I've had some problems with malware in the past year and tried various antivirus programs to remove them, but I'm not sure if my computer is clean, that's why I'm posting
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-03-2017
Ran by Cheryl's (administrator) on CHERYLS-PC (08-03-2017 20:17:40)
Running from C:\Users\Cheryl's\Desktop
Loaded Profiles: Cheryl's (Available Profiles: Cheryl's)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\GNU\GnuPG\dirmngr.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(www.dennisbabkin.com) C:\Users\Cheryl's\Downloads\CompactTrayMeter\Compact Tray Meter.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Raptr, Inc) C:\Program Files\Raptr Inc\Raptr\raptr.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Raptr, Inc) C:\Program Files\Raptr Inc\Raptr\raptr_im.exe
(HP Inc.) C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Kakao) C:\Program Files\DAUM\PotPlayer\PotPlayerMini.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [StartCCC] => C:\Program Files\AMD\ATI.ACE\Core-Static\x86\CLIStart.exe [748744 2015-08-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Raptr] => C:\Program Files\Raptr Inc\Raptr\raptrstub.exe [58584 2016-09-29] (Raptr, Inc)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray.exe [536668 2016-09-20] (IDT, Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-12] (Intel Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2295080 2011-10-01] (Synaptics Incorporated)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-05] (AVAST Software)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [164152 2017-01-19] (Apple Inc.)
HKU\S-1-5-21-132226090-40037206-190124982-1000\...\Run: [Compact Tray Meter] => C:\Users\Cheryl's\Downloads\CompactTrayMeter\Compact Tray Meter.exe [3081672 2016-11-07] (www.dennisbabkin.com)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2016-07-31] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-03-05] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{9DBD8FFC-D2C4-4F22-88C5-D3DF9103C9CF}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-05] (AVAST Software)
FireFox:
========
FF DefaultProfile: vuj5uyzl.default
FF ProfilePath: C:\Users\Cheryl's\AppData\Roaming\Mozilla\Firefox\Profiles\vuj5uyzl.default [2017-01-19]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017-03-05]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-03-05]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-24] (Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2017-01-03]
Chrome:
=======
CHR HomePage: Default -> hxxps://www.facebook.com/
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Cheryl's\AppData\Local\Google\Chrome\User Data\Default [2017-03-08]
CHR Extension: (Google Slides) - C:\Users\Cheryl's\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-07-22]
CHR Extension: (Google Docs) - C:\Users\Cheryl's\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-07-22]
CHR Extension: (Google Drive) - C:\Users\Cheryl's\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-07-22]
CHR Extension: (YouTube) - C:\Users\Cheryl's\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-07-22]
CHR Extension: (Google Cast) - C:\Users\Cheryl's\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2016-09-30]
CHR Extension: (LoL Stream Browser) - C:\Users\Cheryl's\AppData\Local\Google\Chrome\User Data\Default\Extensions\edidfaijmhpefkbnobdcepampbncgejp [2016-07-22]
CHR Extension: (Avast SafePrice) - C:\Users\Cheryl's\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-11-15]
CHR Extension: (Google Sheets) - C:\Users\Cheryl's\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-07-22]
CHR Extension: (Google Docs Offline) - C:\Users\Cheryl's\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-07-28]
CHR Extension: (AdBlock) - C:\Users\Cheryl's\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-27]
CHR Extension: (Avast Online Security) - C:\Users\Cheryl's\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-01]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\Cheryl's\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2017-02-17]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\Cheryl's\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2016-07-22]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Cheryl's\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\Cheryl's\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-07-22]
CHR Extension: (Chrome Media Router) - C:\Users\Cheryl's\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-10]
CHR Extension: (Sci-Hub) - C:\Users\Cheryl's\Documents\Aidan\Sci-Hub [2016-10-16] [UpdateUrl: hxxp://31.184.194.81/update] <==== ATTENTION
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5545144 2017-03-05] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-05] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [278784 2017-03-05] (AVAST Software)
R2 DirMngr; C:\Program Files\GNU\GnuPG\dirmngr.exe [216576 2016-07-05] () [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [31776 2016-12-07] (HP Inc.)
S2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1796200 2016-09-20] (Realsil Microelectronics Inc.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [274514 2016-09-20] (IDT, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriverx.sys [257288 2017-03-05] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidshx.sys [148720 2017-03-05] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswblogx.sys [267016 2017-03-05] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbunivx.sys [41176 2017-03-05] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34136 2017-03-05] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [31064 2017-03-05] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [106392 2017-03-05] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [27896 2017-03-05] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [355752 2017-03-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [90336 2017-03-05] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [62152 2017-03-05] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [756200 2017-03-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [463936 2017-03-05] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [118288 2017-03-05] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [278776 2017-03-05] (AVAST Software)
R3 intelkmd; C:\Windows\System32\DRIVERS\igdpmd32.sys [10843136 2011-08-09] (Intel Corporation)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2010-10-19] (Intel Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
S3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [254568 2016-09-20] (Realtek Semiconductor Corp.)
R1 ZAM; C:\Windows\System32\drivers\zam32.sys [181496 2017-01-04] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard32.sys [181496 2017-01-04] (Zemana Ltd.)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-08 20:17 - 2017-03-08 20:23 - 00013372 _____ C:\Users\Cheryl's\Desktop\FRST.txt
2017-03-08 20:15 - 2017-03-08 20:16 - 01765888 _____ (Farbar) C:\Users\Cheryl's\Desktop\FRST.exe
2017-03-08 20:05 - 2017-03-08 20:05 - 05200384 _____ (AVAST Software) C:\Users\Cheryl's\Desktop\aswmbr.exe
2017-03-07 17:33 - 2017-03-07 17:33 - 00000000 ____D C:\Users\Cheryl's\Documents\Sensitive Information
2017-03-06 22:18 - 2017-03-06 22:18 - 00000000 ____D C:\Users\Cheryl's\Downloads\Arrow
2017-03-06 22:16 - 2017-03-06 22:52 - 00000000 ____D C:\Users\Cheryl's\Downloads\The.Good.Fight.S01E01.EXTENDED.WEBRip.X264-DEFLATE[ettv]
2017-03-06 22:12 - 2017-03-07 01:41 - 00000000 ____D C:\Users\Cheryl's\Downloads\Banshee S01 Complete Season 1 720p BRRip x264 AAC DD5.1-PSYPHER
2017-03-06 22:07 - 2017-03-06 22:27 - 00000000 ____D C:\Users\Cheryl's\Downloads\Broad City
2017-03-06 22:07 - 2017-03-06 22:21 - 00000000 ____D C:\Users\Cheryl's\Downloads\Eastbound And Down Season 1 Complete 720p
2017-03-05 22:14 - 2017-03-05 22:16 - 00000000 ____D C:\Users\Cheryl's\Downloads\TV
2017-03-05 22:10 - 2017-03-05 22:14 - 00000000 ____D C:\Users\Cheryl's\Downloads\Psychology
2017-03-05 16:54 - 2017-03-05 16:54 - 00002003 _____ C:\Users\Public\Desktop\Avast Internet Security.lnk
2017-03-05 16:54 - 2017-03-05 16:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2017-03-05 16:42 - 2017-03-05 16:35 - 00355752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2017-03-05 16:42 - 2017-03-05 16:35 - 00267016 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswblogx.sys
2017-03-05 16:42 - 2017-03-05 16:35 - 00257288 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdriverx.sys
2017-03-05 16:42 - 2017-03-05 16:35 - 00148720 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidshx.sys
2017-03-05 16:42 - 2017-03-05 16:35 - 00041176 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbunivx.sys
2017-03-05 16:38 - 2017-03-05 16:38 - 00328208 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-05 16:35 - 2017-03-05 16:35 - 00027896 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetNd6.sys
2017-03-05 16:00 - 2017-03-05 16:00 - 00000000 ____D C:\Users\Cheryl's\Downloads\Taboo
2017-03-04 22:25 - 2017-03-06 10:54 - 00000000 ____D C:\Users\Cheryl's\Downloads\Community Season 2
2017-03-04 21:30 - 2017-03-05 18:42 - 00000000 ____D C:\Users\Cheryl's\Downloads\Community season 1 Complete HDTV Bzingaz
2017-03-04 19:51 - 2017-03-05 16:40 - 00000000 ____D C:\Users\Cheryl's\Downloads\The Office US - The Complete Season 7 [HDTV]
2017-03-04 18:36 - 2017-03-05 16:48 - 00000000 ____D C:\Users\Cheryl's\Downloads\The Office US Season 9 [HDTV]
2017-03-04 18:32 - 2017-03-07 17:32 - 00000000 ____D C:\Users\Cheryl's\Downloads\The Office Season 2 DvDrip-McTav
2017-03-04 18:32 - 2017-03-05 17:49 - 00000000 ____D C:\Users\Cheryl's\Downloads\The Office Season 8
2017-03-04 18:29 - 2017-03-04 19:02 - 00000000 ____D C:\Users\Cheryl's\Downloads\The Office-Season 6 Complete
2017-03-04 18:27 - 2017-03-04 19:44 - 00000000 ____D C:\Users\Cheryl's\Downloads\The Office Season 3 DvDrip-McTav
2017-03-04 18:27 - 2017-03-04 18:58 - 00000000 ____D C:\Users\Cheryl's\Downloads\The Office Season 4 DvDrip-McTav
2017-03-04 18:26 - 2017-03-05 16:38 - 00000000 ____D C:\Users\Cheryl's\Downloads\The Office Season 5 DvDrip-McTav
2017-03-04 14:00 - 2017-03-04 17:10 - 00000000 ____D C:\Users\Cheryl's\Downloads\s1
2017-03-04 13:59 - 2017-03-04 17:08 - 00000000 ____D C:\Users\Cheryl's\Downloads\30 Rock Season 1 Complete HDTV-soagg
2017-03-04 12:32 - 2017-03-04 12:40 - 191770212 ____R C:\Users\Cheryl's\Downloads\Its.Always.Sunny.in.Philadelphia.S12E09.HDTV.x264-SVA[eztv].mkv
2017-03-03 05:32 - 2017-03-03 22:46 - 2268462262 _____ C:\Users\Cheryl's\Downloads\mfst.15.08.31.audrey.bitoni.3dh.mp4
2017-03-01 10:01 - 2017-03-01 10:25 - 804968961 _____ C:\Users\Cheryl's\Downloads\Its.Always.Sunny.in.Philadelphia.S12E08.720p.HDTV.x264-AVS[eztv].mkv
2017-03-01 10:01 - 2017-03-01 10:13 - 248526296 _____ C:\Users\Cheryl's\Downloads\Its.Always.Sunny.in.Philadelphia.S12E06.PROPER.HDTV.x264-KILLERS[eztv].mkv
2017-03-01 10:01 - 2017-03-01 10:13 - 237810688 _____ C:\Users\Cheryl's\Downloads\Its.Always.Sunny.in.Philadelphia.S12E07.HDTV.x264-SVA[eztv].mkv
2017-02-27 14:21 - 2017-03-06 14:20 - 00000021 _____ C:\Windows\S.dirmngr
2017-02-17 13:58 - 2017-02-17 13:58 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-02-17 13:58 - 2017-02-17 13:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-02-17 13:57 - 2017-02-17 13:58 - 00000000 ____D C:\Program Files\iTunes
2017-02-12 14:46 - 2017-02-12 15:01 - 00000000 ____D C:\Users\Cheryl's\Downloads\Legion.S01E01.PROPER.HDTV.x264-KILLERS[ettv]
2017-02-07 13:24 - 2017-02-07 13:26 - 00000000 ____D C:\Users\Cheryl's\Downloads\Lion.2016.DVDScr.XVID.AC3.HQ.Hive-CM8
2017-02-07 12:56 - 2017-02-07 12:56 - 00935505 _____ C:\Users\Cheryl's\Downloads\How to Win Friends and Influence People.pdf
2017-02-07 11:59 - 2017-02-07 11:59 - 00000000 ____D C:\Users\Cheryl's\Downloads\The Subtle Art of Not Giving a Fck - A Counterintuitive Approach to Living a Good Life (2016) (Epub) Gooner
2017-02-07 11:58 - 2017-02-07 12:06 - 198159873 _____ C:\Users\Cheryl's\Downloads\Its.Always.Sunny.in.Philadelphia.S12E04.HDTV.x264-KILLERS[eztv].mkv
2017-02-07 11:58 - 2017-02-07 12:05 - 174975407 _____ C:\Users\Cheryl's\Downloads\Its.Always.Sunny.in.Philadelphia.S12E05.HDTV.x264-FLEET[eztv].mkv
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-08 20:23 - 2017-01-04 02:49 - 00295606 _____ C:\Windows\ZAM.krnl.trace
2017-03-08 20:23 - 2017-01-04 02:49 - 00270441 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-03-08 20:21 - 2009-07-14 15:34 - 00013536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-08 20:21 - 2009-07-14 15:34 - 00013536 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-08 20:13 - 2016-07-30 23:26 - 00000000 ____D C:\Users\Cheryl's\AppData\Roaming\uTorrent
2017-03-08 20:05 - 2016-11-08 07:05 - 00000000 ____D C:\Users\Cheryl's\Desktop\FRST-OlderVersion
2017-03-08 20:05 - 2016-11-06 15:16 - 00000000 ____D C:\FRST
2017-03-08 16:01 - 2016-07-22 16:37 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-08 16:01 - 2009-07-14 13:37 - 00000000 ____D C:\Windows\inf
2017-03-07 15:52 - 2016-09-30 18:36 - 00000000 ____D C:\Users\Cheryl's\AppData\LocalLow\uTorrent
2017-03-06 18:12 - 2016-11-30 09:23 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-03-06 16:29 - 2016-11-07 08:49 - 00000000 ____D C:\ProgramData\AVAST Software
2017-03-06 14:23 - 2016-09-20 14:05 - 00000000 ____D C:\Users\Cheryl's\AppData\Roaming\Raptr
2017-03-06 14:20 - 2009-07-14 15:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-05 16:38 - 2016-11-07 09:05 - 00463936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2017-03-05 16:38 - 2016-11-07 09:05 - 00278776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2017-03-05 16:38 - 2016-11-07 09:05 - 00118288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-03-05 16:38 - 2016-11-07 09:05 - 00106392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-03-05 16:38 - 2016-11-07 09:05 - 00090336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-03-05 16:38 - 2016-11-07 09:05 - 00062152 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-03-05 16:38 - 2016-11-07 09:05 - 00034136 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-03-05 16:37 - 2016-11-07 09:09 - 00031064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-03-05 16:37 - 2016-11-07 09:05 - 00756200 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-02-24 10:48 - 2016-11-21 20:05 - 00000000 ____D C:\Windows\system32\MRT
2017-02-24 10:44 - 2016-11-21 20:05 - 135086848 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-23 15:04 - 2016-10-07 15:10 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-17 13:57 - 2016-11-07 09:37 - 00000000 ____D C:\Program Files\iPod
2017-02-17 13:57 - 2016-08-15 18:39 - 00000000 ____D C:\Program Files\Common Files\Apple
2017-02-07 12:29 - 2016-07-22 17:54 - 00002141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-07 12:29 - 2016-07-22 17:54 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk
Some files in TEMP:
====================
2016-12-14 21:48 - 2016-12-01 09:31 - 0050720 _____ (HP Inc.) C:\Users\Cheryl's\AppData\Local\Temp\ACLMInstaller.exe
2016-10-21 04:26 - 2016-10-21 04:26 - 2458672 _____ (The OpenSSL Project, http://www.openssl.org/) C:\Users\Cheryl's\AppData\Local\Temp\libeay32.dll
2016-10-21 04:26 - 2016-10-21 04:26 - 0970912 _____ (Microsoft Corporation) C:\Users\Cheryl's\AppData\Local\Temp\msvcr120.dll
2016-10-21 04:26 - 2016-10-21 04:26 - 0772672 _____ () C:\Users\Cheryl's\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-03-04 14:31
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-03-2017
Ran by Cheryl's (08-03-2017 20:29:57)
Running from C:\Users\Cheryl's\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2016-07-22 05:28:50)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-132226090-40037206-190124982-500 - Administrator - Disabled)
Cheryl's (S-1-5-21-132226090-40037206-190124982-1000 - Administrator - Enabled) => C:\Users\Cheryl's
Guest (S-1-5-21-132226090-40037206-190124982-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Enabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{17A7AA54-B23B-22B7-CDD5-C51122056415}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM\...\{9BA1A894-B42F-4805-BC8C-349C905A3930}) (Version: 5.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D9F3D66A-9885-4DDD-A800-9DDF488359A1}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Avast Internet Security (HKLM\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.100.82.86 - Broadcom Corporation)
Cisco EAP-FAST Module (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
EPUB File Reader (HKLM\...\{818C5857-5C74-4CAC-9F43-E5597086852D}_is1) (Version: - epubfilereader.com)
Google Chrome (HKLM\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
Gpg4win (2.3.2) (HKLM\...\GPG4Win) (Version: 2.3.2 - The Gpg4win Project)
HP Support Solutions Framework (HKLM\...\{2B5A1E68-6617-406D-B797-5DAB5B4630B8}) (Version: 12.5.32.203 - HP Inc.)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6324.0 - IDT)
Intel(R) Display Audio Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
iTunes (HKLM\...\{B7C4ABF3-59A7-47AB-A72E-956BA5B4841C}) (Version: 12.5.5.5 - Apple Inc.)
League of Legends (HKLM\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
League of Legends (Version: 4.1.2 - Riot Games) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Maple 2015 (HKLM\...\Maple 2015) (Version: 2015 - Maplesoft)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 50.0.1 (x86 en-GB) (HKLM\...\Mozilla Firefox 50.0.1 (x86 en-GB)) (Version: 50.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 50.0.1.6171 - Mozilla)
MPC-HC 1.7.10 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.10 - MPC-HC Team)
PlaysTV (HKLM\...\PlaysTV) (Version: 1.16.4-r118179-release - Plays.tv, LLC)
Potplayer (HKLM\...\PotPlayer) (Version: - Kakao Corp.)
PX Profile Update (Version: 1.00.1. - AMD) Hidden
Raptr (HKLM\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek PCIE Card Reader (HKLM\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.85 - Realtek Semiconductor Corp.)
SafeZone Stable 3.55.2393.561 (Version: 3.55.2393.561 - Avast Software) Hidden
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.27.1 - Synaptics Incorporated)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WinDirStat 1.1.2 (HKU\S-1-5-21-132226090-40037206-190124982-1000\...\WinDirStat) (Version: - )
WinPcap 4.1.3 (HKLM\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Wireshark 2.2.1 (32-bit) (HKLM\...\Wireshark) (Version: 2.2.1 - The Wireshark developer community, hxxps://www.wireshark.org)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00CD3D72-1071-485C-95C5-5F825C52F534} - System32\Tasks\{00C9150D-D9B1-4577-97FA-00F48424807A} => pcalua.exe -a C:\Users\Cheryl's\Documents\sp54841.exe -d C:\Users\Cheryl's\Documents
Task: {1B65FDA1-A1BF-4A13-8B6C-0E1968009ED0} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-30] (AVAST Software)
Task: {27876A55-071D-47BD-AE0E-C204D1394DAB} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-05] (AVAST Software)
Task: {28A91346-8F34-423C-A491-C0B25D298C79} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-12-07] (HP Inc.)
Task: {635A2D1F-E105-4942-9F36-2A227E99C4B9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-07-22] (Google Inc.)
Task: {8C24AFAC-D468-40BB-B573-5C2371B872E8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {C5E62E23-35EB-4FC9-82ED-8975E5ABB4C8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-12-21] (HP Inc.)
Task: {C8DB2471-C01B-4653-8A87-470B1D756C6F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-07-22] (Google Inc.)
Task: {CE57471D-9DDC-43B8-A0B3-B88A24E7160D} - System32\Tasks\SafeZone scheduled Autoupdate 1478470170 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-02-16] (Avast Software)
Task: {D85A20A8-2762-4AC9-A11D-66A81BE3E913} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\Windows\system32\EOSNotify.exe [2016-06-26] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-03-05 16:37 - 2017-03-05 16:37 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-03-06 10:47 - 2017-03-06 10:47 - 05985944 _____ () C:\Program Files\AVAST Software\Avast\defs\17030503\algo.dll
2017-03-05 16:37 - 2017-03-05 16:37 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-03-08 05:04 - 2017-03-08 05:04 - 05883904 _____ () C:\Program Files\AVAST Software\Avast\defs\17030705\algo.dll
2016-10-05 18:18 - 2016-10-05 18:18 - 00080184 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 01041720 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-07-05 21:50 - 2016-07-05 21:50 - 00216576 _____ () C:\Program Files\GNU\GnuPG\dirmngr.exe
2016-07-05 21:38 - 2016-07-05 21:38 - 00222720 _____ () C:\Program Files\GNU\GnuPG\libksba-8.dll
2016-07-05 21:32 - 2016-07-05 21:32 - 00103424 _____ () C:\Program Files\GNU\GnuPG\libgpg-error-0.dll
2016-07-05 21:27 - 2016-07-05 21:27 - 00050176 _____ () C:\Program Files\GNU\GnuPG\libw32pth-0.dll
2016-07-05 21:38 - 2016-07-05 21:38 - 00073728 _____ () C:\Program Files\GNU\GnuPG\libassuan-0.dll
2016-07-05 21:41 - 2016-07-05 21:41 - 00750592 _____ () C:\Program Files\GNU\GnuPG\libgcrypt-20.dll
2011-08-09 11:44 - 2011-08-09 11:44 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2016-11-07 09:05 - 2016-11-07 09:05 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-03-05 16:35 - 2017-03-05 16:35 - 00290352 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2010-11-23 09:56 - 2010-11-23 09:56 - 00087040 _____ () C:\Program Files\Raptr Inc\Raptr\_ctypes.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00043008 _____ () C:\Program Files\Raptr Inc\Raptr\_socket.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00805376 _____ () C:\Program Files\Raptr Inc\Raptr\_ssl.pyd
2014-05-14 10:26 - 2014-05-14 10:26 - 05812736 _____ () C:\Program Files\Raptr Inc\Raptr\PyQt4.QtGui.pyd
2014-05-14 10:26 - 2014-05-14 10:26 - 00067584 _____ () C:\Program Files\Raptr Inc\Raptr\sip.pyd
2014-05-14 10:26 - 2014-05-14 10:26 - 01662464 _____ () C:\Program Files\Raptr Inc\Raptr\PyQt4.QtCore.pyd
2014-05-14 10:26 - 2014-05-14 10:26 - 00494592 _____ () C:\Program Files\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 09:57 - 2010-11-23 09:57 - 00096256 _____ () C:\Program Files\Raptr Inc\Raptr\win32api.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00110592 _____ () C:\Program Files\Raptr Inc\Raptr\pywintypes26.dll
2010-11-23 09:56 - 2010-11-23 09:56 - 00010240 _____ () C:\Program Files\Raptr Inc\Raptr\select.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00356864 _____ () C:\Program Files\Raptr Inc\Raptr\_hashlib.pyd
2010-11-23 09:57 - 2010-11-23 09:57 - 00036352 _____ () C:\Program Files\Raptr Inc\Raptr\win32process.pyd
2010-11-23 09:57 - 2010-11-23 09:57 - 00111104 _____ () C:\Program Files\Raptr Inc\Raptr\win32file.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00044544 _____ () C:\Program Files\Raptr Inc\Raptr\_sqlite3.pyd
2011-02-16 05:17 - 2011-02-16 05:17 - 00417501 _____ () C:\Program Files\Raptr Inc\Raptr\sqlite3.dll
2010-11-23 09:57 - 2010-11-23 09:57 - 00167936 _____ () C:\Program Files\Raptr Inc\Raptr\win32gui.pyd
2014-05-14 10:26 - 2014-05-14 10:26 - 00313856 _____ () C:\Program Files\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00127488 _____ () C:\Program Files\Raptr Inc\Raptr\pyexpat.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00009216 _____ () C:\Program Files\Raptr Inc\Raptr\winsound.pyd
2015-10-22 07:29 - 2015-10-22 07:29 - 00113171 _____ () C:\Program Files\Raptr Inc\Raptr\libvlc.dll
2015-10-22 07:29 - 2015-10-22 07:29 - 02396691 _____ () C:\Program Files\Raptr Inc\Raptr\libvlccore.dll
2010-11-23 09:56 - 2010-11-23 09:56 - 00583680 _____ () C:\Program Files\Raptr Inc\Raptr\unicodedata.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00324608 _____ () C:\Program Files\Raptr Inc\Raptr\PIL._imaging.pyd
2015-06-27 10:09 - 2015-06-27 10:09 - 00271872 _____ () C:\Program Files\Raptr Inc\Raptr\amd_ags.dll
2017-03-05 16:35 - 2017-03-05 16:35 - 00134920 _____ () c:\Program Files\AVAST Software\Avast\vaarclient.dll
2010-11-23 09:57 - 2010-11-23 09:57 - 00141312 _____ () C:\Program Files\Raptr Inc\Raptr\gobject._gobject.pyd
2016-04-20 04:08 - 2016-04-20 04:08 - 02717595 _____ () C:\Program Files\Raptr Inc\Raptr\heliotrope._purple.pyd
2011-02-16 05:17 - 2011-02-16 05:17 - 01213633 _____ () C:\Program Files\Raptr Inc\Raptr\libxml2-2.dll
2010-11-23 10:06 - 2010-11-23 10:06 - 00055808 _____ () C:\Program Files\Raptr Inc\Raptr\zlib1.dll
2013-05-10 10:52 - 2013-05-10 10:52 - 00495680 _____ () C:\Program Files\Raptr Inc\Raptr\plugins\libaim.dll
2013-05-10 10:52 - 2013-05-10 10:52 - 01183699 _____ () C:\Program Files\Raptr Inc\Raptr\liboscar.dll
2013-05-10 10:52 - 2013-05-10 10:52 - 00483306 _____ () C:\Program Files\Raptr Inc\Raptr\plugins\libicq.dll
2013-05-04 05:57 - 2013-05-04 05:57 - 00655356 _____ () C:\Program Files\Raptr Inc\Raptr\plugins\libirc.dll
2013-05-04 05:56 - 2013-05-04 05:56 - 01306387 _____ () C:\Program Files\Raptr Inc\Raptr\plugins\libmsn.dll
2013-05-04 05:56 - 2013-05-04 05:56 - 00565461 _____ () C:\Program Files\Raptr Inc\Raptr\plugins\libxmpp.dll
2013-05-04 05:57 - 2013-05-04 05:57 - 01640221 _____ () C:\Program Files\Raptr Inc\Raptr\libjabber.dll
2013-05-04 05:56 - 2013-05-04 05:56 - 00506276 _____ () C:\Program Files\Raptr Inc\Raptr\plugins\libyahoo.dll
2013-05-04 05:57 - 2013-05-04 05:57 - 01053730 _____ () C:\Program Files\Raptr Inc\Raptr\libymsg.dll
2013-05-04 05:57 - 2013-05-04 05:57 - 00497782 _____ () C:\Program Files\Raptr Inc\Raptr\plugins\libyahoojp.dll
2013-05-04 05:57 - 2013-05-04 05:57 - 00603326 _____ () C:\Program Files\Raptr Inc\Raptr\plugins\ssl-nss.dll
2013-05-04 05:57 - 2013-05-04 05:57 - 00474199 _____ () C:\Program Files\Raptr Inc\Raptr\plugins\ssl.dll
2016-09-20 15:22 - 2016-09-20 15:22 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\61a733954a0da9a5988d596c76b2b891\IsdiInterop.ni.dll
2016-09-20 15:22 - 2011-01-12 18:56 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2016-10-28 15:20 - 2016-10-28 15:20 - 14018560 _____ () C:\Program Files\DAUM\PotPlayer\ffcodec.dll
2016-10-22 01:07 - 2016-12-23 15:25 - 00265216 _____ () C:\Program Files\DAUM\PotPlayer\Module\FFmpeg\FFmpegMininum.dll
2017-02-07 12:29 - 2017-02-01 20:01 - 01870168 _____ () C:\Program Files\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-07 12:29 - 2017-02-01 20:01 - 00085848 _____ () C:\Program Files\Google\Chrome\Application\56.0.2924.87\libegl.dll
2017-01-13 13:56 - 2017-01-13 13:56 - 00189752 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 13:04 - 2016-11-08 07:06 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-132226090-40037206-190124982-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Cheryl's\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{507CC705-A613-4655-ABF3-53D04BCCAE4E}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{4A5D1F81-BC09-46B4-9384-1A78379592F5}C:\program files\google\chrome\application\chrome.exe] => (Allow) C:\program files\google\chrome\application\chrome.exe
FirewallRules: [{A76EAD0C-2AA8-4171-98F4-7AA6A85E7A6F}] => (Block) C:\program files\google\chrome\application\chrome.exe
FirewallRules: [{F11EE74A-D34B-4C12-8B71-E0D85C369B8A}] => (Block) C:\program files\google\chrome\application\chrome.exe
FirewallRules: [{9E1C433C-A077-475A-BA75-D8E612A0BD5B}] => (Allow) C:\Program Files\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{13C79CF3-EEE9-4421-9A33-9D9D92CA354C}] => (Allow) C:\Program Files\Raptr Inc\PlaysTV\playstv.exe
FirewallRules: [{075D6E3D-A772-424F-A7E6-AF3DCFE0595E}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{DAE1FB1B-7FE6-4E19-AA42-BAF396D73D4A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{AB16460C-3C5D-492F-AAFE-E04D746CF51B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{91FC0C8C-9F5B-46FD-A0DD-DEEA8A5E599A}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{ADED2FA1-5050-40B9-BEB7-80509B83F10B}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe
==================== Restore Points =========================
==================== Faulty Device Manager Devices =============
Name: BCM20702A0
Description: BCM20702A0
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/08/2017 05:45:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 14165
Error: (03/08/2017 05:45:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 14165
Error: (03/08/2017 05:45:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/08/2017 05:45:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13151
Error: (03/08/2017 05:45:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13151
Error: (03/08/2017 05:45:55 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/08/2017 05:45:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12153
Error: (03/08/2017 05:45:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12153
Error: (03/08/2017 05:45:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/08/2017 05:45:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11154
System errors:
=============
Error: (03/08/2017 06:25:33 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR13.
Error: (03/08/2017 04:10:46 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (03/07/2017 12:32:18 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (03/07/2017 08:00:47 AM) (Source: volsnap) (EventID: 35) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage failed to grow.
Error: (03/06/2017 10:06:19 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR11.
Error: (03/06/2017 02:21:54 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The DirMngr service hung on starting.
Error: (03/06/2017 02:21:43 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Apple Mobile Device service hung on starting.
Error: (03/06/2017 02:19:51 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:53:55 PM on 6/03/2017 was unexpected.
Error: (03/06/2017 12:28:33 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 88) (User: )
Description: The system was hibernated due to a critical thermal event.
Hibernate Time = 2017-03-05T13:28:33.720249700Z
ACPI Thermal Zone = ACPI\ThermalZone\TZ01
_HOT = 373K
Error: (03/06/2017 12:28:28 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 88) (User: )
Description: The system was hibernated due to a critical thermal event.
Hibernate Time = 2017-03-05T13:28:28.699962600Z
ACPI Thermal Zone = ACPI\ThermalZone\TZ01
_HOT = 373K
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 82%
Total physical RAM: 2509.86 MB
Available physical RAM: 434.03 MB
Total Virtual: 5600.37 MB
Available Virtual: 1094.04 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:576.66 GB) (Free:60.99 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Recovery) (Fixed) (Total:15.34 GB) (Free:1.7 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.08 GB) FAT32
Drive g: (George Stylin) (Fixed) (Total:931.48 GB) (Free:326.6 GB) NTFS
Drive h: (SYSTEM) (Fixed) (Total:0.19 GB) (Free:0.16 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 7C9631CA)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=576.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=4 GB) - (Type=0C)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: AEC235ED)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2017-03-08 20:45:31
-----------------------------
20:45:31.897 OS Version: Windows 6.1.7601 Service Pack 1
20:45:31.897 Number of processors: 4 586 0x2A07
20:45:31.898 ComputerName: CHERYLS-PC UserName: Cheryl's
20:45:34.388 Initialize success
20:45:34.393 VM: initialized successfully
20:45:34.394 VM: Intel CPU BiosDisabled
20:45:42.024 AVAST engine defs: 17030705
20:45:44.982 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
20:45:44.990 Disk 0 Vendor: Hitachi_ JEDO Size: 610480MB BusType: 3
20:45:45.176 Disk 0 MBR read successfully
20:45:45.180 Disk 0 MBR scan
20:45:45.212 Disk 0 Windows 7 default MBR code
20:45:45.241 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
20:45:45.248 Disk 0 default boot code
20:45:45.270 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 590504 MB offset 409600
20:45:45.307 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 15712 MB offset 1209761792
20:45:45.358 Disk 0 Partition 4 00 0C FAT32 LBA MSDOS5.0 4063 MB offset 1241939968
20:45:45.409 Disk 0 scanning sectors +1250261680
20:45:45.637 Disk 0 scanning C:\Windows\system32\drivers
20:46:14.387 Service scanning
20:47:02.315 Modules scanning
20:47:02.324 Disk 0 trace - called modules:
20:47:02.333
20:47:04.391 AVAST engine scan C:\Windows
20:47:08.977 AVAST engine scan C:\Windows\system32
21:20:42.261 AVAST engine scan C:\Windows\system32\drivers
21:30:13.558 AVAST engine scan C:\Users\Cheryl's
21:57:43.098 Disk 0 MBR has been saved successfully to "C:\Users\Cheryl's\Desktop\MBR.dat"
21:57:43.308 The log file has been saved successfully to "C:\Users\Cheryl's\Desktop\aswMBR.txt"