:49 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-03-09 15:07 - 2016-02-03 14:43 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-03-09 15:07 - 2016-02-03 14:07 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2016-03-09 15:07 - 2016-01-11 15:11 - 01684416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-03-09 14:56 - 2016-02-11 14:56 - 05572032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-09 14:56 - 2016-02-11 14:52 - 01733592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-09 14:55 - 2016-02-11 14:56 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-03-09 14:55 - 2016-02-11 14:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-03-09 14:55 - 2016-02-11 14:49 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2016-03-09 14:55 - 2016-02-11 14:49 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2016-03-09 14:55 - 2016-02-11 14:49 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-03-09 14:55 - 2016-02-11 14:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-03-09 14:55 - 2016-02-11 14:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-03-09 14:55 - 2016-02-11 14:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-03-09 14:55 - 2016-02-11 14:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-03-09 14:55 - 2016-02-11 14:49 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2016-03-09 14:55 - 2016-02-11 14:48 - 01214464 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-03-09 14:55 - 2016-02-11 14:48 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-03-09 14:55 - 2016-02-11 14:48 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-03-09 14:55 - 2016-02-11 14:48 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-03-09 14:55 - 2016-02-11 14:48 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-03-09 14:55 - 2016-02-11 14:47 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2016-03-09 14:55 - 2016-02-11 14:45 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-03-09 14:55 - 2016-02-11 14:45 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-03-09 14:55 - 2016-02-11 14:45 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-03-09 14:55 - 2016-02-11 14:45 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-03-09 14:55 - 2016-02-11 14:44 - 03994560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2016-03-09 14:55 - 2016-02-11 14:44 - 03938240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2016-03-09 14:55 - 2016-02-11 14:44 - 01461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-03-09 14:55 - 2016-02-11 14:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-03-09 14:55 - 2016-02-11 14:44 - 00730112 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-03-09 14:55 - 2016-02-11 14:44 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-03-09 14:55 - 2016-02-11 14:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-03-09 14:55 - 2016-02-11 14:42 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-03-09 14:55 - 2016-02-11 14:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 01314328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:41 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:38 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2016-03-09 14:55 - 2016-02-11 14:38 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-03-09 14:55 - 2016-02-11 14:38 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-03-09 14:55 - 2016-02-11 14:38 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-03-09 14:55 - 2016-02-11 14:38 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-03-09 14:55 - 2016-02-11 14:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-03-09 14:55 - 2016-02-11 14:38 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2016-03-09 14:55 - 2016-02-11 14:37 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-03-09 14:55 - 2016-02-11 14:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2016-03-09 14:55 - 2016-02-11 14:37 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-03-09 14:55 - 2016-02-11 14:35 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-03-09 14:55 - 2016-02-11 14:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-03-09 14:55 - 2016-02-11 14:35 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-03-09 14:55 - 2016-02-11 14:34 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-03-09 14:55 - 2016-02-11 14:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-03-09 14:55 - 2016-02-11 14:31 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00642560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 14:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 13:48 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-03-09 14:55 - 2016-02-11 13:43 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-03-09 14:55 - 2016-02-11 13:41 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-03-09 14:55 - 2016-02-11 13:40 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-03-09 14:55 - 2016-02-11 13:34 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-03-09 14:55 - 2016-02-11 13:34 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-03-09 14:55 - 2016-02-11 13:33 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-03-09 14:55 - 2016-02-11 13:32 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-03-09 14:55 - 2016-02-11 13:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-03-09 14:55 - 2016-02-11 13:32 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2016-03-09 14:55 - 2016-02-11 13:32 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2016-03-09 14:55 - 2016-02-11 13:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2016-03-09 14:55 - 2016-02-11 13:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2016-03-09 14:55 - 2016-02-11 13:31 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-03-09 14:55 - 2016-02-11 13:30 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 13:30 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 13:30 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-03-09 14:55 - 2016-02-11 13:30 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-03-09 14:54 - 2016-02-19 15:02 - 00038336 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-03-09 14:54 - 2016-02-19 14:54 - 01168896 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-03-09 14:54 - 2016-02-19 10:07 - 01373184 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-03-09 14:54 - 2016-02-11 10:07 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-03-09 14:54 - 2016-02-09 05:57 - 14634496 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-03-09 14:54 - 2016-02-09 05:57 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2016-03-09 14:54 - 2016-02-09 05:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2016-03-09 14:54 - 2016-02-09 05:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2016-03-09 14:54 - 2016-02-09 05:54 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2016-03-09 14:54 - 2016-02-09 05:51 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2016-03-09 14:54 - 2016-02-09 05:51 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-03-09 14:54 - 2016-02-09 05:13 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2016-03-09 14:54 - 2016-02-09 05:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2016-03-09 14:54 - 2016-02-09 05:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2016-03-09 14:54 - 2016-02-05 14:54 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-03-09 14:54 - 2016-02-05 14:54 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-03-09 14:54 - 2016-02-05 14:53 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-03-09 14:54 - 2016-02-05 14:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-03-09 14:54 - 2016-02-05 14:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-03-09 14:54 - 2016-02-05 14:44 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-03-09 14:54 - 2016-02-05 14:42 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-03-09 14:54 - 2016-02-05 13:48 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-03-09 14:54 - 2016-02-05 13:43 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-03-09 14:54 - 2016-02-05 13:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-03-09 14:54 - 2016-02-05 10:07 - 00696832 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-03-09 14:54 - 2016-02-05 10:07 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-03-09 14:54 - 2016-02-05 10:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-03-09 14:54 - 2016-02-04 21:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2016-03-09 14:54 - 2016-02-04 14:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2016-02-21 20:39 - 2016-02-27 23:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-03-22 14:25 - 2012-12-07 20:30 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-22 14:19 - 2015-11-06 17:28 - 00000000 ____D C:\Users\libijany\AppData\Roaming\uTorrent
2016-03-22 14:17 - 2011-11-17 00:14 - 00000000 ____D C:\Program Files (x86)\Windows Live
2016-03-22 14:17 - 2009-07-14 00:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-03-22 14:17 - 2009-07-14 00:45 - 00024608 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-03-22 14:16 - 2016-02-10 19:24 - 00000000 __HDC C:\ProgramData\~0
2016-03-22 14:05 - 2009-07-14 01:13 - 00783424 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-22 14:05 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
2016-03-22 13:58 - 2012-06-30 14:21 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-22 13:58 - 2011-11-17 00:13 - 00000000 ____D C:\ProgramData\PDFC
2016-03-22 13:57 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-22 13:50 - 2012-06-30 14:21 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-22 08:39 - 2012-05-02 02:47 - 00003950 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5F77140E-5C85-4B48-A4CC-C09244DBAF7F}
2016-03-22 00:03 - 2012-12-07 20:24 - 00001307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-22 00:03 - 2012-12-07 20:24 - 00001295 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-03-22 00:03 - 2012-06-30 14:21 - 00002356 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-03-22 00:03 - 2012-06-30 14:21 - 00002327 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-03-22 00:03 - 2012-05-02 02:47 - 00001561 _____ C:\Users\libijany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-03-21 23:56 - 2009-07-14 00:45 - 00272016 _____ C:\Windows\system32\FNTCACHE.DAT
2016-03-21 23:11 - 2011-02-11 13:15 - 00775546 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-03-21 22:16 - 2012-05-15 20:52 - 00000000 ____D C:\Users\libijany\AppData\Local\CrashDumps
2016-03-21 22:02 - 2015-08-16 13:18 - 00000000 ____D C:\Program Files (x86)\Splashtop
2016-03-20 19:26 - 2009-07-13 22:34 - 00000505 _____ C:\Windows\win.ini
2016-03-12 00:25 - 2012-12-07 20:30 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-12 00:25 - 2012-12-07 20:30 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-03-12 00:25 - 2011-11-17 00:05 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-11 23:31 - 2013-07-27 18:14 - 00000000 ____D C:\Windows\system32\MRT
2016-03-11 23:26 - 2014-01-05 15:48 - 00000000 ____D C:\ProgramData\AVAST Software
2016-03-11 23:16 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\GroupPolicy
2016-03-10 21:06 - 2015-04-15 03:37 - 00000000 ____D C:\Windows\system32\appraiser
2016-03-10 21:06 - 2013-01-13 16:35 - 143659408 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-03-10 19:21 - 2009-07-14 01:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-03-06 21:10 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2016-03-05 18:07 - 2011-02-11 13:00 - 00000000 ____D C:\Windows\Panther
2016-03-05 17:56 - 2015-10-30 05:42 - 00000000 ___HD C:\$WINDOWS.~BT
2016-03-04 05:48 - 2012-09-15 20:44 - 00000392 _____ C:\Windows\Tasks\Regwork.job
2016-02-29 21:39 - 2009-07-14 01:08 - 00032528 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-02-27 23:57 - 2012-12-07 20:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-27 23:49 - 2015-04-05 09:29 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-02-27 23:49 - 2015-04-05 09:29 - 00000000 ___SD C:\Windows\system32\GWX

==================== Files in the root of some directories =======

2012-08-23 11:10 - 2012-08-23 11:10 - 0000288 _____ () C:\Users\libijany\AppData\Roaming\.backup.dm
2015-11-06 16:43 - 2015-11-15 12:43 - 0000143 _____ () C:\Users\libijany\AppData\Roaming\WB.CFG

Files to move or delete:
====================
C:\Users\libijany\install.exe


Some files in TEMP:
====================
C:\Users\libijany\AppData\Local\Temp\0cfc053a-cf62-4356-b0dc-8bff9f452e2e.dll
C:\Users\libijany\AppData\Local\Temp\1c0faf5f-fd7d-4f10-ab80-8a5320bcdbec.dll
C:\Users\libijany\AppData\Local\Temp\2083f95d-7937-43a3-8a75-bf5e9101958a.dll
C:\Users\libijany\AppData\Local\Temp\2ea43e7a-3c62-42e0-87a8-df95de945e4c.dll
C:\Users\libijany\AppData\Local\Temp\326f39c9-af69-4d5a-81ca-d976049182e2.dll
C:\Users\libijany\AppData\Local\Temp\3bbcc6d7-d4f8-4f4d-92dc-c07f31249523.dll
C:\Users\libijany\AppData\Local\Temp\3e2593a8-f349-4e90-b688-1104c7edf5d0.dll
C:\Users\libijany\AppData\Local\Temp\471873d2-e3c5-445e-875d-e9a975efbd26.dll
C:\Users\libijany\AppData\Local\Temp\4c608406-ec51-4b81-9e40-f18b5e6a8d67.dll
C:\Users\libijany\AppData\Local\Temp\51978f9d-41de-44e6-b666-c9eabcd8990e.dll
C:\Users\libijany\AppData\Local\Temp\57e541a3-e09d-43c9-a142-7691c5ac418f.dll
C:\Users\libijany\AppData\Local\Temp\65caed4f-85ab-4628-949c-59ce921a1029.dll
C:\Users\libijany\AppData\Local\Temp\68c4e5dd-4cc4-4d17-8e5c-844b774ed249.dll
C:\Users\libijany\AppData\Local\Temp\714277d2-fea6-4dc3-8b5f-be7487848fdd.dll
C:\Users\libijany\AppData\Local\Temp\78776905-dd17-44e0-850b-1d072a740f99.dll
C:\Users\libijany\AppData\Local\Temp\7a67d061-3655-41d3-ac81-80bc4bbc22b5.dll
C:\Users\libijany\AppData\Local\Temp\7bb84166-2dce-41a6-95ac-2fcab565e3f2.dll
C:\Users\libijany\AppData\Local\Temp\7ca41845-95a9-436c-b94d-af36ae3d4758.dll
C:\Users\libijany\AppData\Local\Temp\7e3ce1be-7a29-4e0f-a0ee-0bb3b0ea290b.dll
C:\Users\libijany\AppData\Local\Temp\7f71ea2a-5fd0-4333-86c1-7dc863e303d1.dll
C:\Users\libijany\AppData\Local\Temp\8240253b-e14a-4fd9-9d73-e473e9eede72.dll
C:\Users\libijany\AppData\Local\Temp\8792f75e-e638-47d3-9bd4-c3935fbb478e.dll
C:\Users\libijany\AppData\Local\Temp\8b06f58f-315d-4f0f-8385-2dece7eee577.dll
C:\Users\libijany\AppData\Local\Temp\90b46b3c-b299-4eca-94ac-776cb59b17d7.dll
C:\Users\libijany\AppData\Local\Temp\963eba78-d86a-4b85-b6c6-8467534993e8.dll
C:\Users\libijany\AppData\Local\Temp\98fdc644-045c-441c-bed0-12a5e0bfb61d.dll
C:\Users\libijany\AppData\Local\Temp\99f6ecc0-a985-45d1-9055-03155a47e22f.dll
C:\Users\libijany\AppData\Local\Temp\ac16ebbc-c6af-4b25-a98f-36e6c0c624c6.dll
C:\Users\libijany\AppData\Local\Temp\APNStub.exe
C:\Users\libijany\AppData\Local\Temp\c34c5adf-d4a0-4dde-a753-cf462869a3cb.dll
C:\Users\libijany\AppData\Local\Temp\c386e154-4b61-4016-90a0-ae8faa8fb8f0.dll
C:\Users\libijany\AppData\Local\Temp\contentDATs.exe
C:\Users\libijany\AppData\Local\Temp\d3e019dd-8130-4926-958f-f2aa12794bf8.dll
C:\Users\libijany\AppData\Local\Temp\d8986b57-65f2-4cef-be5c-a8536b290e67.dll
C:\Users\libijany\AppData\Local\Temp\dabc9664-c061-4cc2-b501-e01993e1d3d2.dll
C:\Users\libijany\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprgk9ly.dll
C:\Users\libijany\AppData\Local\Temp\e25727d7-4e31-43d8-bc74-172711a35c27.dll
C:\Users\libijany\AppData\Local\Temp\ecc14427-d48b-4d5b-8cbc-468d0630d4ed.dll
C:\Users\libijany\AppData\Local\Temp\f5d3dc4e-50cd-45b5-9abf-a911f4f8b59a.dll
C:\Users\libijany\AppData\Local\Temp\f8a8150d-c7f5-4928-a643-c4a49964bda0.dll
C:\Users\libijany\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\libijany\AppData\Local\Temp\HPSFUpdater.exe
C:\Users\libijany\AppData\Local\Temp\ICReinstall_mozilla-firefox_17.0.1_setup.exe
C:\Users\libijany\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\libijany\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\libijany\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\libijany\AppData\Local\Temp\mpam-dc7bbc91.exe
C:\Users\libijany\AppData\Local\Temp\mssinstaller.exe
C:\Users\libijany\AppData\Local\Temp\patch.exe
C:\Users\libijany\AppData\Local\Temp\ReimagePackage.exe
C:\Users\libijany\AppData\Local\Temp\Resource.exe
C:\Users\libijany\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\libijany\AppData\Local\Temp\SetupUtil.exe
C:\Users\libijany\AppData\Local\Temp\sp58915.exe
C:\Users\libijany\AppData\Local\Temp\sp64126.exe
C:\Users\libijany\AppData\Local\Temp\sphpsa.exe
C:\Users\libijany\AppData\Local\Temp\sqlite3.dll
C:\Users\libijany\AppData\Local\Temp\stub.exe
C:\Users\libijany\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\libijany\AppData\Local\Temp\utt1DAD.tmp.exe
C:\Users\libijany\AppData\Local\Temp\wajam_install.exe
C:\Users\libijany\AppData\Local\Temp\{EA82C0F0-6FAA-4004-9D4C-CA0BE3E2CFE5}-46.0.2490.80_46.0.2490.71_chrome_updater.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-03-06 20:57

==================== End of FRST.txt ============================

 

And Additions.txt

 

Quote

Additional scan result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by libijany (2016-03-22 14:26:27)
Running from C:\Users\libijany\Desktop\frst
Windows 7 Home Premium Service Pack 1 (X64) (2012-05-02 06:41:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4030832826-1627693913-1931243672-500 - Administrator - Disabled)
Guest (S-1-5-21-4030832826-1627693913-1931243672-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4030832826-1627693913-1931243672-1002 - Limited - Enabled)
libijany (S-1-5-21-4030832826-1627693913-1931243672-1001 - Administrator - Enabled) => C:\Users\libijany

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95}
AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.0) (Version: 5.0.0.0 - Coupons.com Incorporated)
Dropbox (HKU\S-1-5-21-4030832826-1627693913-1931243672-1001\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
HP Support Assistant (HKLM-x32\...\{79C54A05-F146-4EA0-8A70-D4EFE6181E52}) (Version: 8.1.40.3 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{55065080-504F-43BB-BE00-36B80D7D39A5}) (Version: 12.2.8.17 - Hewlett-Packard Company)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
KNCTR (HKLM-x32\...\Itibiti_is1) (Version:  - Itibiti Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 44.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 en-US)) (Version: 44.0.2 - Mozilla)
NetRadio (HKLM-x32\...\OnlineRadio) (Version: 3.0.0 - NetRadio)
Pluto TV version 0.1.5 (HKLM-x32\...\Pluto TV_is1) (Version: 0.1.5 - Pluto TV)
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype Web Plugin (HKLM-x32\...\{8A9079EA-59DE-491F-937A-D421399B7762}) (Version: 7.6.0.295 - Skype Technologies S.A.)
Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.)
Unity Web Player (HKU\S-1-5-21-4030832826-1627693913-1931243672-1001\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
WildTangent Games App for HP (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp) (Version: 4.0.11.14 - WildTangent)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinRAR 5.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4030832826-1627693913-1931243672-1001_Classes\CLSID\{04419CEE-76E5-4487-B32E-68C0FD0C07E4}\InprocServer32 -> C:\Users\libijany\AppData\Local\SkypePlugin\7.6.0.295\GatewayActiveX-x64.dll (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-4030832826-1627693913-1931243672-1001_Classes\CLSID\{82C13295-2E78-45DD-9973-21F20A7D6F5C}\localserver32 -> C:\Users\libijany\AppData\Local\SkypePlugin\7.6.0.295\GatewayVersion-x64.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-4030832826-1627693913-1931243672-1001_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\libijany\AppData\Local\SkypePlugin\7.6.0.295\EdgeCalling.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-4030832826-1627693913-1931243672-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\libijany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4030832826-1627693913-1931243672-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\libijany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4030832826-1627693913-1931243672-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\libijany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4030832826-1627693913-1931243672-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\libijany\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {149E8DA5-362B-46B1-91D9-04D8C37A2E4A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-03-11] (Hewlett-Packard)
Task: {201946A9-0036-4910-AC19-1349A2563BF5} - System32\Tasks\HPCustParticipation HP Deskjet 3050 J610 series => C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe [2010-06-14] (Hewlett-Packard Co.)
Task: {7840585E-9181-45B2-BAD2-932C1C1EE2BD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-02-17] (Hewlett-Packard)
Task: {83CB52A3-0BF6-4289-8CDB-A69FF34AE25F} - System32\Tasks\{02494429-4C46-4B62-BDC3-0C73D9D55D73} => pcalua.exe -a "G:\After-School\Games and stuff\Minecraft Stuff\Mods\Divine RPG Mod Installer\Divine RPG Mod Installer.exe" -d "G:\After-School\Games and stuff\Minecraft Stuff\Mods\Divine RPG Mod Installer"
Task: {86A113E1-8CD9-4CA5-8DE5-3C002F0B2DBD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {872466DD-8B67-424B-A51F-C9D225E23CA3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {9EE7FFF5-648C-48F8-A122-182971628607} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {BA2900DC-4A1C-4E0F-BAB5-D505843F62D9} - System32\Tasks\Games\UpdateCheck_S-1-5-21-4030832826-1627693913-1931243672-1001
Task: {C55FBF76-0EC2-472E-9D33-B2FB47D4F863} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-04] (AVAST Software)
Task: {CF6E53B3-2E2A-4DE8-AB20-A36C76E59FC0} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-12] (Adobe Systems Incorporated)
Task: {D0F76463-A3DB-4ECE-AF28-F0D282EB68A3} - System32\Tasks\Regwork => C:\Program Files (x86)\RegWork\RegWork.exe
Task: {EF595246-9A0E-4643-BBA9-CEF55B438B79} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2011-08-23] (CyberLink)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Regwork.job => C:\Program Files (x86)\RegWork\RegWork.exe-shed C:\Program Files (x86)\RegWork\RegWork.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\libijany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://nav.brotstation.com?uid={3ba738118d5b43029a56a7f934694944}&r=eg
ShortcutWithArgument: C:\Users\libijany\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://nav.brotstation.com?uid={3ba738118d5b43029a56a7f934694944}&r=eg
ShortcutWithArgument: C:\Users\libijany\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://nav.brotstation.com?uid={3ba738118d5b43029a56a7f934694944}&r=eg
ShortcutWithArgument: C:\Users\libijany\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://nav.brotstation.com?uid={3ba738118d5b43029a56a7f934694944}&r=eg
ShortcutWithArgument: C:\Users\libijany\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://nav.brotstation.com?uid={3ba738118d5b43029a56a7f934694944}&r=eg
ShortcutWithArgument: C:\Users\libijany\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://nav.brotstation.com?uid={3ba738118d5b43029a56a7f934694944}&r=eg
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://nav.brotstation.com?uid={3ba738118d5b43029a56a7f934694944}&r=eg
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://nav.brotstation.com?uid={3ba738118d5b43029a56a7f934694944}&r=eg
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://nav.brotstation.com?uid={3ba738118d5b43029a56a7f934694944}&r=eg
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> hxxp://nav.brotstation.com?uid={3ba738118d5b43029a56a7f934694944}&r=eg

==================== Loaded Modules (Whitelisted) ==============

2015-12-30 16:08 - 2015-12-30 16:08 - 03587000 _____ () C:\ProgramData\System32\SafeGuard64.dll
2011-09-08 17:53 - 2011-09-08 17:53 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-08-02 16:41 - 2011-08-02 16:41 - 00098304 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2015-12-30 16:08 - 2015-12-30 16:08 - 02771896 _____ () C:\ProgramData\System32\SafeGuard32.dll
2012-08-27 22:33 - 2012-08-27 22:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 22:33 - 2012-08-27 22:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-02-19 19:48 - 2016-03-04 16:51 - 00096768 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\chrome_elf.dll
2016-03-11 23:34 - 2016-03-04 16:51 - 00732160 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\chrome_elf_wk.dll
2016-02-19 19:48 - 2016-02-18 00:14 - 01630360 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll
2016-02-19 19:48 - 2016-02-18 00:14 - 00085656 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll
2016-03-21 20:09 - 2016-03-08 13:16 - 17541312 _____ () C:\Users\libijany\AppData\Local\Google\Chrome\User Data\PepperFlash\21.0.0.182\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2016-03-21 20:12 - 00000980 ____A C:\Windows\system32\Drivers\etc\hosts

0.0.0.0 keystone.mwbsys.com
0.0.0.0 sirius.mwbsys.com
0.0.0.0 bactem.mwbsys.com54.230.89.168 data-cdn.mbamupdates.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4030832826-1627693913-1931243672-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\libijany\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: CouponXplorer Home Page Guard 64 bit => "C:\PROGRA~2\COUPON~2\bar\1.bin\AppIntegrator64.exe"
MSCONFIG\startupreg: CouponXplorer_5z Browser Plugin Loader => C:\PROGRA~2\COUPON~2\bar\1.bin\5zbrmon.exe
MSCONFIG\startupreg: FUFAXSTM => "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MapsGalaxy Home Page Guard 64 bit => "C:\PROGRA~2\MAPSGA~2\bar\1.bin\AppIntegrator64.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5A778E3D-C6E4-4847-9D6A-DE6DB4E4E34F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\RoxioNow\RNow.exe
FirewallRules: [{2C556584-185E-404C-BE8B-0BD5F2D948EC}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\RoxioNow\RNow.exe
FirewallRules: [{AEE00E60-C515-414B-92B2-9BD2A5509F1B}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\RoxioNow\IndivDRM.exe
FirewallRules: [{4ED7AC00-BF69-42DF-B009-792851F63262}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\RoxioNow\IndivDRM.exe
FirewallRules: [{5BDE2715-10E8-4C72-955E-549AA13E261A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{EDED0DF9-4F08-4D22-90B8-B18E7F406E3F}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
FirewallRules: [{DAC2FABE-14CD-4560-A4EA-369AE213A8A4}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\Remote Graphics Receiver\rgreceiver.exe
FirewallRules: [{91000D4D-84B5-4A58-87B8-E6FF292B5618}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{247460C4-9282-4564-B7C2-7BCF44415EF7}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP LinkUp\HP LinkUp Viewer.exe
FirewallRules: [{A5261B81-A015-4D12-85AE-A62C4E8BCBE3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{214FA9F2-6FBA-4F51-8304-AC507B67AE3D}] => (Allow) LPort=2869
FirewallRules: [{1E02FFA4-D911-46BC-944E-2B8D70B6B8FB}] => (Allow) LPort=1900
FirewallRules: [{72843B3D-31E4-4023-AA72-9854036CA910}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{47B8E1EF-C103-4820-9DAF-C8884E672537}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{ABFCDDC4-1629-4792-935A-EE475E8E0FB7}] => (Allow) C:\Program Files\hp\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe
FirewallRules: [{864C7065-643C-4E3F-A5E2-19C28B556376}] => (Allow) C:\Program Files\hp\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe
FirewallRules: [{4FC1A7CF-CA82-4B4C-809F-8F04A92BFE2F}] => (Allow) C:\Program Files\hp\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{D84C6F27-55A9-497D-B468-0DBDEAEBD32F}] => (Allow) C:\Program Files\hp\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{FDA0EAC4-5AC5-4AB0-BA1A-A5045234D4BE}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{BD6B64DC-9204-4EFD-B82F-99517FD2E2B3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{67AF4B7A-D8EF-4B97-8FFF-96685A3BCDDC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{828212C2-19CA-4A1B-8A52-3D21932A70DE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{ABF7E773-0A32-4616-BB9A-F6E2D5EF600C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A33064D0-1A48-4E78-A99F-FBCE2635AC39}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{1A0B0011-B167-49F2-B105-501C4A098DB8}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe
FirewallRules: [TCP Query User{43B65BB7-76E5-4399-8B1F-A4265FB05FA4}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{20FF0A07-97A2-408E-B38A-D650DCFBEBEE}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{452AFBBD-52E3-4106-A64E-28D55C7B75DE}] => (Allow) C:\Program Files (x86)\VaeVictis\Victory\Victory.exe
FirewallRules: [TCP Query User{36D7B388-5466-4FDB-A4A2-97ADBD63852A}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{AB0CB429-3386-4F82-9BC8-01EA9526FC63}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{26DA0DD7-0710-4041-8E69-F557E49C6024}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{220D78F9-1E43-407A-AF22-F1590B6075E7}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{DA2243AB-4219-4457-BD61-2CF319A21269}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EAB2AEF8-229F-4E92-8F5A-96FBE4FA8521}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{8A27A951-08F3-4815-9FD5-16DF1ACB645D}C:\users\libijany\appdata\local\skypeplugin\7.6.0.295\pluginhost.exe] => (Allow) C:\users\libijany\appdata\local\skypeplugin\7.6.0.295\pluginhost.exe
FirewallRules: [UDP Query User{9CB9439F-F138-4A5A-AC8C-D017CD2C467F}C:\users\libijany\appdata\local\skypeplugin\7.6.0.295\pluginhost.exe] => (Allow) C:\users\libijany\appdata\local\skypeplugin\7.6.0.295\pluginhost.exe
FirewallRules: [{930E601C-4426-4E5F-9589-572340AD4E3B}] => (Allow) C:\Users\libijany\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{8E274E90-5206-4863-937B-C651B653ACD4}] => (Allow) C:\Users\libijany\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{1EA64037-8FEB-4C0C-BE17-E0D8D377E536}] => (Allow) C:\Users\libijany\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{09045847-3089-4F1E-B8FD-53F37E96AD36}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C21250EB-29AF-4547-9172-DA3CB4E6BCAE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{76995982-4592-4B08-B16A-9AF088001B99}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{CD5ACB15-46A7-4252-92D2-CCC8E9E7BBEF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

15-03-2016 16:34:06 Windows Update
20-03-2016 19:36:58 Windows Update
21-03-2016 20:01:35 Chrome Cleanup Tool
21-03-2016 22:01:15 Removed Splashtop Streamer.
21-03-2016 23:02:18 Windows Update
21-03-2016 23:44:59 Windows Update
22-03-2016 14:16:44 Removed Windows Live Mesh ActiveX Control for Remote Connections

==================== Faulty Device Manager Devices =============

Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/22/2016 02:08:53 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server name or address could not be resolved

Error: (03/22/2016 02:04:44 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 616844

Error: (03/22/2016 02:04:44 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 616844

Error: (03/22/2016 02:04:44 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/22/2016 02:04:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 601072

Error: (03/22/2016 02:04:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 601072

Error: (03/22/2016 02:04:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/22/2016 02:04:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 585175

Error: (03/22/2016 02:04:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 585175

Error: (03/22/2016 02:04:12 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (03/22/2016 02:05:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SkypeUpdateEx service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/22/2016 02:05:01 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Xbox Live Network Manager Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (03/22/2016 02:01:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%1053

Error: (03/22/2016 02:01:08 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.

Error: (03/22/2016 01:58:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The MBAMService service depends on the MBAMProtector service which failed to start because of the following error: 
%%193

Error: (03/22/2016 01:57:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMProtector service failed to start due to the following error: 
%%193

Error: (03/22/2016 12:43:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Security Center service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.

Error: (03/22/2016 12:43:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The TCP/IP NetBIOS Helper service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.

Error: (03/22/2016 12:43:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The HomeGroup Provider service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (03/22/2016 12:43:02 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Event Log service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.


==================== Memory info =========================== 

Processor: AMD E-450 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 48%
Total physical RAM: 3700.64 MB
Available physical RAM: 1906.52 MB
Total Virtual: 7399.5 MB
Available Virtual: 5234.86 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:448.77 GB) (Free:345.38 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:16.89 GB) (Free:2.12 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: F5400BBB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=16.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

 

Thanks in advance for the help.

Link to post
Share on other sites

Hello and welcome to Malwarebytes,

Please be aware the following P2P/Piracy Warning is a standard opening reply made here at Malwarebytes to make you aware of Forum Protocol....

If you're using Peer 2 Peer software such as uTorrent, BitTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

Anyone other than the original starter of this thread please DO NOT follow the instructions and advice posted as replies here, my help and advice is NOT related to your system and will probably cause more harm than good...

 

Unfortunately you have a hack running on your system to crack Malwarebytes licence activation. That action is a direct breach of forum protocol so no help is available to you, your thread will be locked and closed...

 

Thank you,

Kevin...

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.