Hi there
As per instructions, please find FRST logs below but first a few notes:
1. on 22.06.16 I installed "Phone Backup Unlocker Standard" by Tenorshare whcih worked for the required task - this seemed to create a user called ER01ServiceUser.
2. Since then I have noticed strange on goings, including mouse waiver, corrupt user permissions, locked folders & it seems to have also affected my Avast IS.
3. I have installed CCleaner and done a host of repairs under their 7 day trial, including registery keys for both my user (Dan) and Administrator.
4. I have restored back to the earliest restore point 2 times and re-installed the updates when prompted, x 2.
5. I have scanned with Avast IS and Malwaye Bytes (free version) on serveral occasions as well.
6. Point to note: for a long time my PC says I my version of windows is not genuine, "Build 7601" but the registratioin key sticker is too warn to read nowadays.
Appreciate any help give, thank you.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-07-2016 01
Ran by inField (administrator) on INFIELD-DH (13-07-2016 13:21:47)
Running from C:\Users\Dan Hunter\Desktop
Loaded Profiles: inField & Dan Hunter (Available Profiles: inField & Dan Hunter)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\AvastB\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\AvastB\afwServ.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\IFXSPMGT.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\IFXTCS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Infineon Technologies AG) C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\Dan Hunter\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVAST Software) C:\Program Files\AVAST Software\AvastB\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Source Engine\OSE.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\AvastB\AvastUI.exe [8900328 2016-07-12] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
HKLM\...\RunOnce: [*Restore] => C:\Windows\System32\rstrui.exe [296960 2016-04-09] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1638736776-1169130257-727643800-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-15] (Piriform Ltd)
HKU\S-1-5-21-1638736776-1169130257-727643800-1000\...\MountPoints2: {0e8c20cc-43ba-11e4-aa93-806e6f6e6963} - D:\Autoplay.exe -auto
HKU\S-1-5-21-1638736776-1169130257-727643800-1000\...\MountPoints2: {bd92e5d4-43c6-11e4-ab82-806e6f6e6963} - D:\Autoplay.exe -auto
HKU\S-1-5-21-1638736776-1169130257-727643800-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [52148864 2016-04-29] (Skype Technologies S.A.)
HKU\S-1-5-21-1638736776-1169130257-727643800-1001\...\Run: [Dropbox Update] => C:\Users\Dan Hunter\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-11-29] (Dropbox, Inc.)
HKU\S-1-5-21-1638736776-1169130257-727643800-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-15] (Piriform Ltd)
HKU\S-1-5-21-1638736776-1169130257-727643800-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\AvastB\ashShA64.dll [2016-07-12] (AVAST Software)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{9B128791-B3F2-4A2B-B6E6-ABE115AACB8D}: [NameServer] 77.234.40.79
Tcpip\..\Interfaces\{C148FCA1-9903-4635-ABE9-6922A1AFF0D4}: [DhcpNameServer] 10.0.0.1
Internet Explorer:
==================
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\AvastB\aswWebRepIE64.dll [2016-07-12] (AVAST Software)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-07-12] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\AvastB\aswWebRepIE.dll [2016-07-12] (AVAST Software)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-07-12] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-12] ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-09-24] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-12] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-07-12] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-07-12] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-09-24] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1638736776-1169130257-727643800-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Dan Hunter\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-10-06] (Citrix Online)
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\AvastB\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\AvastB\WebRep\FF [2016-07-12]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\AvastB\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\AvastB\SafePrice\FF [2016-07-12]
FF HKLM\...\Firefox\Extensions: [jid1-r1tDuNiNb4SEww@jetpack] - C:\Program Files\AVAST Software\AvastB\pam\FF
FF Extension: Avast Passwords - C:\Program Files\AVAST Software\AvastB\pam\FF [2016-07-12]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\AvastB\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\AvastB\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [jid1-r1tDuNiNb4SEww@jetpack] - C:\Program Files\AVAST Software\AvastB\pam\FF
Chrome:
=======
CHR Profile: C:\Users\inField\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\inField\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-17]
CHR Extension: (Google Docs) - C:\Users\inField\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-17]
CHR Extension: (Google Drive) - C:\Users\inField\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-03]
CHR Extension: (YouTube) - C:\Users\inField\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-03]
CHR Extension: (Google Search) - C:\Users\inField\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-03]
CHR Extension: (Google Sheets) - C:\Users\inField\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-17]
CHR Extension: (Google Docs Offline) - C:\Users\inField\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-01-03]
CHR Extension: (Avast Online Security) - C:\Users\inField\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-01-03]
CHR Extension: (Skype) - C:\Users\inField\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-01-03]
CHR Extension: (Chrome Web Store Payments) - C:\Users\inField\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-01-03]
CHR Extension: (Gmail) - C:\Users\inField\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-17]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\AvastB\WebRep\Chrome\aswWebRepChrome.crx [2016-05-11]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\AvastB\AvastSvc.exe [197128 2016-07-12] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\AvastB\afwServ.exe [223600 2016-07-12] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 IFXSpMgtSrv; C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe [1107232 2009-08-04] (Infineon Technologies AG)
R2 IFXTCS; C:\Program Files (x86)\Infineon\Security Platform Software\ifxtcs.exe [984352 2009-07-19] (Infineon Technologies AG)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-10-19] ()
R2 PersonalSecureDriveService; C:\Program Files (x86)\Infineon\Security Platform Software\IfxPsdSv.exe [214304 2009-07-19] (Infineon Technologies AG)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7184144 2016-07-06] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 AvastVBoxSvc; "C:\Program Files\AVAST Software\AvastB\ng\vbox\AvastVBoxSVC.exe" [X]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-07-12] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-07-12] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108304 2016-07-12] (AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [28312 2016-05-11] (AVAST Software)
R1 aswNetSec; C:\Windows\system32\drivers\aswNetSec.sys [572120 2016-07-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-07-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-07-12] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-07-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [473592 2016-07-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162904 2016-07-12] (AVAST Software)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-10-06] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [290088 2016-07-12] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-11] (Broadcom Corporation)
R1 PersonalSecureDrive; C:\Windows\System32\drivers\psd.sys [44576 2009-07-19] (Infineon Technologies AG)
S3 toshidpt; C:\Windows\System32\drivers\Toshidpt.sys [9608 2009-06-19] (TOSHIBA Corporation.)
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\AvastB\ng\vbox\VBoxAswDrv.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-13 13:21 - 2016-07-13 13:22 - 00016688 _____ C:\Users\Dan Hunter\Desktop\FRST.txt
2016-07-13 13:18 - 2016-07-13 13:21 - 00000000 ____D C:\FRST
2016-07-13 13:17 - 2016-07-13 13:17 - 02390528 _____ (Farbar) C:\Users\Dan Hunter\Desktop\FRST64.exe
2016-07-13 11:55 - 2016-07-13 11:55 - 00313366 _____ C:\Users\Dan Hunter\Downloads\WindowsUpdateDiagnostic.diagcab
2016-07-12 23:20 - 2016-07-12 23:20 - 00738368 _____ (Oracle Corporation) C:\Users\Dan Hunter\Downloads\jre-8u91-windows-i586-iftw.exe
2016-07-12 21:28 - 2016-07-12 22:28 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-07-12 21:28 - 2016-07-12 21:28 - 00003900 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-07-12 21:26 - 2016-07-12 21:27 - 20466368 _____ (Adobe Systems Incorporated) C:\Users\Dan Hunter\Downloads\install_flash_player_ppapi.exe
2016-07-12 18:03 - 2016-07-12 18:03 - 00992960 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-07-12 18:03 - 2016-07-12 18:03 - 00921280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-07-12 18:03 - 2016-07-12 18:03 - 00390984 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-07-12 18:03 - 2016-07-12 18:03 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-07-08 13:55 - 2016-07-08 13:54 - 00327503 _____ C:\Users\Dan Hunter\Downloads\inField - NW 36 Month ADD ON - 1x Qube 080716.pdf
2016-07-07 13:53 - 2016-07-07 13:53 - 00340820 _____ C:\Users\Dan Hunter\Documents\Delivery Form is populated.pdf
2016-07-07 11:12 - 2016-07-07 11:13 - 07895056 _____ C:\Users\Dan Hunter\Downloads\Proposal-Bundle-Aug-2015.zip
2016-07-07 10:35 - 2016-07-07 10:35 - 00868224 _____ C:\Users\Dan Hunter\Downloads\Form Report By Vehicle.xls
2016-07-07 09:39 - 2016-07-07 09:39 - 10776228 _____ C:\Users\Dan Hunter\Downloads\DIRECTOR_FeaturesGuide_AU.pdf
2016-06-30 20:16 - 2016-06-30 20:16 - 00000060 _____ C:\Users\Dan Hunter\Desktop\TO DO JUNE JULY 2016.txt
2016-06-30 14:59 - 2016-06-30 14:59 - 00242120 _____ C:\Users\Dan Hunter\Downloads\72A3.tmp
2016-06-30 13:14 - 2016-07-12 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2016-06-30 13:14 - 2016-06-30 13:14 - 00000000 ____D C:\Program Files\7-Zip
2016-06-28 19:52 - 2016-05-24 09:37 - 00394960 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-06-28 19:52 - 2016-05-24 08:54 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-06-28 19:52 - 2016-05-22 03:28 - 25802752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-28 19:52 - 2016-05-22 02:57 - 20341248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-28 19:52 - 2016-05-21 08:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-06-28 19:52 - 2016-05-21 08:27 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-06-28 19:52 - 2016-05-21 08:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2016-06-28 19:52 - 2016-05-21 08:10 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-06-28 19:52 - 2016-05-21 08:09 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-28 19:52 - 2016-05-21 08:09 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-06-28 19:52 - 2016-05-21 08:09 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-06-28 19:52 - 2016-05-21 08:08 - 02895360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-28 19:52 - 2016-05-21 08:08 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-06-28 19:52 - 2016-05-21 08:02 - 06051328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-28 19:52 - 2016-05-21 08:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-06-28 19:52 - 2016-05-21 07:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-06-28 19:52 - 2016-05-21 07:57 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-28 19:52 - 2016-05-21 07:57 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2016-06-28 19:52 - 2016-05-21 07:57 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2016-06-28 19:52 - 2016-05-21 07:56 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-06-28 19:52 - 2016-05-21 07:56 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2016-06-28 19:52 - 2016-05-21 07:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2016-06-28 19:52 - 2016-05-21 07:54 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-06-28 19:52 - 2016-05-21 07:54 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-06-28 19:52 - 2016-05-21 07:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-06-28 19:52 - 2016-05-21 07:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-06-28 19:52 - 2016-05-21 07:50 - 02287104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-28 19:52 - 2016-05-21 07:49 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2016-06-28 19:52 - 2016-05-21 07:48 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2016-06-28 19:52 - 2016-05-21 07:45 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-06-28 19:52 - 2016-05-21 07:45 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2016-06-28 19:52 - 2016-05-21 07:44 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-06-28 19:52 - 2016-05-21 07:44 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2016-06-28 19:52 - 2016-05-21 07:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-06-28 19:52 - 2016-05-21 07:41 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-06-28 19:52 - 2016-05-21 07:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2016-06-28 19:52 - 2016-05-21 07:33 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-06-28 19:52 - 2016-05-21 07:32 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-06-28 19:52 - 2016-05-21 07:29 - 13815808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-28 19:52 - 2016-05-21 07:28 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-06-28 19:52 - 2016-05-21 07:27 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-06-28 19:52 - 2016-05-21 07:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2016-06-28 19:52 - 2016-05-21 07:26 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2016-06-28 19:52 - 2016-05-21 07:25 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-06-28 19:52 - 2016-05-21 07:23 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2016-06-28 19:52 - 2016-05-21 07:23 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-06-28 19:52 - 2016-05-21 07:22 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-06-28 19:52 - 2016-05-21 07:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-06-28 19:52 - 2016-05-21 07:19 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2016-06-28 19:52 - 2016-05-21 07:14 - 04610048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-28 19:52 - 2016-05-21 07:12 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-06-28 19:52 - 2016-05-21 07:11 - 15420928 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-28 19:52 - 2016-05-21 07:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-06-28 19:52 - 2016-05-21 07:09 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-06-28 19:52 - 2016-05-21 07:09 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-28 19:52 - 2016-05-21 07:08 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-06-28 19:52 - 2016-05-21 07:08 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-28 19:52 - 2016-05-21 07:07 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-06-28 19:52 - 2016-05-21 07:07 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2016-06-28 19:52 - 2016-05-21 07:06 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-06-28 19:52 - 2016-05-21 06:46 - 02597888 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-28 19:52 - 2016-05-21 06:42 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-28 19:52 - 2016-05-21 06:38 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-28 19:52 - 2016-05-21 06:38 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-06-28 19:52 - 2016-05-21 06:34 - 01544192 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-28 19:52 - 2016-05-21 06:23 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-06-28 19:52 - 2016-05-19 02:10 - 00312832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-28 19:52 - 2016-05-19 02:09 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-28 19:52 - 2016-05-14 08:15 - 00382184 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-28 19:52 - 2016-05-14 08:09 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-28 19:52 - 2016-05-14 08:09 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-28 19:52 - 2016-05-14 08:09 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2016-06-28 19:52 - 2016-05-14 08:09 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2016-06-28 19:52 - 2016-05-14 07:54 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-28 19:52 - 2016-05-14 07:50 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2016-06-28 19:52 - 2016-05-14 07:49 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-06-28 19:52 - 2016-05-14 07:49 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2016-06-28 19:52 - 2016-05-14 07:27 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-28 19:52 - 2016-05-13 03:20 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-28 19:52 - 2016-05-13 03:20 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-06-28 19:52 - 2016-05-13 03:15 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-06-28 19:52 - 2016-05-13 03:15 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-06-28 19:52 - 2016-05-13 03:15 - 00105472 _____ (Microsoft Corporation) C:\Windows\system32\winipsec.dll
2016-06-28 19:52 - 2016-05-13 03:15 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-06-28 19:52 - 2016-05-13 03:15 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-06-28 19:52 - 2016-05-13 03:15 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2016-06-28 19:52 - 2016-05-13 03:14 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-06-28 19:52 - 2016-05-13 03:14 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-06-28 19:52 - 2016-05-13 03:14 - 00794624 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-28 19:52 - 2016-05-13 03:14 - 00793088 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2016-06-28 19:52 - 2016-05-13 03:14 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-06-28 19:52 - 2016-05-13 03:14 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-06-28 19:52 - 2016-05-13 03:14 - 00502272 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-28 19:52 - 2016-05-13 03:14 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-06-28 19:52 - 2016-05-13 03:14 - 00373760 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-28 19:52 - 2016-05-13 03:14 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-06-28 19:52 - 2016-05-13 03:14 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-06-28 19:52 - 2016-05-13 03:14 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-06-28 19:52 - 2016-05-13 03:14 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2016-06-28 19:52 - 2016-05-13 03:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-06-28 19:52 - 2016-05-13 03:14 - 00096256 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-28 19:52 - 2016-05-13 03:14 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-28 19:52 - 2016-05-13 03:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-06-28 19:52 - 2016-05-13 03:14 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-06-28 19:52 - 2016-05-13 03:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2016-06-28 19:52 - 2016-05-13 03:14 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-06-28 19:52 - 2016-05-13 03:14 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-06-28 19:52 - 2016-05-13 01:18 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2016-06-28 19:52 - 2016-05-13 01:18 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2016-06-28 19:52 - 2016-05-13 01:18 - 00591872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2016-06-28 19:52 - 2016-05-13 01:18 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-06-28 19:52 - 2016-05-13 01:18 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-06-28 19:52 - 2016-05-13 01:18 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-28 19:52 - 2016-05-13 01:18 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-06-28 19:52 - 2016-05-13 01:18 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-06-28 19:52 - 2016-05-13 01:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2016-06-28 19:52 - 2016-05-13 01:18 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2016-06-28 19:52 - 2016-05-13 01:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2016-06-28 19:52 - 2016-05-13 01:18 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2016-06-28 19:52 - 2016-05-13 01:18 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-06-28 19:52 - 2016-05-13 01:18 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpapi.dll
2016-06-28 19:52 - 2016-05-13 01:18 - 00070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winipsec.dll
2016-06-28 19:52 - 2016-05-13 01:18 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-06-28 19:52 - 2016-05-13 01:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2016-06-28 19:52 - 2016-05-13 01:18 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-28 19:52 - 2016-05-13 01:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2016-06-28 19:52 - 2016-05-13 01:18 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2016-06-28 19:52 - 2016-05-13 01:18 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2016-06-28 19:52 - 2016-05-13 01:06 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.exe
2016-06-28 19:52 - 2016-05-13 01:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-06-28 19:52 - 2016-05-13 01:03 - 03217408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-06-28 19:52 - 2016-05-13 00:58 - 00464896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-28 19:52 - 2016-05-13 00:58 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-28 19:52 - 2016-05-13 00:58 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-06-28 19:52 - 2016-05-13 00:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-28 19:52 - 2016-05-13 00:58 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-06-28 19:52 - 2016-05-13 00:58 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-06-28 19:52 - 2016-05-13 00:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2016-06-28 19:52 - 2016-05-13 00:57 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-06-28 19:52 - 2016-05-13 00:57 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.exe
2016-06-28 19:52 - 2016-05-13 00:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2016-06-28 19:52 - 2016-05-13 00:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2016-06-28 19:52 - 2016-05-12 23:05 - 00459640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-28 19:52 - 2016-05-12 23:05 - 00297984 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-28 19:52 - 2016-05-12 23:04 - 00249352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-28 19:52 - 2016-05-12 03:02 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-28 19:52 - 2016-05-12 03:02 - 00444928 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-28 19:52 - 2016-05-12 03:02 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-28 19:52 - 2016-05-12 03:02 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-28 19:52 - 2016-05-12 01:19 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-28 19:52 - 2016-05-12 01:19 - 00351744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-28 19:52 - 2016-05-12 01:19 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-28 19:52 - 2016-05-12 01:19 - 00206336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-28 19:52 - 2016-05-12 01:11 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2016-06-28 19:52 - 2016-05-12 01:01 - 00026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2016-06-28 19:52 - 2016-05-12 00:58 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-28 18:06 - 2016-07-12 17:53 - 00000000 ____D C:\Users\Dan Hunter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Navman Wireless
2016-06-28 18:03 - 2016-06-28 18:04 - 00013935 _____ C:\Users\Dan Hunter\Downloads\onlineavl2.application
2016-06-28 15:06 - 2016-07-12 17:53 - 00000000 ____D C:\Users\Dan Hunter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-28 14:52 - 2016-06-28 14:52 - 00002798 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-06-28 14:52 - 2016-06-28 14:52 - 00000793 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-06-28 14:49 - 2016-06-28 14:49 - 07992200 _____ (Piriform Ltd) C:\Users\Dan Hunter\Downloads\ccsetup519pro.exe
2016-06-26 03:35 - 2016-06-26 03:35 - 00000000 ____D C:\Users\Dan Hunter\AppData\Local\EnigmaDigital
2016-06-26 03:32 - 2016-06-28 13:06 - 00000000 ____D C:\Users\ER01ServiceUser
2016-06-26 03:32 - 2016-06-28 13:06 - 00000000 ____D C:\Program Files (x86)\Enigma Recovery
2016-06-26 03:32 - 2016-06-26 03:32 - 00000000 _SHDL C:\Users\ER01ServiceUser\My Documents
2016-06-26 03:32 - 2016-06-26 03:32 - 00000000 _SHDL C:\Users\ER01ServiceUser\Documents\My Videos
2016-06-26 03:32 - 2016-06-26 03:32 - 00000000 _SHDL C:\Users\ER01ServiceUser\Documents\My Pictures
2016-06-26 03:32 - 2016-06-26 03:32 - 00000000 _SHDL C:\Users\ER01ServiceUser\Documents\My Music
2016-06-26 03:32 - 2016-06-26 03:32 - 00000000 ____D C:\Users\inField\AppData\Local\EnigmaDigital
2016-06-26 03:32 - 2015-02-15 14:35 - 00000000 ____D C:\Users\ER01ServiceUser\AppData\Roaming\Sun
2016-06-26 03:32 - 2014-09-30 16:05 - 00000000 ____D C:\Users\ER01ServiceUser\AppData\Roaming\Adobe
2016-06-26 03:32 - 2014-09-30 16:05 - 00000000 ____D C:\Users\ER01ServiceUser\AppData\Local\Adobe
2016-06-26 03:32 - 2014-09-26 11:28 - 00000000 ____D C:\Users\ER01ServiceUser\AppData\Roaming\Macromedia
2016-06-26 03:32 - 2014-09-25 10:14 - 00000000 ____D C:\Users\ER01ServiceUser\AppData\Local\Microsoft Help
2016-06-26 03:32 - 2011-04-12 18:28 - 00000000 ____D C:\Users\ER01ServiceUser\AppData\Roaming\Media Center Programs
2016-06-26 01:29 - 2016-06-26 01:31 - 00000030 _____ C:\Users\Dan Hunter\Desktop\ACHDICT.txt.txt
2016-06-23 20:09 - 2016-06-23 20:09 - 00041543 _____ C:\Users\Dan Hunter\Documents\Copy of inField - NW GPS 2G RESIGN 2016.xlsx
2016-06-23 20:09 - 2016-06-23 20:09 - 00008484 _____ C:\Users\Dan Hunter\Desktop\CALCS.xlsx
2016-06-22 12:11 - 2016-06-23 20:29 - 00000000 ____D C:\Program Files (x86)\iPhone Backup Unlocker Standard
2016-06-22 12:11 - 2016-06-22 12:11 - 00001239 _____ C:\Users\inField\Desktop\iPhone Backup Unlocker Standard.lnk
2016-06-22 12:11 - 2016-06-22 12:11 - 00000000 ____D C:\Users\inField\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iPhone Backup Unlocker Standard
2016-06-22 12:10 - 2016-06-22 12:10 - 13175000 _____ C:\Users\Dan Hunter\Downloads\tenorshare-iphone-backup-unlocker-trial.exe
2016-06-21 18:53 - 2016-06-21 18:53 - 00000000 ____D C:\Users\Dan Hunter\Documents\CONTACTS GIVEN
2016-06-13 18:56 - 2016-06-13 18:56 - 00000101 _____ C:\Users\Dan Hunter\Desktop\NOTES 130616.txt
2016-06-13 18:37 - 2016-06-13 18:37 - 00002075 _____ C:\Users\Dan Hunter\Desktop\Dan's iPhone(1).lnk
2016-06-13 18:36 - 2016-06-13 18:36 - 00002075 _____ C:\Users\Dan Hunter\Desktop\Dan's iPhone.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-07-13 13:19 - 2014-10-03 09:16 - 00000000 ____D C:\Users\Dan Hunter\AppData\Roaming\Skype
2016-07-13 13:17 - 2015-02-05 15:31 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-07-13 12:52 - 2009-07-14 14:45 - 00020384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-07-13 12:52 - 2009-07-14 14:45 - 00020384 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-07-13 12:41 - 2015-06-04 11:46 - 00000688 _____ C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1638736776-1169130257-727643800-1001.job
2016-07-13 12:23 - 2015-02-15 10:51 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-13 11:56 - 2014-09-25 11:22 - 00000000 ____D C:\Users\inField\AppData\Local\ElevatedDiagnostics
2016-07-12 23:43 - 2015-11-21 16:54 - 00000000 ____D C:\Users\Dan Hunter\.oracle_jre_usage
2016-07-12 23:43 - 2014-09-25 10:05 - 00000000 ____D C:\ProgramData\Oracle
2016-07-12 23:42 - 2016-03-09 09:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-07-12 23:42 - 2014-09-24 16:51 - 00000000 ____D C:\Program Files (x86)\Java
2016-07-12 23:32 - 2016-03-02 10:50 - 00000982 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-07-12 23:32 - 2016-03-02 10:50 - 00000970 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-07-12 23:32 - 2014-09-29 20:05 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-07-12 23:26 - 2016-03-09 09:45 - 00097344 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-07-12 23:26 - 2015-11-21 16:53 - 00000000 ____D C:\Users\inField\.oracle_jre_usage
2016-07-12 22:52 - 2015-01-05 10:25 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-07-12 22:51 - 2016-05-06 12:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-07-12 22:50 - 2016-03-03 12:25 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-12 22:29 - 2016-02-15 19:11 - 00003894 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1450345803
2016-07-12 22:28 - 2009-07-14 15:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-12 22:28 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\inf
2016-07-12 22:17 - 2015-02-05 15:31 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-07-12 22:17 - 2014-09-26 07:05 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-07-12 22:17 - 2014-09-26 07:05 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-07-12 21:28 - 2014-09-26 07:05 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-07-12 21:28 - 2014-09-26 07:05 - 00000000 ____D C:\Windows\system32\Macromed
2016-07-12 18:43 - 2014-09-24 17:14 - 00000000 ____D C:\Users\Dan Hunter
2016-07-12 18:43 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\rescache
2016-07-12 18:04 - 2016-05-11 12:25 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-07-12 18:04 - 2014-10-06 21:16 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-07-12 18:03 - 2014-10-06 21:16 - 00473592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.146831065005302
2016-07-12 18:03 - 2014-10-06 21:16 - 00290088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-07-12 18:03 - 2014-10-06 21:16 - 00162904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-07-12 18:03 - 2014-10-06 21:16 - 00108304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-07-12 18:03 - 2014-10-06 21:16 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-07-12 18:03 - 2014-10-06 21:16 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-07-12 18:03 - 2014-09-24 17:42 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-07-12 18:02 - 2016-02-15 09:54 - 00572120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetSec.sys
2016-07-12 18:02 - 2014-10-06 21:16 - 01070904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-07-12 18:02 - 2014-10-06 21:16 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-07-12 17:58 - 2014-11-26 08:11 - 00001904 _____ C:\Users\Public\Desktop\Avast Internet Security.lnk
2016-07-12 17:53 - 2015-12-22 06:31 - 00000000 ____D C:\Program Files\CCleaner
2016-07-12 17:53 - 2015-12-06 11:19 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2016-07-12 17:53 - 2014-10-12 09:43 - 00000000 ____D C:\Users\Dan Hunter\AppData\Roaming\Dropbox
2016-07-12 17:53 - 2014-09-25 02:59 - 00000000 ____D C:\Users\Dan Hunter\AppData\Local\Microsoft Help
2016-07-12 17:53 - 2014-09-24 02:03 - 00000000 ____D C:\Users\inField
2016-07-12 17:53 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\registration
2016-07-12 17:53 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\AppCompat
2016-07-12 17:52 - 2015-11-29 12:49 - 00000000 ____D C:\Users\Dan Hunter\AppData\Local\Dropbox
2016-07-12 17:52 - 2014-09-25 02:12 - 00000000 __RHD C:\MSOCache
2016-07-12 13:36 - 2014-09-25 13:15 - 00000000 ____D C:\Users\Dan Hunter\AppData\Local\Deployment
2016-06-30 14:59 - 2015-09-17 12:11 - 00000000 ____D C:\.oracle_jre_usage
2016-06-30 13:54 - 2015-11-29 12:49 - 00000886 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1638736776-1169130257-727643800-1001Core.job
2016-06-29 08:40 - 2016-03-12 18:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-06-29 08:40 - 2015-11-17 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-06-29 08:40 - 2015-09-24 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iBrowse
2016-06-29 08:40 - 2015-04-23 13:56 - 00000000 ____D C:\Users\Dan Hunter\AppData\LocalLow\Temp
2016-06-29 08:40 - 2015-01-05 09:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirParrot 2
2016-06-29 08:40 - 2014-12-19 09:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CutePDF
2016-06-29 08:40 - 2014-11-26 08:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-06-29 08:40 - 2014-10-28 13:09 - 00000000 ____D C:\Users\Dan Hunter\AppData\LocalLow\WebEx
2016-06-29 08:40 - 2014-10-28 13:09 - 00000000 ____D C:\ProgramData\WebEx
2016-06-29 08:40 - 2014-10-18 20:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-06-29 08:40 - 2014-09-25 02:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-06-29 08:40 - 2014-09-24 17:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-29 08:40 - 2014-09-24 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA DVD PLAYER
2016-06-29 08:40 - 2014-09-24 16:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Infineon Security Platform Solution
2016-06-29 08:40 - 2014-09-24 16:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2016-06-29 08:40 - 2014-09-24 15:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2016-06-29 08:40 - 2014-09-24 15:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-06-29 08:40 - 2009-07-14 15:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-06-29 08:40 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\servicing
2016-06-29 08:40 - 2009-07-14 13:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-06-29 08:38 - 2015-10-18 19:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie
2016-06-29 00:34 - 2009-07-14 14:45 - 00364184 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-29 00:25 - 2014-09-25 00:16 - 00000000 ____D C:\Windows\system32\MRT
2016-06-29 00:21 - 2014-09-25 08:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-29 00:21 - 2014-09-25 00:16 - 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-29 00:20 - 2014-09-25 08:58 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-29 00:20 - 2014-09-25 08:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-29 00:01 - 2009-07-14 15:13 - 00786248 _____ C:\Windows\system32\PerfStringBackup.INI
2016-06-28 23:35 - 2015-12-22 07:05 - 00000000 ____D C:\Users\inField\Downloads\CC Backup DEC 15
2016-06-28 21:33 - 2009-07-14 13:20 - 00000000 ____D C:\Windows\system32\NDF
2016-06-28 17:54 - 2015-11-29 12:49 - 00000938 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1638736776-1169130257-727643800-1001UA.job
2016-06-28 17:54 - 2015-02-15 10:51 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-28 17:54 - 2014-10-06 10:37 - 00000592 _____ C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1638736776-1169130257-727643800-1001.job
2016-06-28 16:22 - 2014-12-01 10:01 - 00000000 ____D C:\Users\Dan Hunter\AppData\Roaming\TeamViewer
2016-06-28 16:22 - 2014-11-14 19:37 - 00000000 ____D C:\Users\Dan Hunter\AppData\Roaming\uTorrent
2016-06-28 15:20 - 2015-11-29 12:49 - 00003930 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1638736776-1169130257-727643800-1001UA
2016-06-28 15:20 - 2015-02-15 10:51 - 00003906 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-06-28 15:20 - 2014-10-06 10:37 - 00003634 _____ C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-1638736776-1169130257-727643800-1001
2016-06-28 14:52 - 2015-12-22 06:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-06-28 14:45 - 2015-11-29 12:48 - 00000000 ____D C:\Users\Dan Hunter\AppData\Local\Eye-Fi
2016-06-23 21:47 - 2014-09-25 03:15 - 00000000 ____D C:\Users\Dan Hunter\Documents\inField Solutions
2016-06-22 11:32 - 2016-01-10 14:38 - 04576240 _____ (iMobie Inc. ) C:\Users\Dan Hunter\Downloads\phonerescue-64-setup.exe
2016-06-22 09:42 - 2015-12-22 14:06 - 00089232 _____ C:\Users\inField\AppData\Local\GDIPFONTCACHEV1.DAT
2016-06-22 09:29 - 2015-07-14 18:37 - 00000000 ____D C:\Users\Dan Hunter\ACH Phn
2016-06-22 09:27 - 2014-11-10 09:38 - 00000000 ___RD C:\Users\Dan Hunter\Dropbox
2016-06-18 08:26 - 2015-02-15 10:52 - 00002206 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-18 08:26 - 2015-02-15 10:52 - 00002194 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-16 18:24 - 2015-06-04 11:46 - 00003728 _____ C:\Windows\System32\Tasks\G2MUploadTask-S-1-5-21-1638736776-1169130257-727643800-1001
2016-06-13 18:57 - 2014-09-26 01:40 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-13 13:26 - 2015-12-22 11:08 - 00089232 _____ C:\Users\Dan Hunter\AppData\Local\GDIPFONTCACHEV1.DAT
==================== Files in the root of some directories =======
2016-01-13 18:33 - 2016-01-13 18:33 - 0007600 _____ () C:\Users\inField\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-07-08 00:22
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-07-2016 01
Ran by inField (2016-07-13 13:22:58)
Running from C:\Users\Dan Hunter\Desktop
Windows 7 Professional Service Pack 1 (X64) (2014-09-23 16:03:34)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1638736776-1169130257-727643800-500 - Administrator - Disabled)
Dan Hunter (S-1-5-21-1638736776-1169130257-727643800-1001 - Limited - Enabled) => C:\Users\Dan Hunter
Guest (S-1-5-21-1638736776-1169130257-727643800-501 - Limited - Disabled)
inField (S-1-5-21-1638736776-1169130257-727643800-1000 - Administrator - Enabled) => C:\Users\inField
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-1638736776-1169130257-727643800-1000\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.)
7-Zip 16.02 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1602-000001000000}) (Version: 16.02.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20050 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe PDF iFilter 11 for 64-bit platforms (HKLM\...\{BA5C0CC3-421B-4AE5-9370-1650D1941F30}) (Version: 11.0.00 - Adobe)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
AirParrot 2 (HKLM\...\{AF6C8758-DA16-4CF2-9213-A6C902ABF869}) (Version: 2.1.0.0 - Squirrels)
AirPort (HKLM-x32\...\{AA68AAAE-41F0-40B5-8896-5947F5FD6889}) (Version: 5.6.1.2 - Apple Inc.)
AnyTrans 4.7.3 (HKLM-x32\...\{E580ED1F-AAF8-4F7E-B174-54BFA2B94E0B}}_is1) (Version: 4.7.3 - iMobie Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 12.1.2272 - AVAST Software)
Bluetooth Monitor 4 (HKLM-x32\...\{61539202-097E-487E-9237-B291AB56D54C}) (Version: 4.05.000 - TOSHIBA)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v7.10.14(T) - TOSHIBA CORPORATION)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
Cisco WebEx Meetings (HKU\S-1-5-21-1638736776-1169130257-727643800-1001\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{75B8A55E-0762-4676-AAC0-6FDF025B034B}) (Version: 1.0.220 - Citrix)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - Acro Software Inc.)
Dropbox (HKU\S-1-5-21-1638736776-1169130257-727643800-1001\...\Dropbox) (Version: 5.4.24 - Dropbox, Inc.)
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
Eye-Fi Center 3.4 (HKLM-x32\...\{7764F7B0-7225-4145-82B6-2AB4540D33A6}) (Version: 3.4.26 - Eye-Fi, Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GoToMeeting 7.19.0.5102 (HKU\S-1-5-21-1638736776-1169130257-727643800-1001\...\GoToMeeting) (Version: 7.19.0.5102 - CitrixOnline)
iBrowse (HKLM-x32\...\{14C974E9-D841-4961-8AC6-7049E75878FE}_is1) (Version: - Macroplant LLC)
Infineon TPM Professional Package (HKLM\...\{9B4E579F-14EB-4CC0-B74F-42B196A013C8}) (Version: 3.6.000 - Infineon Technologies AG)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 14.8 - Intel)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{D75AEB5B-FA18-4BD4-9EED-54CA46DB5AE8}) (Version: 13.04.0000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.1.1001 - Intel Corporation)
iPhone Backup Unlocker Standard (HKLM-x32\...\iPhone Backup Unlocker Standard) (Version: - Tenorshare, Inc.)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Mozilla Firefox 47.0.1 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 47.0.1 (x86 en-GB)) (Version: 47.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.20.1 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.20.1 - NEC Electronics Corporation) Hidden
OnlineAVL 2 (HKU\S-1-5-21-1638736776-1169130257-727643800-1001\...\0743ecfd88b016b6) (Version: 16.1.1604.2720 - Navman Wireless)
PhoneRescue 2.0.0 (HKLM-x32\...\{2FAFFE02-4D6B-4C0A-906B-1B33DAF0DD14}}_is1) (Version: 2.0.0 - iMobie Inc.)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.00.000 - Prolific Technology INC)
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6083 - Realtek Semiconductor Corp.)
RICOH R5U230 Media Driver ver.2.08.03.04 (HKLM-x32\...\{022CBB38-CEF0-42BA-906A-A49BEFAE0BEE}) (Version: 2.08.03.04 - RICOH)
SafeZone Stable 1.48.2066.114 (x32 Version: 1.48.2066.114 - Avast Software) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.23 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.23.105 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.12.0 - Synaptics Incorporated)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.62308 - TeamViewer)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.00.00 - TOSHIBA CORPORATION)
TOSHIBA ConfigFree (HKLM-x32\...\{B73A66DB-7804-46EC-9A2F-BD534FDB6AD5}) (Version: 8.0.30 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA DVD PLAYER (HKLM-x32\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.01.2.12-A - TOSHIBA Corporation)
TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.2.0.4 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.7.64 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.7.7 - TOSHIBA CORPORATION)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.6.2.64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}) (Version: 1.6.06.64 - TOSHIBA Corporation)
TOSHIBA Security Assist (HKLM-x32\...\{1E63ACB5-D45E-4856-8FC9-78F4B0D7BB80}) (Version: 2.0.8 - TOSHIBA)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.9 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.1.2 - TOSHIBA Corporation)
TOSHIBA Sync Utility (HKLM-x32\...\{CCF62642-ECB1-4D2B-80C0-3FD3286AEAED}) (Version: 2.0.0.0 - TOSHIBA Corporation)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.4.1.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.2.13 - TOSHIBA Corporation)
TOSHIBA Wireless Manager (HKLM-x32\...\{6A631D31-1FD6-46B5-9337-3485C3CBB002}) (Version: 6.5.0.4 - TOSHIBA Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Windows 7 Upgrade Advisor (HKLM-x32\...\{AB05F2C8-F608-403b-95E1-FD8ADFACD31E}) (Version: 2.0.5000.0 - Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1638736776-1169130257-727643800-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Dan Hunter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1638736776-1169130257-727643800-1000_Classes\CLSID\{45C6AFA5-2C13-402f-BC5D-45CC8172EF6B}\InprocServer32 -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtExt.dll (TOSHIBA)
CustomCLSID: HKU\S-1-5-21-1638736776-1169130257-727643800-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Dan Hunter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1638736776-1169130257-727643800-1001_Classes\CLSID\{45C6AFA5-2C13-402f-BC5D-45CC8172EF6B}\InprocServer32 -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtExt.dll (TOSHIBA)
CustomCLSID: HKU\S-1-5-21-1638736776-1169130257-727643800-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Dan Hunter\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1638736776-1169130257-727643800-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dan Hunter\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1638736776-1169130257-727643800-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dan Hunter\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1638736776-1169130257-727643800-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dan Hunter\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1638736776-1169130257-727643800-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dan Hunter\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1638736776-1169130257-727643800-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dan Hunter\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1638736776-1169130257-727643800-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dan Hunter\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1638736776-1169130257-727643800-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dan Hunter\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1638736776-1169130257-727643800-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dan Hunter\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1638736776-1169130257-727643800-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Dan Hunter\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0DB0C5EB-9CDC-4C69-9589-3B8B2FDD9844} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {1ACA535F-8761-40FA-BE73-5B4AC7D22FFD} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-03] (AVAST Software)
Task: {2A9E7C0B-4C6B-4E35-9C1E-FADE18FB3F75} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\AvastB\AvastEmUpdate.exe [2016-07-12] (AVAST Software)
Task: {3784CD2C-EB87-4E46-97F9-0B8598B0F52D} - System32\Tasks\AdobeAAMUpdater-1.0-inField-dh-Dan Hunter => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {466CB20A-3123-4810-B195-39EC6EB1B6B6} - System32\Tasks\G2MUploadTask-S-1-5-21-1638736776-1169130257-727643800-1001 => C:\Users\Dan Hunter\AppData\Local\Citrix\GoToMeeting\5102\g2mupload.exe [2016-06-16] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {470FEFED-50CB-435F-A9B2-E17C4FF8950C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-15] (Piriform Ltd)
Task: {6B08E391-DEDD-4675-8F35-2F36D5F9BA19} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [2016-07-12] (Adobe Systems Incorporated)
Task: {7015ECB2-B920-4E80-9DF3-F6F30364CBC2} - System32\Tasks\{EF025BE8-3537-415D-875C-EA3AB85647A2} => Iexplore.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&ver=6.14.0.104&LastError=404
Task: {7123961C-D3DA-4C4B-8697-8CADD3793E1F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {75330982-6CF5-42A0-B0CD-717A85FDFE7B} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-05-06] (TOSHIBA CORPORATION)
Task: {876415CA-3178-4C4C-92C0-02624C5BF9A6} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1638736776-1169130257-727643800-1001UA => C:\Users\Dan Hunter\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-11-29] (Dropbox, Inc.)
Task: {AE144C30-3049-4FE2-9197-C34819EC6D47} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-15] (Google Inc.)
Task: {B3223C59-7B5F-435F-8605-D3CDE8AA9F20} - System32\Tasks\{94677E53-B392-4D93-9082-AD1394D1D1DA} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.8.0.102/en/abandoninstall?page=tsProgressBar
Task: {B8EDA0D9-7EF2-4579-AEA7-4B182E1D6FC5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {CB3C0755-2788-4DA8-97EA-893752631B0F} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1638736776-1169130257-727643800-1001Core => C:\Users\Dan Hunter\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-11-29] (Dropbox, Inc.)
Task: {DE8EEC71-F328-49B6-AB36-1DC66E90D871} - System32\Tasks\SafeZone scheduled Autoupdate 1450345803 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-06-17] (Avast Software)
Task: {F3048BFF-E63C-4337-92CC-4960D6FF185E} - System32\Tasks\G2MUpdateTask-S-1-5-21-1638736776-1169130257-727643800-1001 => C:\Users\Dan Hunter\AppData\Local\Citrix\GoToMeeting\5102\g2mupdate.exe [2016-06-16] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {F5A252C4-9518-4709-A6FA-5E95FA8B0BC5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-15] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1638736776-1169130257-727643800-1001Core.job => C:\Users\Dan Hunter\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1638736776-1169130257-727643800-1001UA.job => C:\Users\Dan Hunter\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1638736776-1169130257-727643800-1001.job => C:\Users\Dan Hunter\AppData\Local\Citrix\GoToMeeting\5102\g2mupdate.exe
Task: C:\Windows\Tasks\G2MUploadTask-S-1-5-21-1638736776-1169130257-727643800-1001.job => C:\Users\Dan Hunter\AppData\Local\Citrix\GoToMeeting\5102\g2mupload.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2010-10-19 13:39 - 2010-10-19 13:39 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2014-12-19 09:11 - 2013-10-23 13:24 - 00087600 _____ () C:\Windows\System32\cpwmon64.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-01-07 02:41 - 2016-01-07 02:41 - 00062168 _____ () C:\Program Files\CCleaner\branding.dll
2016-07-12 18:03 - 2016-07-12 18:03 - 00146232 _____ () C:\Program Files\AVAST Software\AvastB\JsonRpcServer.dll
2016-07-12 18:03 - 2016-07-12 18:03 - 02999808 _____ () C:\Program Files\AVAST Software\AvastB\defs\16071200\algo.dll
2016-07-12 18:03 - 2016-07-12 18:03 - 00479288 _____ () C:\Program Files\AVAST Software\AvastB\ffl2.dll
2016-07-13 11:51 - 2016-07-13 11:51 - 03000320 _____ () C:\Program Files\AVAST Software\AvastB\defs\16071202\algo.dll
2016-07-12 18:03 - 2016-07-12 18:03 - 48936448 _____ () C:\Program Files\AVAST Software\AvastB\libcef.dll
2015-11-11 02:41 - 2015-11-11 02:41 - 00756376 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 12:34 - 2009-06-11 07:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1638736776-1169130257-727643800-1000\Control Panel\Desktop\\Wallpaper ->
HKU\S-1-5-21-1638736776-1169130257-727643800-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk => C:\Windows\pss\Bluetooth Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Monitor.lnk => C:\Windows\pss\Bluetooth Monitor.lnk.CommonStartup
MSCONFIG\startupreg: Eye-Fi => "C:\Program Files (x86)\Eye-Fi\Helper\EyeFiHelper.exe"
MSCONFIG\startupreg: HSON => %ProgramFiles%\TOSHIBA\TBS\HSON.exe
MSCONFIG\startupreg: IFXSPMGT => "C:\Program Files (x86)\Infineon\Security Platform Software\ifxspmgt.exe" /NotifyLogon
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: IntelWireless => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
MSCONFIG\startupreg: ITSecMng => %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: TCrdMain => %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
MSCONFIG\startupreg: ThpSrv => C:\Windows\system32\thpsrv /logon
MSCONFIG\startupreg: TOSDCR => %ProgramFiles%\TOSHIBA\PasswordUtility\TOSDCR.exe
MSCONFIG\startupreg: ToshibaServiceStation => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
MSCONFIG\startupreg: TosReelTimeMonitor => %ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
MSCONFIG\startupreg: TosSENotify => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
MSCONFIG\startupreg: TosWaitSrv => %ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe
MSCONFIG\startupreg: TPwrMain => %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
MSCONFIG\startupreg: TSleepSrv => %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
MSCONFIG\startupreg: TSUScheduler => %ProgramFiles(x86)%\TOSHIBA\Sync Utility\TosSyncScheduler.exe
MSCONFIG\startupreg: TWebCamera => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{1E84777E-116A-4CFB-A01D-C629DD990C68}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7A48D026-7343-4D50-9132-281D20F34870}] => (Allow) C:\Program Files (x86)\AirPort\APAgent.exe
FirewallRules: [{7181E1A4-DDFE-4E85-9EE8-DB926F175242}] => (Allow) C:\Users\Dan Hunter\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{3A2B0F2C-4D50-41A7-ACE0-FEB274CA752F}] => (Allow) C:\Users\Dan Hunter\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{862D1B20-AC0D-4D10-B188-C93F37BC0DC0}] => (Allow) C:\Users\Dan Hunter\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2AD59528-188E-44F0-8E36-0674A09656B7}] => (Allow) C:\Users\Dan Hunter\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{24B21DA1-7997-449D-8143-7905ADD4198A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B7C640F0-D29D-46D5-9527-FD9B6B4BED56}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{4C7782D6-4068-4D51-8632-49892FA0BD4B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{E151CCC8-089D-4361-9CB1-DB729A7A050D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{CED84C82-D1DD-4735-A2CC-ECDA80EE9D28}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{2EB3A857-E438-40FE-9B90-F44A7D8BBAB5}C:\program files (x86)\airport\aputil.exe] => (Allow) C:\program files (x86)\airport\aputil.exe
FirewallRules: [UDP Query User{8FA5AF69-3636-4B61-8EDD-F293894E734C}C:\program files (x86)\airport\aputil.exe] => (Allow) C:\program files (x86)\airport\aputil.exe
FirewallRules: [TCP Query User{C84BDCD6-B50D-418C-BCC8-9559A92897A1}C:\users\dan hunter\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\dan hunter\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{9657A0AB-7DD5-43F0-9F7A-B72F37608B9C}C:\users\dan hunter\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\dan hunter\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{76B76D78-A2CB-489D-9D5C-3C279C59F146}C:\program files (x86)\airport\aputil.exe] => (Allow) C:\program files (x86)\airport\aputil.exe
FirewallRules: [UDP Query User{883B64A2-7F76-48B6-ABB8-24A82F842CA5}C:\program files (x86)\airport\aputil.exe] => (Allow) C:\program files (x86)\airport\aputil.exe
FirewallRules: [{AD60115A-5D89-4E73-AB36-95E141B6A0F5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6E218CAF-CC31-4699-8E53-BFD288F234BB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5AD7F9F4-D57D-4307-A579-40099BC98401}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{04AF147E-F3D9-4731-876E-F25D6A9D0028}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A707A3DB-BA21-45E4-9458-ADE2800DAD93}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{64E592C2-07AB-4A41-958A-9B22B6A8B509}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{728E5829-1F25-4C36-94BC-95928ED98F16}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{879EBD44-B5C7-4547-B954-4B22EF6521A8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1392299B-AE96-4F78-B2D8-04EB60D092DA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3FF239B5-231C-4144-A653-4AAE1AE914CE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{395FFD1B-F9EE-40DD-B470-F57E208A42F3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{EEEE04C7-1FAC-4AB7-8C51-2BBEC504D7B1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{95085698-ACE3-4120-A2F9-7CD1725FFDCB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{CF6ECA67-FE13-4663-B5C2-242555C10BB6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5D4DBD03-2D25-412D-BF85-80A82C2AFEA0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{562591C1-3CAF-4C17-A776-DC0D04865E49}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Restore Points =========================
12-07-2016 22:25:35 Device Driver Package Install: TAP-Windows Provider V9 Network adapters
13-07-2016 12:03:31 Windows Update
==================== Faulty Device Manager Devices =============
Name: Fingerprint Sensor
Description: Fingerprint Sensor
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: F3607gw
Description: F3607gw
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/12/2016 10:28:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/12/2016 05:55:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/12/2016 03:14:17 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/12/2016 06:43:40 AM) (Source: MsiInstaller) (EventID: 11719) (User: )
Description: Product: Skype™ 7.25 -- Error 1719. The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.
Error: (07/12/2016 06:43:22 AM) (Source: MsiInstaller) (EventID: 1041) (User: NT AUTHORITY)
Description: Failed to begin a Windows Installer transaction ASU_MSI_TRAN. Error 1603 occurred while beginning the transaction.
Error: (07/12/2016 06:20:00 AM) (Source: MsiInstaller) (EventID: 11719) (User: )
Description: Product: Skype™ 7.25 -- Error 1719. The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.
Error: (07/12/2016 06:19:25 AM) (Source: MsiInstaller) (EventID: 1041) (User: NT AUTHORITY)
Description: Failed to begin a Windows Installer transaction ASU_MSI_TRAN. Error 1603 occurred while beginning the transaction.
Error: (07/11/2016 10:26:59 PM) (Source: MsiInstaller) (EventID: 11719) (User: )
Description: Product: Skype™ 7.25 -- Error 1719. The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.
Error: (07/11/2016 10:26:46 PM) (Source: MsiInstaller) (EventID: 1041) (User: NT AUTHORITY)
Description: Failed to begin a Windows Installer transaction ASU_MSI_TRAN. Error 1603 occurred while beginning the transaction.
Error: (07/11/2016 10:18:49 PM) (Source: MsiInstaller) (EventID: 11719) (User: )
Description: Product: Skype™ 7.25 -- Error 1719. The Windows Installer Service could not be accessed. This can occur if you are running Windows in safe mode, or if the Windows Installer is not correctly installed. Contact your support personnel for assistance.
System errors:
=============
Error: (07/12/2016 10:49:10 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 10. The internal error state is 10.
Error: (07/12/2016 10:28:33 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VBoxAsw Support Driver service failed to start due to the following error:
%%3 = The system cannot find the path specified.
Error: (07/12/2016 10:27:11 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.
Error: (07/12/2016 10:26:29 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (07/12/2016 05:55:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VBoxAsw Support Driver service failed to start due to the following error:
%%3 = The system cannot find the path specified.
Error: (07/12/2016 05:55:05 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Firewall service terminated with service-specific error %%5 = Access is denied.
.
Error: (07/12/2016 05:38:35 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}
Error: (07/12/2016 05:34:36 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {49BD2028-1523-11D1-AD79-00C04FD8FDFF}
Error: (07/12/2016 03:14:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The VBoxAsw Support Driver service failed to start due to the following error:
%%3 = The system cannot find the path specified.
Error: (07/10/2016 11:30:06 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.
CodeIntegrity:
===================================
Date: 2016-07-12 22:27:57.786
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-07-12 22:27:57.552
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core™ i5 CPU M 560 @ 2.67GHz
Percentage of memory in use: 42%
Total physical RAM: 7920.43 MB
Available physical RAM: 4585.38 MB
Total Virtual: 15839.04 MB
Available Virtual: 11790.19 MB
==================== Drives ================================
Drive c: (S3A9917D006) (Fixed) (Total:286.7 GB) (Free:150.88 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 1153BD88)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=286.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=9.9 GB) - (Type=17)
==================== End of Addition.txt ============================
Cheers
downtrou
![Possible Malware infection - help request [Solved] - last post by DR M](https://www.geekstogo.com/forum/uploads/profile/photo-418842.gif?_r=1578338641)
Sign In
Create Account
