Here's the second log:
Additional scan result of Farbar Recovery Scan Tool (x64) Version:30-11-2015
Ran by Harry (2015-12-01 15:48:09)
Running from C:\Users\Harry\Downloads
Windows 10 Home (X64) (2015-08-08 16:14:47)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2479479765-3668739851-1582905240-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2479479765-3668739851-1582905240-503 - Limited - Disabled)
Guest (S-1-5-21-2479479765-3668739851-1582905240-501 - Limited - Disabled)
Harry (S-1-5-21-2479479765-3668739851-1582905240-1000 - Administrator - Enabled) => C:\Users\Harry
HomeGroupUser$ (S-1-5-21-2479479765-3668739851-1582905240-1005 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.)
ABBYY FineReader 5.0 Sprint Plus (HKLM-x32\...\{D1696920-9794-4BBC-8A30-7A88763DE5A2}) (Version: 5.0.0.33517 - ABBYY Software House)
ABBYY FineReader 6.0 (HKLM-x32\...\{AF600F7B-67A7-48D9-BA3B-0FF97F35F970}) (Version: 6.0.759.29421 - ABBYY Software House)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe Bridge 1.0 (HKLM-x32\...\{B74D4E10-6884-0000-0000-000000000103}) (Version: 001.000.004 - Adobe Systems)
Adobe Dreamweaver CS3 (HKLM-x32\...\Adobe_435a6af7459cb02a9c1138113a26e93) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.615 - Adobe Systems, Inc.)
ALDI Print Software (HKLM-x32\...\ALDI Print Software) (Version: 4.8.7 - CEWE COLOR AG u Co. OHG)
Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{0E96FD88-FF86-25BB-112E-804C2F1B1128}) (Version: 3.0.745.0 - ATI Technologies, Inc.)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.5188 - DsNET Corp)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AVerMedia M135-Series PCI TV Tuner 3.5.64.58 (HKLM-x32\...\AVerMedia M135-Series PCI TV Tuner) (Version: 3.5.64.58 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV (HKLM-x32\...\InstallShield_{FC87BEA8-5582-476C-A754-41F3A9D976D4}) (Version: 6.0 - AVerMedia Technologies, Inc.)
AVerTV (x32 Version: 6.0 - AVerMedia Technologies, Inc.) Hidden
Avidemux 2.6 (HKLM-x32\...\Avidemux 2.6 (64-bit)) (Version: 2.6.0.8179 - )
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
BBC iPlayer Desktop (HKLM-x32\...\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1) (Version: 3.2.15 - British Broadcasting Corp.)
BBC iPlayer Desktop (x32 Version: 3.2.15 - British Broadcasting Corp.) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BTHomeHub (HKLM-x32\...\BTHomeHub) (Version: - British Telecommunications Plc.)
calibre 64bit (HKLM\...\{38E8070E-5CF2-4EF0-A31A-0B18D9B9D817}) (Version: 0.9.11 - Kovid Goyal)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon iP7200 series On-screen Manual (HKLM-x32\...\Canon iP7200 series On-screen Manual) (Version: 7.5.0 - Canon Inc.)
Canon iP7200 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP7200_series) (Version: - Canon Inc.)
Canon iP7200 series User Registration (HKLM-x32\...\Canon iP7200 series User Registration) (Version: - Canon Inc.)
Canon LBP5300 (HKLM\...\Canon LBP5300) (Version: - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.1.1 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.1.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
ccc-core-static (x32 Version: 2009.0925.1707.28889 - ATI) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5844 - CDBurnerXP)
Cleanersoft Free Registry Fix (HKLM-x32\...\Cleanersoft Free Registry Fix) (Version: - )
C-Media PCI Audio Device (HKLM\...\C-Media PCI Audio Driver) (Version: - )
CodeTwo FolderSync Addin (HKLM-x32\...\{DA101069-C624-4066-A797-A04E7925B86C}) (Version: 1.3.3 - CodeTwo)
Command & Conquer Red Alert 2 (HKLM-x32\...\Red Alert 2) (Version: - )
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Convert Audio Free FLAC to MP3 version 1.0 (HKLM-x32\...\Convert Audio Free FLAC to MP3_is1) (Version: 1.0 - )
ConvertXtoDVD 4.0.3.313 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.0.3.313 - )
Cortona3D Viewer (HKLM-x32\...\{4E86E575-2B04-4FEC-ADA3-72D47CB4777C}) (Version: 6.0.180 - ParallelGraphics)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dropbox (HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.)
DVD Suite (HKLM-x32\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 5.0.1906 - CyberLink Corporation)
EPSON Copy Utility (HKLM-x32\...\{B69CC1A5-0404-11D6-ABCB-005004C21D30}) (Version: - )
EPSON Photo Print (HKLM-x32\...\{9391F2BC-B6F3-4AAC-82CC-5A74A4ED388E}) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
EPSON Smart Panel (HKLM-x32\...\{6C11D561-620B-47DA-A693-4C597F3CDF40}) (Version: - )
ffdshow v1.1.3572 [2010-09-13] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.3572.0 - )
File Association Manager (HKLM-x32\...\FileAssociationManager) (Version: 0.5 - Amnis Technology Ltd)
FileASSASSIN (HKLM-x32\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
Focus 165,000 Images (HKLM-x32\...\InstallShield_{1011BB75-9FBD-4743-B239-AB0E3166BA02}) (Version: 3.12.0000 - Focus Multimedia)
Focus 165,000 Images (x32 Version: 3.12.0000 - Focus Multimedia) Hidden
Free FreeCell Solitaire 2015 v3.0 (HKLM-x32\...\Free FreeCell Solitaire_is1) (Version: - TreeCardGames)
Free Window Registry Repair (HKLM-x32\...\Free Window Registry Repair) (Version: - )
Freemake Video Converter version 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Gacela (HKLM-x32\...\{5F0545E7-3F0F-4730-AF70-26E61DBDF263}) (Version: 10.1.166 - Nurago)
Gold MP4 Player (HKLM-x32\...\Gold MP4 Player_is1) (Version: - Excellent Technology Exchange)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
GoToAssist Corporate (HKLM-x32\...\GoToAssist) (Version: 10.4.0.896 - Citrix Online, a division of Citrix Systems, Inc.)
GoToAssist Corporate (x32 Version: 9.0.570 - Citrix) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
InstallConverter (HKLM-x32\...\InstallConverter) (Version: 1.0 - InstallConverter)
Instant CD & DVD Burner (HKLM-x32\...\Instant CD & DVD Burner_is1) (Version: - )
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.550 - Oracle)
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 1920a - CyberLink Corp.)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Lifetime Memorybooks (HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\...\Lifetime Memorybooks) (Version: Lifetime Memorybooks 4.1.0 - Lifetime Memorybooks)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MediaShow (HKLM-x32\...\{D5A9B7C0-8751-11D8-9D75-000129760D75}) (Version: 3.0.4325 - CyberLink Corporation)
Meka MP3 Album Artwork Tool (HKLM-x32\...\{566D66BF-BF53-4FA7-91C5-F419A37F7248}) (Version: 1.0.0 - DroidSDK Software)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Moo0 Audio Converter 1.32 (HKLM-x32\...\Moo0 AudioTypeConverter) (Version: - )
Moo0 Voice Recorder 1.43 (HKLM-x32\...\Moo0 VoiceRecorder) (Version: - )
Moo0 YouTube Downloader 1.07 (HKLM-x32\...\Moo0 Utube-DL) (Version: - )
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0.1 (x86 en-US)) (Version: 35.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero BurnLite 10 (HKLM-x32\...\{842BEE12-CCCB-43F4-ABAF-CBA6DFE2583D}) (Version: 10.0.10500 - Nero AG)
Nero BurnLite 10 (HKLM-x32\...\{AB627AF2-9C7E-4DBD-816B-3B2646B81E89}) (Version: 10.0.10100.1.100 - Nero AG)
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG)
Nielsen (HKLM-x32\...\NetSight) (Version: - )
P3170P Reference Guide (HKLM-x32\...\P3170P Reference Guide) (Version: - )
PhotoNow! 1.0 (HKLM-x32\...\{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 3.0.4310 - CyberLink Corporation)
Photoworld (HKLM-x32\...\Photoworld) (Version: 5.1.6 - CEWE Stiftung u Co. KGaA)
Power2Go 5.0 (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: - )
PowerBackup (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.2903 - CyberLink Corporation)
PowerDirector Express (HKLM-x32\...\{EDE721EC-870A-11D8-9D75-000129760D75}) (Version: - )
PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.3118.0 - CyberLink Corporation)
PowerDVD Copy (HKLM-x32\...\{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.0.3716a - CyberLink Corporation)
PowerProducer (HKLM-x32\...\{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: - )
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Rapport (Version: 3.5.1201.94 - Trusteer) Hidden
Rapport (x32 Version: 3.5.1507.93 - Trusteer) Hidden
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0009 - Realtek)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.89 (HKLM-x32\...\Revo Uninstaller) (Version: 1.89 - VS Revo Group)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
ScanToWeb (HKLM-x32\...\{EBAE381B-60A6-4863-AA9F-FCAB755BC9E5}) (Version: - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Sothink Movie DVD Maker (HKLM-x32\...\{4F94119D-1B71-400e-9F04-B4E5CEAE71F8}_is1) (Version: 3.8 - SourceTec Software Co., LTD)
Spotify (HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\...\Spotify) (Version: 1.0.18.60.g5fe0413d - Spotify AB)
Tango (HKLM-x32\...\{F9D6C8E8-770A-4F02-AE5C-FB85581551CD}) (Version: - ) <==== ATTENTION
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1507.93 - Trusteer)
Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
Westwood Shared Internet Components (HKLM-x32\...\WOLAPI) (Version: - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
WinX DVD Author 6.3.6 (HKLM-x32\...\WinX DVD Author_is1) (Version: - DigiartySoft, Inc.)
WinX DVD Copy Pro 3.6.5 (HKLM\...\WinX DVD Copy Pro_is1) (Version: - Digiarty Software,Inc.)
ZTE_1.2059.0.8 (HKLM-x32\...\ZTE_1.2059.0.8) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Harry\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Harry\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Harry\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Harry\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Harry\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Harry\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Harry\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Harry\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Harry\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Harry\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Harry\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Harry\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
==================== Restore Points =========================
22-11-2015 08:26:41 Scheduled Checkpoint
24-11-2015 11:57:10 Installed Rapport
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 02:34 - 2013-08-28 13:45 - 00000741 ___RA C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {02B556A5-9922-4ED0-AA4A-5523CF41F67A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {0577B87A-0C87-4D22-BBD8-7DBA9A624B95} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {062FEE5E-1280-460D-A741-26475CB15696} - System32\Tasks\{02B84E35-850B-410C-BB0D-BF7885CDACB2} => pcalua.exe -a C:\Users\Harry\AppData\Local\Temp\InstallFlashPlayer.exe -d C:\Users\Harry\Desktop
Task: {07EF40F2-D1BA-400B-BDCC-CF28F84FBDF9} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {09BD83E9-7709-4C9B-8481-712AF1A1A8C8} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2479479765-3668739851-1582905240-1000Core => C:\Users\Harry\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {10F9D733-7B86-415C-930C-82A0C0407581} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {1538C8FB-4244-4B23-A3A1-63466C1BEABF} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {1F3019CD-DD68-4785-9844-5763AF55FA2D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {21AFD19B-C71F-463E-A491-2C942B6B6A42} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {2964DDEF-282E-483A-878C-A9535C883A11} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {2B922906-0100-4547-86F8-736193DCB49A} - System32\Tasks\{67F896EF-6386-4C16-9E9B-3505869D1E9A} => pcalua.exe -a "C:\Users\Harry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YZHXV9LV\M135_6.0.18.09070601_Drv_3.6.x.6_SWEncoders_3.0.1.6_MCE_Plugins_2.0.8.0_090724[1].exe" -d C:\Users\Harry\Desktop
Task: {2B982FC0-EF3A-44F5-81E0-0EDD7BE564A6} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {3A799C8F-16AB-4217-A864-EEB5907D0D06} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2479479765-3668739851-1582905240-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {3B435659-7195-4BE0-8DEC-7D543E1E2C51} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {475B60B5-86AB-4A25-BDB8-7662CC8486C2} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {53AAABDF-A6D8-4186-8C7D-8F32FB077EE5} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {56FAB7D7-3BF5-4CE2-8958-A7E438D0F71B} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {63AAAD55-0D45-42FA-AD68-4D990BC5F54B} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {67A87615-CCDA-4184-BAE6-BE2E9BC7049E} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {712F75C6-E2CA-47D3-BD8A-140AE2CC40E2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {802803EA-4A6D-4834-AF92-057BBA9902B4} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {813A2A62-2DFB-45AC-A229-B7736FA2AF40} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2479479765-3668739851-1582905240-1000UA => C:\Users\Harry\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-19] (Dropbox, Inc.)
Task: {8403EBC6-621F-4255-BA90-76DE29BB77B9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {865B18C4-36A0-446B-8BAA-A73A845F1AF4} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {87F78C33-269E-4D28-A2C2-773F50BB7A6E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {88F6C776-6004-41EE-9451-2FF22525D3B0} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {9F28711A-6B30-4D94-9F74-900D086295D8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {A022EA28-A18F-4A54-BDBE-174519D1BADF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A400F9FA-17D7-43A5-8590-26CF8F248CD9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {A669015C-2263-489D-9D91-7C3B397DB9D6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {A70CFEE5-27E7-4E26-85C1-2B69C2B34CC3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {A7B88E1B-03B3-45CD-9CCE-2D1C6897F488} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {A8C71E4B-65D2-43BF-A730-6B09BAE6878F} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {A9291AAF-423C-424C-91E1-C74DCDE81486} - System32\Tasks\{CCE30659-C6FD-4F83-981B-BCD2BD968747} => pcalua.exe -a C:\Users\Harry\AppData\Local\Temp\dlmB8C4.tmp\ashampoo_firewall_sm.exe -d C:\Users\Harry\Desktop
Task: {AF0C5729-A672-4E49-A774-D2CDE001247A} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {B0474763-1DA4-42E0-BD4E-C0254B0E8E99} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2479479765-3668739851-1582905240-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {B2E4584F-752B-4DEC-9CF9-E6244D2C8B84} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {B38BB90D-2381-4EA0-A5A5-61EFC75861BF} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {B5AF50EB-7210-4D71-94D2-59B01D5F996E} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {B89F01FA-9246-49CD-A9DE-61D856829E70} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {BCC23324-6480-4EAE-83DE-D024D9D81A92} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {BCFD1B75-064A-4FAC-9661-916E1B7A73FB} - System32\Tasks\{B91134D7-AD70-4209-83B6-38CD91F83A5A} => pcalua.exe -a "C:\Program Files\BullGuard Ltd\BullGuard\uninst.exe"
Task: {C07D873D-021E-4794-BCB9-6F87566EF874} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {C5AA30A7-60D7-4AD6-9D93-5C603F7986B1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {D04C595E-FB71-4C54-9310-6CE33EAC3B82} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-12] (Microsoft Corporation)
Task: {D146D600-CB55-40D9-BAE2-87301739029E} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {D14F9C74-B02C-4D20-B4ED-D92FD079C91F} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {D29B9823-AE0F-47BA-B7D2-05846E87416F} - System32\Tasks\{A92BE974-8A08-431E-A0C2-E669AF316320} => pcalua.exe -a C:\Users\Harry\AppData\Local\Temp\dlm93D6.tmp\ashampoo_firewall_sm.exe -d C:\Users\Harry\Desktop
Task: {D7C29E22-99F8-4247-A104-C08BFC5C8E4B} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2479479765-3668739851-1582905240-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-07-30] (RealNetworks, Inc.)
Task: {E44B1687-32F2-40BF-86D1-5AEF2540D5C8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-12] (Adobe Systems Incorporated)
Task: {EC3EC071-A286-422B-820B-A0224A8C4A5F} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2479479765-3668739851-1582905240-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {F0890454-0E92-4310-81B5-CC9294E64E6B} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {F0E4B025-4139-4C02-9262-52BBC8CE662D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {F3CBAB36-3A12-4245-A816-37BEBD8011EF} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2479479765-3668739851-1582905240-1000Core.job => C:\Users\Harry\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-2479479765-3668739851-1582905240-1000UA.job => C:\Users\Harry\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Public\Desktop\BT email & search.LNK -> C:\Program Files (x86)\BTHomeHub\Launcher\LaunchHM.exe (British Telecommunications plc) -> hxxp://
www.bt.yahoo.com <==== ATTENTION
ShortcutWithArgument: C:\Users\Public\Desktop\My BT.LNK -> C:\Program Files (x86)\BTHomeHub\Launcher\LaunchHM.exe (British Telecommunications plc) -> hxxp://
www.bt.com/mybt <==== ATTENTION
==================== Loaded Modules (Whitelisted) ==============
2015-07-10 11:00 - 2015-07-10 11:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-08-09 00:27 - 2015-08-09 00:27 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-23 17:09 - 2015-08-23 17:09 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2010-03-04 13:02 - 2010-03-04 13:02 - 00102400 _____ () C:\Program Files (x86)\Gacela\Gacela-Reporting.exe
2010-03-04 13:02 - 2010-03-04 13:02 - 00180224 _____ () C:\Program Files (x86)\Gacela\Gacela-Updater.exe
2010-02-01 11:46 - 2006-12-19 21:23 - 00272024 ____N () C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
2015-10-07 15:32 - 2015-09-17 06:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-07 15:32 - 2015-09-17 06:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-16 08:43 - 2015-09-25 13:50 - 00042336 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter9\AppPackageInfoSupport_x64.dll
2015-10-07 15:31 - 2015-09-17 05:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-09-15 13:36 - 2015-11-23 16:05 - 00071680 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2015-10-07 15:32 - 2015-09-17 05:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-07 15:31 - 2015-09-17 05:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-07 15:31 - 2015-09-17 05:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-07 15:32 - 2015-09-17 05:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 11:00 - 2015-07-10 13:14 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2010-03-04 13:01 - 2010-03-04 13:01 - 01011712 _____ () C:\Program Files (x86)\Gacela\updatercom.dll
2015-10-07 14:57 - 2015-11-04 23:44 - 00166416 _____ () C:\Users\Harry\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2015-12-01 14:43 - 2015-12-01 14:43 - 00071168 _____ () c:\users\harry\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpusmc04.dll
2015-10-16 08:43 - 2015-09-25 13:50 - 00790880 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter9\communication.dll
2013-11-28 15:26 - 2015-09-25 13:54 - 00790880 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\nsmmc.dll
2015-08-02 13:33 - 2015-09-03 00:11 - 00012800 _____ () C:\Users\Harry\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 21:45 - 2015-09-03 00:11 - 00779776 _____ () C:\Users\Harry\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-08-02 13:33 - 2015-09-03 00:11 - 00056320 _____ () C:\Users\Harry\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-08-02 13:33 - 2015-09-03 00:11 - 00012288 _____ () C:\Users\Harry\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2015-10-16 08:43 - 2015-09-25 13:50 - 00831840 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter9\npchromeinstaller.dll
2015-10-16 08:43 - 2015-09-25 13:50 - 00885088 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter9\npfirefoxprocessor.dll
2015-10-16 08:43 - 2015-09-25 13:50 - 00185696 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter9\npsp1.dll
2015-10-16 08:43 - 2015-09-25 13:50 - 00279904 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter9\npsurvey.dll
2015-10-16 08:43 - 2015-09-25 13:50 - 00224096 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter9\npUIASupport.dll
2015-10-16 08:43 - 2015-09-25 13:50 - 00665440 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter9\npwebsockets.dll
2015-10-16 08:43 - 2015-09-25 13:50 - 00252768 _____ () C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter9\npwmi.dll
2015-07-21 16:02 - 2015-07-21 16:02 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-14 15:46 - 2013-02-14 15:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2014-09-06 16:44 - 2014-09-06 16:44 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 16:41 - 2014-05-24 16:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 16:41 - 2014-05-24 16:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2015-11-13 06:53 - 2015-11-07 04:36 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libglesv2.dll
2015-11-13 06:53 - 2015-11-07 04:36 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libegl.dll
2015-11-13 06:53 - 2015-11-07 04:36 - 16496456 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\WINDOWS\explorer.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\notepad.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ActionCenter.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\aitstatic.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\AppxSysprep.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\AudioEndpointBuilder(6265).dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\AudioEndpointBuilder.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\AudioSes(6267).dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\AudioSes.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\BthRadioMedia.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ci.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\CNMLMBA.DLL:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\coredpus.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\d3d9.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\dafWCN.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\diagtrack.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\diagtrack_win.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\diagtrack_wininternal.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\dwmcore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\DWrite.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\dxgi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\esxuin32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\esxwia32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\esxwiaml.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\facecredentialprovider.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\fdWCN.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\FntCache.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\fwpolicyiomgr.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\GamePanel.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\GEARAspi64.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\InputService.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\InstallAgent.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\LocationFrameworkInternalPS.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\LocationPermissions.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\LockAppHost.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\LogonController.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MbaeApiPublic.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MbaeParserTask.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mfmkvsrcsnk.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mfmp4srcsnk.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mfmpeg2srcsnk.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MFPlay.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mfsrcsnk.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\msctfuimanager.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MsSpellCheckingFacility.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mssprxy.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\mssrch.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\MusNotificationUx.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\NetSetupShim.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\NetSetupSvc.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\NetworkStatus.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\notepad.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\NotificationControllerPS.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\NotificationObjFactory.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\PackageStateRoaming.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\PlayToManager.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\powertracker.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\provhandlers.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\rdbui.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\RdpGroupPolicyExtension.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ReAgent.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\reseteng.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SearchProtocolHost.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SensorService.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SensorsNativeApi.V2.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_Notifications.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SettingsHandlers_UserAccount.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\SharedStartModelShim.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\sysmain.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\tetheringclient.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\TextInputFramework.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\tquery.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\twinui.appcore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\twinui.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\UserMgrProxy.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\UtcResources.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\vaultsvc.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\VEDataLayerHelpers.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\ViakaraokeSrv.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\VoiceActivationManager.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\VPNv2CSP.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\WcnApi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\WcnNetsh.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wcnwiz.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wfdprov.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\WinBioDataModel.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.Cortana.Desktop.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\WlanMediaManager.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wpncore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wu.upgrade.ps.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\wuautoappupdate.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\WWAHost.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\ActionCenter.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\AudioEng.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\d3d9.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\dwmcore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\DWrite.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\dxgi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\esint32.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\explorer.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\fdWCN.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\ff_vfw.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\FLVSplitter.ax:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\GamePanel.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\GEARAspi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\InputService.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\LockAppHost.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\LogonController.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\MbaeApiPublic.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfplat.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\MFPlay.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mfsrcsnk.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\msctfuimanager.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mshtmlmedia.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\mssrch.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\NetSetupShim.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\notepad.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\NotificationObjFactory.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\ntdll.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\PackageStateRoaming.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\PlayToManager.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\pncrt.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\ReAgent.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\ReInfo.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\RLAPEDec.ax:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\rpcrt4.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\SearchProtocolHost.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\tetheringclient.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\TextInputFramework.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\tquery.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\twinui.appcore.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\twinui.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\UserMgrProxy.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\VoiceActivationManager.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\WcnApi.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\wcnwiz.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\wfdprov.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll:$CmdTcID
AlternateDataStreams: C:\WINDOWS\SysWOW64\WWAHost.exe:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\bthhfenum.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\mountmgr.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\msgpiowin32.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\ntfs.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\rdyboost.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\stornvme.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\storport.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\tunnel.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\usbscan.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\USBXHCI.SYS:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\WdiWiFi.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wof.sys:$CmdTcID
AlternateDataStreams: C:\WINDOWS\system32\Drivers\wpcfltr.sys:$CmdTcID
AlternateDataStreams: C:\Users\Harry\GoToAssistDownloadHelper.exe:$CmdTcID
AlternateDataStreams: C:\Users\Harry\Downloads\1428325462.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\174717CE_5056_A318_A89BC436A5D58044 (1).doc:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\174717CE_5056_A318_A89BC436A5D58044 (2).doc:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\174717CE_5056_A318_A89BC436A5D58044 (3).doc:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\174717CE_5056_A318_A89BC436A5D58044.doc:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\1B0EFB69_5056_A318_A895C723542C3788.doc:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\1B192E81_5056_A318_A8B71C191A8E831F (1).doc:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\1B192E81_5056_A318_A8B71C191A8E831F (2).doc:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\1B192E81_5056_A318_A8B71C191A8E831F (3).doc:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\1B192E81_5056_A318_A8B71C191A8E831F (4).doc:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\1B192E81_5056_A318_A8B71C191A8E831F.doc:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\20150507 OFFICIAL - Elections E debrief (1).docx:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\20150507 OFFICIAL - Elections E debrief.docx:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\325391xx0_victoria_cataleg.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\341304xx4.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\342394xx0_victoria_cataleg.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\342395 (1).dwg:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\342395 (1).dxf:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\342395 (2).dwg:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\342395 (2).dxf:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\342395 (3).dwg:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\342395 (3).dxf:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\342395 (4).dxf:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\342395.dwg:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\342395.dxf:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\342396xx0 (1).pdf:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\342396xx0 (2).pdf:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\342396xx0 (3).pdf:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\342396xx0.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\34239Sxx0 (1).pdf:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\34239Sxx0 (2).pdf:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\34239Sxx0.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\344397xx0_victoria_cataleg.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\5D9E1529_5056_A318_A8C7B73B5385BC30.doc:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\89FA925B_1143_EC82_2EDF0C729C037E4E.docx:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\certificate-templates-for-word6.doc:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\CrucialUKScan (1).exe:$CmdTcID
AlternateDataStreams: C:\Users\Harry\Downloads\CrucialUKScan (1).exe:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\CrucialUKScan (2).exe:$CmdTcID
AlternateDataStreams: C:\Users\Harry\Downloads\CrucialUKScan (2).exe:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\CrucialUKScan.exe:$CmdTcID
AlternateDataStreams: C:\Users\Harry\Downloads\CrucialUKScan.exe:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\DropboxInstaller.exe:$CmdTcID
AlternateDataStreams: C:\Users\Harry\Downloads\DropboxInstaller.exe:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\F6997AAC6D15C0B55A9B38BF50952CCBC4178C20.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\FE935AEBED698EBBEFC4294DBDB3FB087041731E (1).torrent:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\FE935AEBED698EBBEFC4294DBDB3FB087041731E (2).torrent:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\FE935AEBED698EBBEFC4294DBDB3FB087041731E.torrent:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\FileZilla_3.12.0.2_win64-setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Harry\Downloads\FileZilla_3.9.0.6_win32-setup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Harry\Downloads\GoogleEarthSetup (1).exe:$CmdTcID
AlternateDataStreams: C:\Users\Harry\Downloads\GoogleEarthSetup (1).exe:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\GoogleEarthSetup (2).exe:$CmdTcID
AlternateDataStreams: C:\Users\Harry\Downloads\GoogleEarthSetup (2).exe:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\GoogleEarthSetup (3).exe:$CmdTcID
AlternateDataStreams: C:\Users\Harry\Downloads\GoogleEarthSetup (3).exe:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\GoogleEarthSetup.exe:$CmdTcID
AlternateDataStreams: C:\Users\Harry\Downloads\GoogleEarthSetup.exe:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\IdealStandard_Multiproduct_web-cutout_455f94b6792e74a9acf25b53c3710708.jpg:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\July Cycle RouteVer3.docx:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\mast-win-ip7200-1_0-mcd.exe:$CmdTcID
AlternateDataStreams: C:\Users\Harry\Downloads\mast-win-ip7200-1_0-mcd.exe:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\mig_-win-3_1_1-ea31_2.exe:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\mypr-win-3_2_1-ea11_2.exe:$CmdTcID
AlternateDataStreams: C:\Users\Harry\Downloads\mypr-win-3_2_1-ea11_2.exe:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\Parking Permit March 2015.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\PolicyDocument (2).pdf:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\Qualifying-Schemes-ENG_29kb (1).pdf:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\Qualifying-Schemes-ENG_29kb.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\Setup (1).website:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\Setup (2).website:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\Setup (3).website:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\Setup (4).website:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\Setup .website:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\TheHampshireHaslarRoadGosportTemporaryRoadClosureOrder2015 (1).pdf:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\TheHampshireHaslarRoadGosportTemporaryRoadClosureOrder2015.pdf:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\UploadedFile_130759266695496400.doc:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\wetransfer-8c2fa4.zip:$CmdZnID
AlternateDataStreams: C:\Users\Harry\Downloads\WilkinsonVintnersPriceList.xls:$CmdZnID
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\...\download.com -> download.com
IE trusted site: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\...\lightspeedpanel.com -> hxxp://uk.lightspeedpanel.com
IE restricted site: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\...\008k.com ->
www.008k.com
IE restricted site: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\...\00hq.com ->
www.00hq.com
IE restricted site: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\...\0scan.com ->
www.0scan.com
IE restricted site: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\...\1-2005-search.com ->
www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\...\1-domains-registrations.com ->
www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\...\1000gratisproben.com ->
www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\...\1001namen.com ->
www.1001namen.com
IE restricted site: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\...\100sexlinks.com ->
www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\...\10sek.com ->
www.10sek.com
IE restricted site: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\...\123fporn.info ->
www.123fporn.info
IE restricted site: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\...\123haustiereundmehr.com ->
www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\...\123moviedownload.com ->
www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\...\123simsen.com ->
www.123simsen.com
There are 6717 more sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2479479765-3668739851-1582905240-1000\Control Panel\Desktop\\Wallpaper -> D:\My Pictures\Camera2013\JanFeb\IMG_0163.JPG
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Canon LBP5300 Status Window.lnk => C:\Windows\pss\Canon LBP5300 Status Window.lnk.CommonStartup
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: Freecorder FLV Service => "C:\Program Files (x86)\Freecorder\FLVSrvc.exe" /run
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl => "C:\Program Files (x86)\ (x86)\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: TkBellExe => "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [TCP Query User{4C0102ED-2A9C-4775-980E-41EAD81D50A5}C:\users\harry\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\harry\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{D3A02251-CA1E-4BC1-B9E6-8C237D99AF15}C:\users\harry\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\harry\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [{B404274A-A2F9-4A6C-8E1A-6145C699DDA4}] => (Allow) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
FirewallRules: [{93F604DD-836C-422A-BD9D-046051E9AB17}] => (Allow) C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe
FirewallRules: [{6A285101-86D2-4E1C-9AB1-9919603BAC6B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{66DC8B69-4FA3-419D-9E83-658CCC5DA4F0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{751C1B2F-9A54-4430-91AC-D089F07FC31F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C29CB9EF-5841-4E69-8F3D-E91178A395FE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{75187116-FF6C-4015-B786-65D113BC9C37}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{F43AD138-CBA0-42E6-B5BA-D496EA28B554}C:\users\harry\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\harry\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{55AF7F79-418F-4F43-B4C5-640EADD8DEF7}C:\users\harry\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\harry\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2597E34D-0131-4ED0-B84E-3279C94370DD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{879765FE-9C0B-4F4B-A235-6A0ABEEC7D37}C:\program files (x86)\adobe\adobe dreamweaver cs3\dreamweaver.exe] => (Allow) C:\program files (x86)\adobe\adobe dreamweaver cs3\dreamweaver.exe
FirewallRules: [UDP Query User{C6154C08-3781-4237-804E-7B27E1E75C6B}C:\program files (x86)\adobe\adobe dreamweaver cs3\dreamweaver.exe] => (Allow) C:\program files (x86)\adobe\adobe dreamweaver cs3\dreamweaver.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/01/2015 02:55:25 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HARRYPC)
Description: Activation of app Microsoft.WindowsStore_8wekyb3d8bbwe!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (12/01/2015 02:44:46 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SearchUI.exe version 10.0.10240.16515 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: f50
Start Time: 01d12c465f38e70f
Termination Time: 4294967295
Application Path: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Report Id: 0ce0caba-983a-11e5-9be6-90e6ba57d184
Faulting package full name: Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy
Faulting package-relative application ID: CortanaUI
Error: (12/01/2015 02:44:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: HARRYPC)
Description: Package Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI was terminated because it took too long to suspend.
Error: (12/01/2015 02:44:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HARRYPC)
Description: Activation of app Microsoft.WindowsStore_8wekyb3d8bbwe!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (12/01/2015 02:44:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HARRYPC)
Description: Activation of app Microsoft.WindowsStore_8wekyb3d8bbwe!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (12/01/2015 02:23:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HARRYPC)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (12/01/2015 01:58:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HARRYPC)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (12/01/2015 01:58:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HARRYPC)
Description: Activation of app Microsoft.WindowsStore_8wekyb3d8bbwe!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (12/01/2015 01:53:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HARRYPC)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
Error: (12/01/2015 01:36:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: HARRYPC)
Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147009284 See the Microsoft-Windows-TWinUI/Operational log for additional information.
System errors:
=============
Error: (12/01/2015 02:46:04 PM) (Source: DCOM) (EventID: 10010) (User: HARRYPC)
Description: {B91D5831-B1BD-4608-8198-D72E155020F7}
Error: (12/01/2015 02:40:43 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error:
%%1058
Error: (12/01/2015 02:39:06 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Group Policy Client service did not shut down properly after receiving a preshutdown control.
Error: (12/01/2015 02:38:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Sync Host_Session1 service to connect.
Error: (12/01/2015 02:38:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the User Data Storage_Session1 service to connect.
Error: (12/01/2015 02:38:35 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the User Data Storage_Session1 service, but this action failed with the following error:
%%1056
Error: (12/01/2015 02:38:25 PM) (Source: DCOM) (EventID: 10010) (User: HARRYPC)
Description: {49F171DD-B51A-40D3-9A6C-52D674CC729D}
Error: (12/01/2015 02:38:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Access_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (12/01/2015 02:38:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The User Data Storage_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
Error: (12/01/2015 02:38:25 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Contact Data_Session1 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.
CodeIntegrity:
===================================
Date: 2015-12-01 15:48:09.980
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-01 15:48:09.960
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-01 15:48:09.424
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-01 15:48:09.404
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-01 15:47:15.791
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-01 15:47:15.764
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-01 12:49:14.319
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-01 08:52:49.914
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-01 08:52:49.887
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-01 08:52:49.058
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: AMD Phenom(tm) II X4 955 Processor
Percentage of memory in use: 20%
Total physical RAM: 12031.17 MB
Available physical RAM: 9521.08 MB
Total Virtual: 24319.17 MB
Available Virtual: 21771.87 MB
==================== Drives ================================
Drive c: (Windows7) (Fixed) (Total:455.99 GB) (Free:260.99 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Toshiba One HDD) (Fixed) (Total:931.51 GB) (Free:781.86 GB) NTFS
Drive e: (RA1) (CDROM) (Total:0.64 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 37B4D5AA)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Active) - (Size=456 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (Size: 931.5 GB) (Disk ID: 001C692E)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================