Jump to content

Recommended Posts

computer is really slow and sluggish

i have malwarebytes pro

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:27-01-2016
Ran by Chris (administrator) on DELL-530 (27-01-2016 20:23:37)
Running from C:\Users\Chris\Desktop
Loaded Profiles: Chris (Available Profiles: Chris)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Andrea Electronics Corporation) C:\Windows\System32\AERTSrv.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
() C:\Program Files\HDD Health\HDDHealthService.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(PANTERASoft) C:\Program Files\HDD Health\hddhealth.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\tobedeleted\moz2BE4.tmp


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4907008 2008-01-17] (Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-03] (AVAST Software)
HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6602152 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2015-12-03] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HDDHealth.lnk [2014-03-25]
ShortcutTarget: HDDHealth.lnk -> C:\Program Files\HDD Health\hddhealth.exe (PANTERASoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9 11 %windir%\system32\vsocklib.dll No File
Winsock: Catalog9 12 %windir%\system32\vsocklib.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{1C860157-7FDA-473E-B46D-C45B490DF184}: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{24808C3F-DF8E-4DBB-B40F-D7DB39A51B71}: [DhcpNameServer] 192.168.0.203
Tcpip\..\Interfaces\{C010AF49-0C76-4353-BB35-19AE24C74C4F}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2013-08-14] (RealDownloader)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-03] (AVAST Software)

FireFox:
========
FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\twey4ixw.default-1447721945575
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-21] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-08-16] (RealNetworks, Inc.)
FF Plugin: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-08-16] (RealNetworks, Inc.)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Adblock Plus - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\twey4ixw.default-1447721945575\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-21]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-02-04] [not signed]
FF HKLM\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2013-05-06] [not signed]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-08] [not signed]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-03]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-03]

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/?trackid=sp-006
CHR StartupUrls: Default -> "hxxps://www.google.com/?trackid=sp-006"
CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avast Online Security) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-12-15]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-15]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-03]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AERTFilters; C:\Windows\system32\AERTSrv.exe [77824 2007-12-05] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-03] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [109520 2015-12-03] (AVAST Software)
R2 HDDHealth; C:\Program Files\HDD Health\HDDHealthService.exe [17760 2013-03-08] () [File not signed]
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-21] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [580144 2015-08-06] (WiseCleaner.com)
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24016 2015-12-03] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26096 2015-12-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [81168 2015-12-18] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2014-08-02] (ALWIL Software)
R0 aswNdis2; C:\Windows\system32\Drivers\aswNdis2.sys [257720 2015-12-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55200 2015-12-03] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49776 2015-12-03] (AVAST Software)
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [812208 2016-01-21] () [File not signed]
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436360 2015-12-18] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [165104 2015-12-03] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [58016 2015-12-03] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [209432 2015-12-03] (AVAST Software)
R3 gttap1; C:\Windows\System32\DRIVERS\gttap1.sys [32552 2013-09-12] (The OpenVPN Project)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-01-27] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
S3 MOSUMAC; C:\Windows\System32\DRIVERS\MOSUMAC.SYS [43520 2009-12-10] (--)
R3 WiseHDInfo; C:\Windows\WiseHDInfo32.dll [13264 2015-11-23] (wisecleaner.com)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-27 20:23 - 2016-01-27 20:23 - 01721856 _____ (Farbar) C:\Users\Chris\Desktop\FRST.exe
2016-01-27 20:23 - 2016-01-27 20:23 - 00014143 _____ C:\Users\Chris\Desktop\FRST.txt
2016-01-26 20:16 - 2016-01-26 20:16 - 00000000 ____D C:\Users\Chris\Downloads\The.Gambler.2014.BRRip.XViD-ETRG
2016-01-26 13:34 - 2016-01-26 17:02 - 00000000 ____D C:\Users\Chris\Downloads\The.Sting.1973.BluRay.1080p.DTS.x264-CHD [PublicHD]
2016-01-26 13:34 - 2016-01-26 13:34 - 00056088 _____ C:\Users\Chris\AppData\Local\GDIPFONTCACHEV1.DAT
2016-01-26 13:32 - 2016-01-26 13:32 - 02026520 _____ (BitTorrent Inc.) C:\Users\Chris\Downloads\uTorrent(2).exe
2016-01-26 13:30 - 2016-01-26 13:30 - 02374320 _____ (PeerBlock, LLC ) C:\Users\Chris\Downloads\PeerBlock-Setup_v1.2_r693(1).exe
2016-01-26 13:28 - 2016-01-26 13:28 - 06361216 _____ (WiseCleaner.com ) C:\Users\Chris\Downloads\WiseCare365(1).exe
2016-01-21 16:21 - 2015-12-05 17:03 - 02873344 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-21 16:21 - 2015-12-05 17:03 - 01567744 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-21 16:21 - 2015-12-05 17:03 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-21 16:21 - 2015-12-05 17:03 - 01377792 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-21 16:21 - 2015-12-05 17:03 - 01326080 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-21 16:21 - 2015-12-05 17:03 - 01314816 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-21 16:21 - 2015-12-05 17:03 - 01114624 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-21 16:21 - 2015-12-05 17:03 - 00867328 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-21 16:21 - 2015-12-05 17:03 - 00767488 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-21 16:21 - 2015-12-05 17:03 - 00759296 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-21 16:21 - 2015-12-05 17:03 - 00650240 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-21 16:21 - 2015-12-05 17:03 - 00605184 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-21 16:21 - 2015-12-05 17:03 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-21 16:21 - 2015-12-05 17:03 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-21 16:21 - 2015-12-05 17:03 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-21 16:21 - 2015-12-05 17:03 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-21 16:21 - 2015-12-05 17:02 - 00853504 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-21 16:21 - 2015-12-05 17:02 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2VDEC.DLL
2016-01-21 16:21 - 2015-12-05 17:02 - 00606208 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-21 16:21 - 2015-12-05 17:02 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-21 16:21 - 2015-12-05 17:02 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-21 16:21 - 2015-12-05 17:02 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ADEC.DLL
2016-01-21 16:21 - 2015-12-05 17:02 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-21 16:21 - 2015-12-05 17:02 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-21 16:21 - 2015-12-05 17:02 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-21 16:21 - 2015-12-05 17:02 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-21 16:21 - 2015-12-05 17:02 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-21 16:21 - 2015-12-05 17:02 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-21 16:21 - 2015-12-05 17:02 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-21 16:21 - 2015-12-05 17:02 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-21 16:21 - 2015-12-05 16:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-21 16:20 - 2015-12-05 17:03 - 00506880 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-21 16:20 - 2015-12-05 17:02 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-21 16:20 - 2015-12-05 15:24 - 02068480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-01-21 16:20 - 2015-11-13 16:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-21 16:20 - 2015-11-13 16:56 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-21 16:20 - 2015-11-13 15:27 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
2016-01-21 16:19 - 2015-12-08 17:01 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-01-21 16:09 - 2015-12-05 17:02 - 00298496 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-21 16:07 - 2016-01-21 16:07 - 06805440 _____ (Piriform Ltd) C:\Users\Chris\Downloads\ccsetup513.exe
2016-01-21 16:06 - 2015-12-30 17:12 - 03609024 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-01-21 16:06 - 2015-12-30 17:12 - 03556800 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-01-21 14:07 - 2015-12-15 21:50 - 01814528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-01-21 14:07 - 2015-12-15 21:49 - 12388864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-01-21 14:07 - 2015-12-15 21:47 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-01-21 14:07 - 2015-12-15 21:46 - 09753088 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-01-21 14:07 - 2015-12-15 21:45 - 01140224 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-01-21 14:07 - 2015-12-15 21:45 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-01-21 14:07 - 2015-12-15 21:44 - 01804800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-01-21 14:07 - 2015-12-15 21:44 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-01-21 14:07 - 2015-12-15 21:44 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-01-21 14:07 - 2015-12-15 21:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-01-21 14:07 - 2015-12-15 21:44 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-01-21 14:07 - 2015-12-15 21:44 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-01-21 14:07 - 2015-12-15 21:44 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-01-21 14:07 - 2015-12-15 21:43 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-01-21 14:07 - 2015-12-15 21:43 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-01-21 14:07 - 2015-12-15 21:43 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-01-21 14:07 - 2015-12-15 21:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-01-21 14:07 - 2015-12-15 21:43 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-01-21 14:07 - 2015-12-15 21:43 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-01-21 14:07 - 2015-12-15 21:43 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-01-21 14:07 - 2015-12-15 21:43 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-01-21 14:07 - 2015-12-15 21:43 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-01-21 13:32 - 2016-01-21 13:43 - 00000000 ____D C:\Users\Chris\Downloads\rman films
2016-01-21 13:15 - 2016-01-21 13:15 - 02026520 _____ (BitTorrent Inc.) C:\Users\Chris\Downloads\uTorrent(1).exe
2016-01-21 13:02 - 2016-01-21 13:07 - 00000000 ____D C:\Windows\system32\rman films
2016-01-07 23:39 - 2016-01-27 20:16 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-01-02 23:24 - 2016-01-03 00:43 - 00000000 ____D C:\Users\Chris\Downloads\vbvv
2016-01-02 22:58 - 2016-01-02 23:32 - 00000000 ____D C:\Users\Chris\Downloads\ddreg
2016-01-02 22:57 - 2016-01-02 23:42 - 00000000 ____D C:\Users\Chris\Downloads\ddreg2
2015-12-28 23:30 - 2015-12-29 04:36 - 00000000 ____D C:\Users\Chris\Downloads\hoc22
2015-12-28 23:28 - 2015-12-28 23:39 - 00000000 ____D C:\Users\Chris\Downloads\hcc2

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-27 20:23 - 2015-11-17 01:45 - 00000000 ____D C:\FRST
2016-01-27 20:23 - 2012-06-03 08:55 - 00056320 _____ C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-01-27 20:17 - 2013-05-06 13:42 - 00000069 _____ C:\Windows\NeroDigital.ini
2016-01-27 20:16 - 2015-06-18 16:12 - 00000000 ____D C:\Program Files\PeerBlock
2016-01-27 20:15 - 2015-03-30 20:39 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Vso
2016-01-27 20:14 - 2014-06-02 21:04 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-27 20:11 - 2015-03-30 20:39 - 00001041 _____ C:\Users\Chris\AppData\Roaming\vso_ts_preview.xml
2016-01-27 19:58 - 2006-11-02 12:47 - 00005184 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-27 19:58 - 2006-11-02 12:47 - 00005184 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-27 19:46 - 2012-12-13 19:48 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-27 19:29 - 2014-06-02 21:10 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2016-01-27 18:00 - 2015-11-22 17:59 - 00000444 _____ C:\Windows\Tasks\ParetoLogic Registration3.job
2016-01-27 15:59 - 2015-11-27 13:30 - 00000376 _____ C:\Windows\Tasks\Wise Care 365.job
2016-01-27 13:00 - 2015-11-27 13:30 - 00000404 _____ C:\Windows\Tasks\Wise Turbo Checker.job
2016-01-27 03:44 - 2011-12-28 14:53 - 00000000 ____D C:\Users\Chris\Documents\ConvertXToDVD
2016-01-27 03:14 - 2014-06-02 21:04 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-26 22:48 - 2013-07-23 21:29 - 00000000 ____D C:\Users\Chris\AppData\Roaming\vlc
2016-01-26 13:33 - 2015-11-23 23:57 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Wise Care 365
2016-01-26 13:29 - 2011-12-31 13:09 - 00000000 ____D C:\Users\Chris\AppData\Local\CrashDumps
2016-01-26 13:29 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\inf
2016-01-26 13:26 - 2015-11-22 17:56 - 00000418 _____ C:\Windows\Tasks\ParetoLogic Update Version3.job
2016-01-24 16:00 - 2015-11-23 23:57 - 00001795 _____ C:\Users\Public\Desktop\Wise Care 365.lnk
2016-01-24 15:59 - 2015-11-22 17:56 - 00000470 _____ C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2016-01-24 15:59 - 2006-11-02 12:37 - 00000000 ___RD C:\Users\Public\Recorded TV
2016-01-24 15:58 - 2006-11-02 13:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-23 15:05 - 2006-11-02 13:01 - 00032544 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-01-21 17:19 - 2006-11-02 11:18 - 00000000 ____D C:\Windows\rescache
2016-01-21 17:03 - 2006-11-02 10:33 - 00749424 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-21 16:57 - 2013-05-08 15:51 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-21 16:54 - 2013-01-08 21:45 - 00000000 ____D C:\Windows\system32\RTCOM
2016-01-21 16:24 - 2013-05-08 15:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-21 16:19 - 2013-08-14 02:08 - 00000000 ____D C:\Windows\system32\MRT
2016-01-21 16:09 - 2006-11-02 10:24 - 141317472 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-01-21 16:08 - 2014-01-05 03:26 - 00000764 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-01-21 16:02 - 2014-01-05 03:26 - 00000000 ____D C:\Program Files\CCleaner
2016-01-21 14:17 - 2014-06-02 21:05 - 00001931 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-01-21 14:08 - 2015-11-17 20:46 - 00000000 ____D C:\Users\Chris\Desktop\New Folder (2)
2016-01-21 13:14 - 2012-12-13 19:48 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-01-21 13:14 - 2012-12-13 19:48 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-01-21 13:11 - 2013-10-31 00:26 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-01-21 13:10 - 2014-08-02 21:53 - 00812208 _____ C:\Windows\system32\Drivers\aswsnx.sys
2016-01-21 12:56 - 2015-11-22 18:06 - 00000000 ____D C:\Program Files\Wise
2016-01-01 13:16 - 2015-11-23 23:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2015-12-30 22:25 - 2012-12-19 18:53 - 00000000 ____D C:\Users\Chris\AppData\Roaming\dvdcss

==================== Files in the root of some directories =======

2011-12-28 14:52 - 2011-12-28 14:52 - 0007887 _____ () C:\Users\Chris\AppData\Roaming\pcouffin.cat
2011-12-28 14:52 - 2011-12-28 14:52 - 0001144 _____ () C:\Users\Chris\AppData\Roaming\pcouffin.inf
2011-12-28 14:52 - 2011-12-28 14:52 - 0047360 _____ (VSO Software) C:\Users\Chris\AppData\Roaming\pcouffin.sys
2013-06-10 18:39 - 2013-06-10 18:39 - 0029239 _____ () C:\Users\Chris\AppData\Roaming\UserTile.png
2015-03-30 20:39 - 2016-01-27 20:11 - 0001041 _____ () C:\Users\Chris\AppData\Roaming\vso_ts_preview.xml
2012-01-13 08:09 - 2013-04-28 21:18 - 0163945 _____ () C:\Users\Chris\AppData\Local\ars.cache
2012-01-13 08:10 - 2013-04-28 21:18 - 0910996 _____ () C:\Users\Chris\AppData\Local\census.cache
2013-05-06 11:27 - 2015-05-14 01:47 - 0000680 _____ () C:\Users\Chris\AppData\Local\d3d9caps.dat
2012-06-03 08:55 - 2016-01-27 20:23 - 0056320 _____ () C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-01-13 07:12 - 2012-01-13 07:12 - 0000036 _____ () C:\Users\Chris\AppData\Local\housecall.guid.cache

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-01-27 16:43

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version:27-01-2016
Ran by Chris (2016-01-27 20:24:13)
Running from C:\Users\Chris\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) (2011-02-04 10:32:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3299710142-3868310564-1978959094-500 - Administrator - Disabled)
Chris (S-1-5-21-3299710142-3868310564-1978959094-1001 - Administrator - Enabled) => C:\Users\Chris
Guest (S-1-5-21-3299710142-3868310564-1978959094-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM\...\Adobe AIR) (Version: 19.0.0.213 - Adobe Systems Incorporated)
Adobe Community Help (HKLM\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Download Assistant (HKLM\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.1.171 - Adobe Systems, Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Internet Security (HKLM\...\Avast) (Version: 11.1.2245 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
ConvertXtoDVD 4.0.9.322 (HKLM\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.0.9.322 - )
EasyBCD 1.7 (HKLM\...\EasyBCD) (Version: 1.7 - NeoSmart Technologies)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )
ffdshow [rev 2180] [2008-10-04] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
Google Chrome (HKLM\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.1 - Google Inc.) Hidden
HDD Health v4.2 (HKLM\...\HDD Health_is1) (Version:  - )
InPlay IPTV (HKLM\...\{4CE87481-C78C-4543-9AA0-2117CD5BF917}) (Version: 4.0.0 - Cobain ltd)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
K-Lite Codec Pack 7.0.0 (Standard) (HKLM\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
Leawo Video Converter version  5.1.0.0 (HKLM\...\{331ED3CF-3A1B-467C-9A62-899E2D3B20C4}_is1) (Version:  - )
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Excel Viewer 2003 (HKLM\...\{90840409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{A55747C1-4651-433D-B082-478874FF7516}) (Version: 6.3.0 - Motorola Mobility LLC)
Mozilla Firefox 44.0 (x86 en-US) (HKLM\...\Mozilla Firefox 44.0 (x86 en-US)) (Version: 44.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MPC-HC 1.7.0 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.0.7858 - MPC-HC Team)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nero 7 Lite 7.10.1.2 (HKLM\...\Nero7Lite_is1) (Version: 7.10.1.2 - UpdatePack.nl)
Panda Cloud Cleaner (HKLM\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.1.2 - Panda Security)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:  - )
SafeZone Stable 1.46.1990.139 (Version: 1.46.1990.139 - Avast Software) Hidden
Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Skitch (HKLM\...\Skitch 1.0.2.0) (Version: 2.2.0.4 - Evernote Corp.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Temp File Cleaner (HKLM\...\Temp File Cleaner) (Version: 4.2.2 - Addpcs, LLC)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.21 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wise Care 365 3.95 (HKLM\...\Wise Care 365_is1) (Version: 3.95 - WiseCleaner.com, Inc.)
YouTube Downloader App 3.00 (HKLM\...\YouTube Downloader App) (Version: 3.00 - Regensoft)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1927E206-D4F9-4C9B-ADB6-4F8FD1C2075F} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-03] (AVAST Software)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {226CEE75-CF8F-402A-8AF3-C4AAB22CFD4B} - System32\Tasks\Wise Turbo Checker => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe [2015-12-18] (WiseCleaner.COM)
Task: {5184F028-AA66-498B-8389-8BE4497A3485} - \avastBCLRestartS-1-5-21-3299710142-3868310564-1978959094-1001 -> No File <==== ATTENTION
Task: {5BFC4A2B-909F-4B84-91CF-970DA4517BC1} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-11-20] ()
Task: {6092D648-6209-4D6F-9B67-908F6DA777DD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {677CD573-8156-4B83-8781-B7646D6B0415} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-21] (Adobe Systems Incorporated)
Task: {85281012-34B8-4BAA-9EF3-93B5EA5F07FC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8A6403D3-82D2-4E66-8DBE-0E6A1517755E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {973015C7-6306-45B3-B67A-64054485E046} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-11-20] ()
Task: {9D99E420-AC3A-4C4E-9452-F6942FE9B0F7} - System32\Tasks\SafeZone scheduled Autoupdate 1449186754 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2015-12-01] (Avast Software)
Task: {9EEFDA3E-7CED-4A02-A761-4D2961EA1B52} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {C0BB004D-9824-4D0E-9F70-09C1D3B6DBDB} - System32\Tasks\WiseCleaner\AidSkipUAC => C:\Program Files\Wise\Wise PC 1stAid\WisePCAid.exe [2015-08-21] (WiseCleaner.com)
Task: {DC0B49E4-3258-40BE-81A6-B40E45F2E425} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {F134A5C6-2ED5-4DA9-840B-9AC93FA72BF8} - System32\Tasks\Wise Care 365 => C:\Program Files\Wise\Wise Care 365\WiseTray.exe [2015-12-18] (WiseCleaner.com)
Task: {F55F85D3-8FDE-479E-82E0-A9BB339AA8E2} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Windows\system32\rundll32.exeAC:\Program Files\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\Wise Care 365.job => C:\Program Files\Wise\Wise Care 365\WiseTray.exe
Task: C:\Windows\Tasks\Wise Turbo Checker.job => C:\Program Files\Wise\Wise Care 365\WiseTurbo.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-03-20 17:32 - 2015-12-03 23:36 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-20 17:32 - 2015-12-03 23:36 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-01-23 11:35 - 2016-01-23 11:35 - 02818048 _____ () C:\Program Files\AVAST Software\Avast\defs\16012300\algo.dll
2015-12-03 23:36 - 2015-12-03 23:36 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-01-27 20:17 - 2016-01-27 20:17 - 02818048 _____ () C:\Program Files\AVAST Software\Avast\defs\16012702\algo.dll
2014-03-25 05:27 - 2013-03-08 09:54 - 00017760 _____ () C:\Program Files\HDD Health\HDDHealthService.exe
2013-08-14 14:19 - 2013-08-14 14:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2015-03-14 02:20 - 2015-12-03 23:36 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-08-26 07:44 - 2015-08-26 07:44 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2008-10-23 12:05 - 2008-10-04 09:22 - 02494464 _____ () C:\Program Files\ffdshow\ffdshow.ax
2012-03-18 20:07 - 2011-10-28 16:13 - 00221581 _____ () C:\Program Files\K-Lite Codec Pack\Filters\LAV\avutil-lav-51.dll
2012-03-18 20:07 - 2011-10-28 16:13 - 06034229 _____ () C:\Program Files\K-Lite Codec Pack\Filters\LAV\avcodec-lav-53.dll
2012-03-18 20:07 - 2011-10-28 16:13 - 00337387 _____ () C:\Program Files\K-Lite Codec Pack\Filters\LAV\swscale-lav-2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\...\100sexlinks.com -> 100sexlinks.com

There are 5317 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-01-28 15:22 - 2015-11-17 21:35 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3299710142-3868310564-1978959094-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Chris\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [sLSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [sLSVC-In-TCP] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [{F4CFD83A-D58B-4331-9FC7-226F9784CDC4}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{12BEC677-E9D6-44B9-BABE-F2063712476A}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{63B46E60-3403-4499-A84A-2E131052042D}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{CB3C9927-8511-4003-A2F9-0F8653F9F993}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{89F6D647-8024-4E1F-8497-2A7AE8708831}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{B0445748-C9F0-4B94-BC0C-0FE10A3A055B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BCB8D66D-EAE0-4619-B7B9-76176D0CC46B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [WMPNSS-WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-Out-TCP-NoScope-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-Out-UDP-NoScope-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-In-UDP-NoScope-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{7B0956BD-F3D2-483D-B46D-8A8571258DC6}] => (Allow) LPort=80
FirewallRules: [{8AB470CC-8166-471A-8F5F-8CF24CBF9CE7}] => (Allow) LPort=80
FirewallRules: [{E72885C9-C635-4DBF-9775-C607C77F0F91}] => (Allow) LPort=80
FirewallRules: [{4FCEDEF2-A58A-4286-A6D3-4023E732B5B2}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

21-01-2016 16:06:10 Windows Update
23-01-2016 11:38:31 Windows Update
24-01-2016 17:18:28 Scheduled Checkpoint
26-01-2016 00:00:01 Scheduled Checkpoint
27-01-2016 04:10:14 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/27/2016 08:11:30 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\CHRIS\DOWNLOADS\GET HARD (2015) [1080P]\WWW.YTS.TO.JPG> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (01/27/2016 08:11:30 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\CHRIS\DOWNLOADS\GET HARD (2015) [1080P]\GET.HARD.2015.1080P.BLURAY.X264.YIFY.MP4> in the hash map cannot be updated.

Context:  Application, SystemIndex Catalog

Details:
    A device attached to the system is not functioning.   (0x8007001f)

Error: (01/24/2016 04:07:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application Explorer.EXE, version 6.0.6002.18005, time stamp 0x49e01da5, faulting module unknown, version 0.0.0.0, time stamp 0x00000000, exception code 0xc0000005, fault offset 0x000723ee,
process id 0x9cc, application start time 0xExplorer.EXE0.

Error: (01/21/2016 04:59:04 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application

Details:
    The content index metadata cannot be read.   (0xc0041801)

Error: (01/21/2016 04:59:04 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
    The content index metadata cannot be read.   (0xc0041801)

Error: (01/21/2016 04:59:04 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
    Element not found.   (0x80070490)

Error: (01/21/2016 04:58:56 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog

Details:
    The content index metadata cannot be read.   (0xc0041801)

Error: (01/21/2016 04:58:56 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog

Details:
    0x%08x (0x8004117f - The content index server cannot update or access information because of a database error.  Stop and restart the search service.  If the problem persists, reset and recrawl the content index.  In some cases it may be necessary to delete and recreate the content index.  )

Error: (01/21/2016 04:58:55 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: The Windows Search Service cannot open the Jet property store.

Details:
    0x%08x (0x8004117f - The content index server cannot update or access information because of a database error.  Stop and restart the search service.  If the problem persists, reset and recrawl the content index.  In some cases it may be necessary to delete and recreate the content index.  )

Error: (01/21/2016 04:20:52 PM) (Source: MsiInstaller) (EventID: 11704) (User: NT AUTHORITY)
Description: Product: Microsoft Office Word Viewer 2003 -- Error 1704. An installation for Adobe Refresh Manager is currently suspended.  You must undo the changes made by that installation to continue.  Do you want to undo those changes?


System errors:
=============
Error: (01/24/2016 03:59:51 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: aswSnx

Error: (01/23/2016 11:35:17 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: aswSnx

Error: (01/23/2016 11:34:56 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 17:21:00 on 21/01/2016 was unexpected.

Error: (01/21/2016 04:59:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Windows Search1300001Restart the service

Error: (01/21/2016 04:59:12 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Windows Search2147749155 (0x80040D23)

Error: (01/21/2016 04:58:22 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: aswSnx

Error: (01/21/2016 04:21:01 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: 0x80070644Security Update for Word Viewer (KB3114569){CF8C29BD-91B4-4548-A579-CCF8A0C8AF4F}201

Error: (01/21/2016 01:12:37 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: aswSnx

Error: (01/21/2016 01:12:15 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 13:10:30 on 21/01/2016 was unexpected.

Error: (01/21/2016 12:59:01 PM) (Source: volsnap) (EventID: 25) (User: )
Description: The shadow copies of volume C: were deleted because the shadow copy storage could not grow in time.  Consider reducing the IO load on the system or choose a shadow copy storage volume that is not being shadow copied.


CodeIntegrity:
===================================
  Date: 2016-01-27 20:23:48.829
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-27 20:23:48.563
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-27 20:23:48.361
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-27 20:23:48.127
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-27 19:30:58.016
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-27 19:30:57.804
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-27 19:30:57.597
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-27 19:30:57.387
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-27 19:30:57.181
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2016-01-27 19:30:56.974
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core2 Duo CPU E6750 @ 2.66GHz
Percentage of memory in use: 57%
Total physical RAM: 3060.45 MB
Available physical RAM: 1303.89 MB
Total Virtual: 6345.95 MB
Available Virtual: 3818.94 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:288.32 GB) (Free:161.57 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Recovery) (Fixed) (Total:9.77 GB) (Free:3.88 GB) NTFS ==>[system with boot components (obtained from drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 5ED7C68A)
Partition 1: (Active) - (Size=288.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=9.8 GB) - (Type=07 NTFS)
 

 

Link to post
Share on other sites

  • Root Admin

2016-01-26 20:16 - 2016-01-26 20:16 - 00000000 ____D C:\Users\Chris\Downloads\The.Gambler.2014.BRRip.XViD-ETRG
2016-01-26 13:34 - 2016-01-26 17:02 - 00000000 ____D C:\Users\Chris\Downloads\The.Sting.1973.BluRay.1080p.DTS.x264-CHD [PublicHD]

C:\USERS\CHRIS\DOWNLOADS\GET HARD (2015) [1080P]\WWW.YTS.TO.JPG

Error: (01/27/2016 08:11:30 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\CHRIS\DOWNLOADS\GET HARD (2015) [1080P]\GET.HARD.2015.1080P.BLURAY.X264.YIFY.MP4>


This topic will now be closed due to evidence of cracked or pirated software on this system.

Piracy Policy

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.