Jump to content

burns209

Members
  • Posts

    1
  • Joined

  • Last visited

Everything posted by burns209

  1. computer is really slow and sluggish i have malwarebytes pro Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:27-01-2016 Ran by Chris (administrator) on DELL-530 (27-01-2016 20:23:37) Running from C:\Users\Chris\Desktop Loaded Profiles: Chris (Available Profiles: Chris) Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) Language: English (United States) Internet Explorer Version 9 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe (Andrea Electronics Corporation) C:\Windows\System32\AERTSrv.exe (Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe (Microsoft Corporation) C:\Windows\ehome\ehsched.exe () C:\Program Files\HDD Health\HDDHealthService.exe (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Realtek Semiconductor) C:\Windows\RtHDVCpl.exe (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (PANTERASoft) C:\Program Files\HDD Health\hddhealth.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\tobedeleted\moz2BE4.tmp ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4907008 2008-01-17] (Realtek Semiconductor) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-03] (AVAST Software) HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6602152 2015-12-08] (Piriform Ltd) HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation) HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-12-03] (AVAST Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HDDHealth.lnk [2014-03-25] ShortcutTarget: HDDHealth.lnk -> C:\Program Files\HDD Health\hddhealth.exe (PANTERASoft) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog9 11 %windir%\system32\vsocklib.dll No File Winsock: Catalog9 12 %windir%\system32\vsocklib.dll No File Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0 Tcpip\..\Interfaces\{1C860157-7FDA-473E-B46D-C45B490DF184}: [DhcpNameServer] 192.168.1.1 0.0.0.0 Tcpip\..\Interfaces\{24808C3F-DF8E-4DBB-B40F-D7DB39A51B71}: [DhcpNameServer] 192.168.0.203 Tcpip\..\Interfaces\{C010AF49-0C76-4353-BB35-19AE24C74C4F}: [DhcpNameServer] 192.168.1.1 0.0.0.0 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms} BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-03] (AVAST Software) FireFox: ======== FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\twey4ixw.default-1447721945575 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-21] () FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.) FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.) FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.) FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-08-16] (RealNetworks, Inc.) FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-08-16] (RealNetworks, Inc.) FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Extension: Adblock Plus - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\twey4ixw.default-1447721945575\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-21] FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-02-04] [not signed] FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013-05-06] [not signed] FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-08] [not signed] FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-03] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-03] Chrome: ======= CHR HomePage: Default -> hxxps://www.google.com/?trackid=sp-006 CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006" CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Avast Online Security) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-12-15] CHR Extension: (Chrome Web Store Payments) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-15] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-03] CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AERTFilters; C:\Windows\system32\AERTSrv.exe [77824 2007-12-05] (Andrea Electronics Corporation) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-03] (AVAST Software) R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109520 2015-12-03] (AVAST Software) R2 HDDHealth; C:\Program Files\HDD Health\HDDHealthService.exe [17760 2013-03-08] () [File not signed] R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] () R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation) S2 WiseBootAssistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [580144 2015-08-06] (WiseCleaner.com) U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X] ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-12-03] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26096 2015-12-03] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [81168 2015-12-18] (AVAST Software) R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2014-08-02] (ALWIL Software) R0 aswNdis2; C:\Windows\system32\Drivers\aswNdis2.sys [257720 2015-12-03] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-12-03] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-12-03] (AVAST Software) S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [812208 2016-01-21] () [File not signed] R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436360 2015-12-18] (AVAST Software) R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [165104 2015-12-03] (AVAST Software) S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [58016 2015-12-03] (AVAST Software) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209432 2015-12-03] (AVAST Software) R3 gttap1; C:\Windows\System32\DRIVERS\gttap1.sys [32552 2013-09-12] (The OpenVPN Project) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-01-27] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation) S3 MOSUMAC; C:\Windows\System32\DRIVERS\MOSUMAC.SYS [43520 2009-12-10] (--) R3 WiseHDInfo; C:\Windows\WiseHDInfo32.dll [13264 2015-11-23] (wisecleaner.com) U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation) U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-27 20:23 - 2016-01-27 20:23 - 01721856 _____ (Farbar) C:\Users\Chris\Desktop\FRST.exe 2016-01-27 20:23 - 2016-01-27 20:23 - 00014143 _____ C:\Users\Chris\Desktop\FRST.txt 2016-01-26 20:16 - 2016-01-26 20:16 - 00000000 ____D C:\Users\Chris\Downloads\The.Gambler.2014.BRRip.XViD-ETRG 2016-01-26 13:34 - 2016-01-26 17:02 - 00000000 ____D C:\Users\Chris\Downloads\The.Sting.1973.BluRay.1080p.DTS.x264-CHD [PublicHD] 2016-01-26 13:34 - 2016-01-26 13:34 - 00056088 _____ C:\Users\Chris\AppData\Local\GDIPFONTCACHEV1.DAT 2016-01-26 13:32 - 2016-01-26 13:32 - 02026520 _____ (BitTorrent Inc.) C:\Users\Chris\Downloads\uTorrent(2).exe 2016-01-26 13:30 - 2016-01-26 13:30 - 02374320 _____ (PeerBlock, LLC ) C:\Users\Chris\Downloads\PeerBlock-Setup_v1.2_r693(1).exe 2016-01-26 13:28 - 2016-01-26 13:28 - 06361216 _____ (WiseCleaner.com ) C:\Users\Chris\Downloads\WiseCare365(1).exe 2016-01-21 16:21 - 2015-12-05 17:03 - 02873344 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2016-01-21 16:21 - 2015-12-05 17:03 - 01567744 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL 2016-01-21 16:21 - 2015-12-05 17:03 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL 2016-01-21 16:21 - 2015-12-05 17:03 - 01377792 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL 2016-01-21 16:21 - 2015-12-05 17:03 - 01326080 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL 2016-01-21 16:21 - 2015-12-05 17:03 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2016-01-21 16:21 - 2015-12-05 17:03 - 01114624 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL 2016-01-21 16:21 - 2015-12-05 17:03 - 00867328 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll 2016-01-21 16:21 - 2015-12-05 17:03 - 00767488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL 2016-01-21 16:21 - 2015-12-05 17:03 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL 2016-01-21 16:21 - 2015-12-05 17:03 - 00650240 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL 2016-01-21 16:21 - 2015-12-05 17:03 - 00605184 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL 2016-01-21 16:21 - 2015-12-05 17:03 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2016-01-21 16:21 - 2015-12-05 17:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL 2016-01-21 16:21 - 2015-12-05 17:03 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL 2016-01-21 16:21 - 2015-12-05 17:03 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll 2016-01-21 16:21 - 2015-12-05 17:02 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll 2016-01-21 16:21 - 2015-12-05 17:02 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2VDEC.DLL 2016-01-21 16:21 - 2015-12-05 17:02 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL 2016-01-21 16:21 - 2015-12-05 17:02 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL 2016-01-21 16:21 - 2015-12-05 17:02 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2016-01-21 16:21 - 2015-12-05 17:02 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ADEC.DLL 2016-01-21 16:21 - 2015-12-05 17:02 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL 2016-01-21 16:21 - 2015-12-05 17:02 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL 2016-01-21 16:21 - 2015-12-05 17:02 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL 2016-01-21 16:21 - 2015-12-05 17:02 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2016-01-21 16:21 - 2015-12-05 17:02 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL 2016-01-21 16:21 - 2015-12-05 17:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax 2016-01-21 16:21 - 2015-12-05 17:02 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL 2016-01-21 16:21 - 2015-12-05 17:02 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll 2016-01-21 16:21 - 2015-12-05 16:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys 2016-01-21 16:20 - 2015-12-05 17:03 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2016-01-21 16:20 - 2015-12-05 17:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll 2016-01-21 16:20 - 2015-12-05 15:24 - 02068480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-01-21 16:20 - 2015-11-13 16:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll 2016-01-21 16:20 - 2015-11-13 16:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll 2016-01-21 16:20 - 2015-11-13 15:27 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe 2016-01-21 16:19 - 2015-12-08 17:01 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll 2016-01-21 16:09 - 2015-12-05 17:02 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-01-21 16:07 - 2016-01-21 16:07 - 06805440 _____ (Piriform Ltd) C:\Users\Chris\Downloads\ccsetup513.exe 2016-01-21 16:06 - 2015-12-30 17:12 - 03609024 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2016-01-21 16:06 - 2015-12-30 17:12 - 03556800 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-01-21 14:07 - 2015-12-15 21:50 - 01814528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-01-21 14:07 - 2015-12-15 21:49 - 12388864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-01-21 14:07 - 2015-12-15 21:47 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2016-01-21 14:07 - 2015-12-15 21:46 - 09753088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-01-21 14:07 - 2015-12-15 21:45 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-01-21 14:07 - 2015-12-15 21:45 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-01-21 14:07 - 2015-12-15 21:44 - 01804800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-01-21 14:07 - 2015-12-15 21:44 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-01-21 14:07 - 2015-12-15 21:44 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-01-21 14:07 - 2015-12-15 21:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-01-21 14:07 - 2015-12-15 21:44 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2016-01-21 14:07 - 2015-12-15 21:44 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2016-01-21 14:07 - 2015-12-15 21:44 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2016-01-21 14:07 - 2015-12-15 21:43 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2016-01-21 14:07 - 2015-12-15 21:43 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-01-21 14:07 - 2015-12-15 21:43 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2016-01-21 14:07 - 2015-12-15 21:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-01-21 14:07 - 2015-12-15 21:43 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2016-01-21 14:07 - 2015-12-15 21:43 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-01-21 14:07 - 2015-12-15 21:43 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2016-01-21 14:07 - 2015-12-15 21:43 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2016-01-21 14:07 - 2015-12-15 21:43 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2016-01-21 13:32 - 2016-01-21 13:43 - 00000000 ____D C:\Users\Chris\Downloads\rman films 2016-01-21 13:15 - 2016-01-21 13:15 - 02026520 _____ (BitTorrent Inc.) C:\Users\Chris\Downloads\uTorrent(1).exe 2016-01-21 13:02 - 2016-01-21 13:07 - 00000000 ____D C:\Windows\system32\rman films 2016-01-07 23:39 - 2016-01-27 20:16 - 00000000 ____D C:\Program Files\Mozilla Firefox 2016-01-02 23:24 - 2016-01-03 00:43 - 00000000 ____D C:\Users\Chris\Downloads\vbvv 2016-01-02 22:58 - 2016-01-02 23:32 - 00000000 ____D C:\Users\Chris\Downloads\ddreg 2016-01-02 22:57 - 2016-01-02 23:42 - 00000000 ____D C:\Users\Chris\Downloads\ddreg2 2015-12-28 23:30 - 2015-12-29 04:36 - 00000000 ____D C:\Users\Chris\Downloads\hoc22 2015-12-28 23:28 - 2015-12-28 23:39 - 00000000 ____D C:\Users\Chris\Downloads\hcc2 ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-01-27 20:23 - 2015-11-17 01:45 - 00000000 ____D C:\FRST 2016-01-27 20:23 - 2012-06-03 08:55 - 00056320 _____ C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-01-27 20:17 - 2013-05-06 13:42 - 00000069 _____ C:\Windows\NeroDigital.ini 2016-01-27 20:16 - 2015-06-18 16:12 - 00000000 ____D C:\Program Files\PeerBlock 2016-01-27 20:15 - 2015-03-30 20:39 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Vso 2016-01-27 20:14 - 2014-06-02 21:04 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-27 20:11 - 2015-03-30 20:39 - 00001041 _____ C:\Users\Chris\AppData\Roaming\vso_ts_preview.xml 2016-01-27 19:58 - 2006-11-02 12:47 - 00005184 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2016-01-27 19:58 - 2006-11-02 12:47 - 00005184 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2016-01-27 19:46 - 2012-12-13 19:48 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-01-27 19:29 - 2014-06-02 21:10 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2016-01-27 18:00 - 2015-11-22 17:59 - 00000444 _____ C:\Windows\Tasks\ParetoLogic Registration3.job 2016-01-27 15:59 - 2015-11-27 13:30 - 00000376 _____ C:\Windows\Tasks\Wise Care 365.job 2016-01-27 13:00 - 2015-11-27 13:30 - 00000404 _____ C:\Windows\Tasks\Wise Turbo Checker.job 2016-01-27 03:44 - 2011-12-28 14:53 - 00000000 ____D C:\Users\Chris\Documents\ConvertXToDVD 2016-01-27 03:14 - 2014-06-02 21:04 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-26 22:48 - 2013-07-23 21:29 - 00000000 ____D C:\Users\Chris\AppData\Roaming\vlc 2016-01-26 13:33 - 2015-11-23 23:57 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Wise Care 365 2016-01-26 13:29 - 2011-12-31 13:09 - 00000000 ____D C:\Users\Chris\AppData\Local\CrashDumps 2016-01-26 13:29 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\inf 2016-01-26 13:26 - 2015-11-22 17:56 - 00000418 _____ C:\Windows\Tasks\ParetoLogic Update Version3.job 2016-01-24 16:00 - 2015-11-23 23:57 - 00001795 _____ C:\Users\Public\Desktop\Wise Care 365.lnk 2016-01-24 15:59 - 2015-11-22 17:56 - 00000470 _____ C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job 2016-01-24 15:59 - 2006-11-02 12:37 - 00000000 ___RD C:\Users\Public\Recorded TV 2016-01-24 15:58 - 2006-11-02 13:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-01-23 15:05 - 2006-11-02 13:01 - 00032544 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-01-21 17:19 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\rescache 2016-01-21 17:03 - 2006-11-02 10:33 - 00749424 _____ C:\Windows\system32\PerfStringBackup.INI 2016-01-21 16:57 - 2013-05-08 15:51 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2016-01-21 16:54 - 2013-01-08 21:45 - 00000000 ____D C:\Windows\system32\RTCOM 2016-01-21 16:24 - 2013-05-08 15:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2016-01-21 16:19 - 2013-08-14 02:08 - 00000000 ____D C:\Windows\system32\MRT 2016-01-21 16:09 - 2006-11-02 10:24 - 141317472 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2016-01-21 16:08 - 2014-01-05 03:26 - 00000764 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-01-21 16:02 - 2014-01-05 03:26 - 00000000 ____D C:\Program Files\CCleaner 2016-01-21 14:17 - 2014-06-02 21:05 - 00001931 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-01-21 14:08 - 2015-11-17 20:46 - 00000000 ____D C:\Users\Chris\Desktop\New Folder (2) 2016-01-21 13:14 - 2012-12-13 19:48 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2016-01-21 13:14 - 2012-12-13 19:48 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2016-01-21 13:11 - 2013-10-31 00:26 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2016-01-21 13:10 - 2014-08-02 21:53 - 00812208 _____ C:\Windows\system32\Drivers\aswsnx.sys 2016-01-21 12:56 - 2015-11-22 18:06 - 00000000 ____D C:\Program Files\Wise 2016-01-01 13:16 - 2015-11-23 23:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365 2015-12-30 22:25 - 2012-12-19 18:53 - 00000000 ____D C:\Users\Chris\AppData\Roaming\dvdcss ==================== Files in the root of some directories ======= 2011-12-28 14:52 - 2011-12-28 14:52 - 0007887 _____ () C:\Users\Chris\AppData\Roaming\pcouffin.cat 2011-12-28 14:52 - 2011-12-28 14:52 - 0001144 _____ () C:\Users\Chris\AppData\Roaming\pcouffin.inf 2011-12-28 14:52 - 2011-12-28 14:52 - 0047360 _____ (VSO Software) C:\Users\Chris\AppData\Roaming\pcouffin.sys 2013-06-10 18:39 - 2013-06-10 18:39 - 0029239 _____ () C:\Users\Chris\AppData\Roaming\UserTile.png 2015-03-30 20:39 - 2016-01-27 20:11 - 0001041 _____ () C:\Users\Chris\AppData\Roaming\vso_ts_preview.xml 2012-01-13 08:09 - 2013-04-28 21:18 - 0163945 _____ () C:\Users\Chris\AppData\Local\ars.cache 2012-01-13 08:10 - 2013-04-28 21:18 - 0910996 _____ () C:\Users\Chris\AppData\Local\census.cache 2013-05-06 11:27 - 2015-05-14 01:47 - 0000680 _____ () C:\Users\Chris\AppData\Local\d3d9caps.dat 2012-06-03 08:55 - 2016-01-27 20:23 - 0056320 _____ () C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2012-01-13 07:12 - 2012-01-13 07:12 - 0000036 _____ () C:\Users\Chris\AppData\Local\housecall.guid.cache ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-01-27 16:43 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x86) Version:27-01-2016 Ran by Chris (2016-01-27 20:24:13) Running from C:\Users\Chris\Desktop Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) (2011-02-04 10:32:19) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3299710142-3868310564-1978959094-500 - Administrator - Disabled) Chris (S-1-5-21-3299710142-3868310564-1978959094-1001 - Administrator - Enabled) => C:\Users\Chris Guest (S-1-5-21-3299710142-3868310564-1978959094-501 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.213 - Adobe Systems Incorporated) Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.) Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated) Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.1.171 - Adobe Systems, Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Avast Internet Security (HKLM\...\Avast) (Version: 11.1.2245 - AVAST Software) CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform) ConvertXtoDVD 4.0.9.322 (HKLM\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.0.9.322 - ) EasyBCD 1.7 (HKLM\...\EasyBCD) (Version: 1.7 - NeoSmart Technologies) ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - ) ffdshow [rev 2180] [2008-10-04] (HKLM\...\ffdshow_is1) (Version: 1.0 - ) Google Chrome (HKLM\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden HDD Health v4.2 (HKLM\...\HDD Health_is1) (Version: - ) InPlay IPTV (HKLM\...\{4CE87481-C78C-4543-9AA0-2117CD5BF917}) (Version: 4.0.0 - Cobain ltd) Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - Intel Corporation) K-Lite Codec Pack 7.0.0 (Standard) (HKLM\...\KLiteCodecPack_is1) (Version: 7.0.0 - ) Leawo Video Converter version 5.1.0.0 (HKLM\...\{331ED3CF-3A1B-467C-9A62-899E2D3B20C4}_is1) (Version: - ) Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Excel Viewer 2003 (HKLM\...\{90840409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Office Word Viewer 2003 (HKLM\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{A55747C1-4651-433D-B082-478874FF7516}) (Version: 6.3.0 - Motorola Mobility LLC) Mozilla Firefox 44.0 (x86 en-US) (HKLM\...\Mozilla Firefox 44.0 (x86 en-US)) (Version: 44.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla) MPC-HC 1.7.0 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.0.7858 - MPC-HC Team) MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) Nero 7 Lite 7.10.1.2 (HKLM\...\Nero7Lite_is1) (Version: 7.10.1.2 - UpdatePack.nl) Panda Cloud Cleaner (HKLM\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.2 - Panda Security) RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - ) SafeZone Stable 1.46.1990.139 (Version: 1.46.1990.139 - Avast Software) Hidden Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.) Skitch (HKLM\...\Skitch 1.0.2.0) (Version: 2.2.0.4 - Evernote Corp.) swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Temp File Cleaner (HKLM\...\Temp File Cleaner) (Version: 4.2.2 - Addpcs, LLC) Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) Wise Care 365 3.95 (HKLM\...\Wise Care 365_is1) (Version: 3.95 - WiseCleaner.com, Inc.) YouTube Downloader App 3.00 (HKLM\...\YouTube Downloader App) (Version: 3.00 - Regensoft) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {1927E206-D4F9-4C9B-ADB6-4F8FD1C2075F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-03] (AVAST Software) Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM Task: {226CEE75-CF8F-402A-8AF3-C4AAB22CFD4B} - System32\Tasks\Wise Turbo Checker => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe [2015-12-18] (WiseCleaner.COM) Task: {5184F028-AA66-498B-8389-8BE4497A3485} - \avastBCLRestartS-1-5-21-3299710142-3868310564-1978959094-1001 -> No File <==== ATTENTION Task: {5BFC4A2B-909F-4B84-91CF-970DA4517BC1} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-11-20] () Task: {6092D648-6209-4D6F-9B67-908F6DA777DD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {677CD573-8156-4B83-8781-B7646D6B0415} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-21] (Adobe Systems Incorporated) Task: {85281012-34B8-4BAA-9EF3-93B5EA5F07FC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {8A6403D3-82D2-4E66-8DBE-0E6A1517755E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {973015C7-6306-45B3-B67A-64054485E046} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-11-20] () Task: {9D99E420-AC3A-4C4E-9452-F6942FE9B0F7} - System32\Tasks\SafeZone scheduled Autoupdate 1449186754 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2015-12-01] (Avast Software) Task: {9EEFDA3E-7CED-4A02-A761-4D2961EA1B52} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns Task: {C0BB004D-9824-4D0E-9F70-09C1D3B6DBDB} - System32\Tasks\WiseCleaner\AidSkipUAC => C:\Program Files\Wise\Wise PC 1stAid\WisePCAid.exe [2015-08-21] (WiseCleaner.com) Task: {DC0B49E4-3258-40BE-81A6-B40E45F2E425} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd) Task: {F134A5C6-2ED5-4DA9-840B-9AC93FA72BF8} - System32\Tasks\Wise Care 365 => C:\Program Files\Wise\Wise Care 365\WiseTray.exe [2015-12-18] (WiseCleaner.com) Task: {F55F85D3-8FDE-479E-82E0-A9BB339AA8E2} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Windows\system32\rundll32.exeAC:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe Task: C:\Windows\Tasks\Wise Care 365.job => C:\Program Files\Wise\Wise Care 365\WiseTray.exe Task: C:\Windows\Tasks\Wise Turbo Checker.job => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-03-20 17:32 - 2015-12-03 23:36 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2015-03-20 17:32 - 2015-12-03 23:36 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-01-23 11:35 - 2016-01-23 11:35 - 02818048 _____ () C:\Program Files\AVAST Software\Avast\defs\16012300\algo.dll 2015-12-03 23:36 - 2015-12-03 23:36 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-01-27 20:17 - 2016-01-27 20:17 - 02818048 _____ () C:\Program Files\AVAST Software\Avast\defs\16012702\algo.dll 2014-03-25 05:27 - 2013-03-08 09:54 - 00017760 _____ () C:\Program Files\HDD Health\HDDHealthService.exe 2013-08-14 14:19 - 2013-08-14 14:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe 2015-03-14 02:20 - 2015-12-03 23:36 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-08-26 07:44 - 2015-08-26 07:44 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll 2008-10-23 12:05 - 2008-10-04 09:22 - 02494464 _____ () C:\Program Files\ffdshow\ffdshow.ax 2012-03-18 20:07 - 2011-10-28 16:13 - 00221581 _____ () C:\Program Files\K-Lite Codec Pack\Filters\LAV\avutil-lav-51.dll 2012-03-18 20:07 - 2011-10-28 16:13 - 06034229 _____ () C:\Program Files\K-Lite Codec Pack\Filters\LAV\avcodec-lav-53.dll 2012-03-18 20:07 - 2011-10-28 16:13 - 00337387 _____ () C:\Program Files\K-Lite Codec Pack\Filters\LAV\swscale-lav-2.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service" ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\008k.com -> 008k.com IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\00hq.com -> 00hq.com IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\0190-dialers.com -> 0190-dialers.com IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\01i.info -> 01i.info IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\05p.com -> 05p.com IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\0calories.net -> 0calories.net IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\0cj.net -> 0cj.net IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\0scan.com -> 0scan.com IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\1-domains-registrations.com -> 1-domains-registrations.com IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\1-se.com -> 1-se.com IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\1001movie.com -> 1001movie.com IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\1001night.biz -> 1001night.biz IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\100gal.net -> 100gal.net IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\100sexlinks.com -> 100sexlinks.com There are 5317 more sites. ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-01-28 15:22 - 2015-11-17 21:35 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Chris\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [sLSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\slsvc.exe FirewallRules: [sLSVC-In-TCP] => (Allow) %SystemRoot%\system32\slsvc.exe FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [{F4CFD83A-D58B-4331-9FC7-226F9784CDC4}] => (Allow) C:\Windows\System32\muzapp.exe FirewallRules: [{12BEC677-E9D6-44B9-BABE-F2063712476A}] => (Allow) C:\Windows\System32\muzapp.exe FirewallRules: [{63B46E60-3403-4499-A84A-2E131052042D}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe FirewallRules: [{CB3C9927-8511-4003-A2F9-0F8653F9F993}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{89F6D647-8024-4E1F-8497-2A7AE8708831}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{B0445748-C9F0-4B94-BC0C-0FE10A3A055B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{BCB8D66D-EAE0-4619-B7B9-76176D0CC46B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [WMPNSS-WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [WMPNSS-WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [WMPNSS-WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [WMPNSS-WMP-Out-TCP-NoScope-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [WMPNSS-WMP-Out-UDP-NoScope-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [WMPNSS-WMP-In-UDP-NoScope-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe FirewallRules: [{7B0956BD-F3D2-483D-B46D-8A8571258DC6}] => (Allow) LPort=80 FirewallRules: [{8AB470CC-8166-471A-8F5F-8CF24CBF9CE7}] => (Allow) LPort=80 FirewallRules: [{E72885C9-C635-4DBF-9775-C607C77F0F91}] => (Allow) LPort=80 FirewallRules: [{4FCEDEF2-A58A-4286-A6D3-4023E732B5B2}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 21-01-2016 16:06:10 Windows Update 23-01-2016 11:38:31 Windows Update 24-01-2016 17:18:28 Scheduled Checkpoint 26-01-2016 00:00:01 Scheduled Checkpoint 27-01-2016 04:10:14 Scheduled Checkpoint ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (01/27/2016 08:11:30 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: The entry <C:\USERS\CHRIS\DOWNLOADS\GET HARD (2015) [1080P]\WWW.YTS.TO.JPG> in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) Error: (01/27/2016 08:11:30 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: The entry <C:\USERS\CHRIS\DOWNLOADS\GET HARD (2015) [1080P]\GET.HARD.2015.1080P.BLURAY.X264.YIFY.MP4> in the hash map cannot be updated. Context: Application, SystemIndex Catalog Details: A device attached to the system is not functioning. (0x8007001f) Error: (01/24/2016 04:07:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp 0x49e01da5, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x000723ee, process id 0x9cc, application start time 0xExplorer.EXE0. Error: (01/21/2016 04:59:04 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: The application cannot be initialized. Context: Windows Application Details: The content index metadata cannot be read. (0xc0041801) Error: (01/21/2016 04:59:04 PM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: The gatherer object cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: The content index metadata cannot be read. (0xc0041801) Error: (01/21/2016 04:59:04 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: The plug-in in <Search.TripoliIndexer> cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: Element not found. (0x80070490) Error: (01/21/2016 04:58:56 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: The plug-in in <Search.JetPropStore> cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: The content index metadata cannot be read. (0xc0041801) Error: (01/21/2016 04:58:56 PM) (Source: Windows Search Service) (EventID: 9002) (User: ) Description: The Windows Search Service cannot load the property store information. Context: Windows Application, SystemIndex Catalog Details: 0x%08x (0x8004117f - The content index server cannot update or access information because of a database error. Stop and restart the search service. If the problem persists, reset and recrawl the content index. In some cases it may be necessary to delete and recreate the content index. ) Error: (01/21/2016 04:58:55 PM) (Source: Windows Search Service) (EventID: 9000) (User: ) Description: The Windows Search Service cannot open the Jet property store. Details: 0x%08x (0x8004117f - The content index server cannot update or access information because of a database error. Stop and restart the search service. If the problem persists, reset and recrawl the content index. In some cases it may be necessary to delete and recreate the content index. ) Error: (01/21/2016 04:20:52 PM) (Source: MsiInstaller) (EventID: 11704) (User: NT AUTHORITY) Description: Product: Microsoft Office Word Viewer 2003 -- Error 1704. An installation for Adobe Refresh Manager is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes? System errors: ============= Error: (01/24/2016 03:59:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: aswSnx Error: (01/23/2016 11:35:17 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: aswSnx Error: (01/23/2016 11:34:56 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 17:21:00 on 21/01/2016 was unexpected. Error: (01/21/2016 04:59:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Windows Search1300001Restart the service Error: (01/21/2016 04:59:12 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Windows Search2147749155 (0x80040D23) Error: (01/21/2016 04:58:22 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: aswSnx Error: (01/21/2016 04:21:01 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: 0x80070644Security Update for Word Viewer (KB3114569){CF8C29BD-91B4-4548-A579-CCF8A0C8AF4F}201 Error: (01/21/2016 01:12:37 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: aswSnx Error: (01/21/2016 01:12:15 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 13:10:30 on 21/01/2016 was unexpected. Error: (01/21/2016 12:59:01 PM) (Source: volsnap) (EventID: 25) (User: ) Description: The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time. Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied. CodeIntegrity: =================================== Date: 2016-01-27 20:23:48.829 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2016-01-27 20:23:48.563 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2016-01-27 20:23:48.361 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2016-01-27 20:23:48.127 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system. Date: 2016-01-27 19:30:58.016 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2016-01-27 19:30:57.804 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2016-01-27 19:30:57.597 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2016-01-27 19:30:57.387 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2016-01-27 19:30:57.181 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. Date: 2016-01-27 19:30:56.974 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system. ==================== Memory info =========================== Processor: Intel® Core2 Duo CPU E6750 @ 2.66GHz Percentage of memory in use: 57% Total physical RAM: 3060.45 MB Available physical RAM: 1303.89 MB Total Virtual: 6345.95 MB Available Virtual: 3818.94 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:288.32 GB) (Free:161.57 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive d: (Recovery) (Fixed) (Total:9.77 GB) (Free:3.88 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 5ED7C68A) Partition 1: (Active) - (Size=288.3 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=9.8 GB) - (Type=07 NTFS)
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.