Sorry here are the new scans with the Internet Lan option unchecked.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-06-2017 01
Ran by Daniel (administrator) on DANIEL-PC (16-06-2017 14:28:55)
Running from C:\Users\Daniel\AppData\Local\Microsoft\Windows\INetCache\IE\UIOH6R5P
Loaded Profiles: Daniel (Available Profiles: Daniel & Daniel_2 & Cheryl & DefaultAppPool)
Platform: Windows 10 Home Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Windows\mHotkey.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avpui.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Chicony) C:\Windows\ChiFuncExt.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
(Creative) C:\Windows\CNYHKey.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Chicony) C:\Windows\ModLEDKey.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\Daniel\AppData\Local\Microsoft\Windows\INetCache\IE\UIOH6R5P\FRST64 (2).exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7981088 2009-07-20] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-07-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-27] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [nmctxth] => C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe [647216 2009-07-07] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [nmapp] => C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe [472112 2009-07-08] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [LchDrvKey] => C:\WINDOWS\LchDrvKey.exe [36864 2007-03-28] ()
HKLM-x32\...\Run: [LedKey] => C:\WINDOWS\CNYHKey.exe [339968 2008-04-23] (Creative)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67896 2017-05-09] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4127488 2015-06-16] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1459875843-3859104557-3610610433-1000\...\Run: [ISUSPM] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [205480 2007-08-30] (Macrovision Corporation)
HKU\S-1-5-21-1459875843-3859104557-3610610433-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [572416 2017-03-03] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel_2\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll -> No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel_2\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll -> No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel_2\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll -> No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Daniel_2\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => -> No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => -> No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2016-07-29]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Cheryl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-06-02]
ShortcutTarget: Dropbox.lnk -> C:\Users\Daniel\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
Startup: C:\Users\Daniel_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-03-27]
ShortcutTarget: Dropbox.lnk -> C:\Users\Daniel\AppData\Roaming\Dropbox\OldBinaries\bin_qw0zby\bin\Dropbox.exe (No File)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{aeac262f-8c32-4555-b2ac-17f41d8c5fea}: [DhcpNameServer] 68.105.28.11 68.105.29.11 68.105.28.12
Tcpip\..\Interfaces\{cfbeb970-56f7-4545-84e6-812b68fdfd2f}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-04-21] (AO Kaspersky Lab)
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-11] (Google Inc.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2017-04-21] (AO Kaspersky Lab)
BHO-x32: No Name -> {53707962-6F74-2D53-2644-206D7942484F} -> No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-11] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-05-11] (Google Inc.)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-04-21] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-05-11] (Google Inc.)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\IEExt\ie_plugin.dll [2017-04-21] (AO Kaspersky Lab)
DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: HKLM-x32 {A5A76EA0-7B92-4707-9DBF-6F6FE56A6800} hxxp://nmreports.linksys.com/nmscan/download/WebDiag.4.5.8056.1-ship-WD.V1.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll [2009-07-14] (Cisco Systems, Inc.)
Handler-x32: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll [2009-07-14] (Cisco Systems, Inc.)
FireFox:
========
FF Extension: (Kaspersky URL Advisor) - C:\Program Files (x86)\Mozilla Firefox\extensions\
[email protected] [2012-02-21] [not signed]
FF Extension: (Java Console) - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} [2012-02-21] [not signed]
FF HKLM\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-04-21]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_126.dll [2017-06-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_126.dll [2017-06-14] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-12-03] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @nosltd.com/getPlus+®,version=1.6.2.103 -> C:\Program Files (x86)\NOS\bin\np_gp.dll [2011-05-25] (NOS Microsystems Ltd.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-03-28] (Adobe Systems Inc.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
StartMenuInternet: Google Chrome - C:\Users\Daniel_2\AppData\Local\Google\Chrome\Application\chrome.exe
StartMenuInternet: Google Chrome.Cheryl - C:\Users\Cheryl\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29760 2016-07-04] (HP Inc.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 nosGetPlusHelper; C:\Program Files (x86)\NOS\bin\getPlus_Helper_3004.dll [53248 2011-05-25] (NOS Microsystems Ltd.)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1750712 2015-06-16] (Safer-Networking Ltd.) [File not signed]
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.) [File not signed]
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [224712 2015-07-24] (Safer-Networking Ltd.) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-27] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
R0 CSCrySec; C:\WINDOWS\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
R1 CSVirtualDiskDrv; C:\WINDOWS\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77376 2017-05-25] ()
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [197336 2017-04-21] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [520176 2017-04-21] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [168736 2017-06-15] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1018592 2017-04-21] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2017-04-21] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [229288 2017-04-29] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-04-21] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [251656 2017-04-29] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [112912 2017-04-29] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [173144 2017-04-29] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-04-21] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-04-21] (AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [188312 2017-06-15] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-06-15] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [44960 2017-06-15] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [252832 2017-06-15] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93600 2017-06-16] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
S3 RimVSerPort; C:\WINDOWS\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-16 10:16 - 2017-06-16 14:28 - 00000000 ____D C:\FRST
2017-06-16 10:10 - 2017-06-16 10:11 - 02438656 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe
2017-06-16 10:07 - 2017-06-16 10:07 - 00000000 ____D C:\Users\Daniel\AppData\Local\Comms
2017-06-16 10:02 - 2017-06-16 10:02 - 00000000 ____D C:\Users\Daniel\AppData\Local\MicrosoftEdge
2017-06-16 10:00 - 2017-06-16 10:00 - 00000000 ____D C:\WINDOWS\Panther
2017-06-16 09:49 - 2017-06-16 09:49 - 00002409 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-16 09:49 - 2017-06-16 09:49 - 00000000 ___RD C:\Users\Daniel\OneDrive
2017-06-16 09:46 - 2017-06-16 10:31 - 00000000 ____D C:\Users\Daniel\AppData\Local\Packages
2017-06-16 09:46 - 2017-06-16 09:46 - 00000000 ____D C:\Users\Daniel\AppData\Local\Publishers
2017-06-16 09:45 - 2017-06-16 13:25 - 00000000 ____D C:\Users\Daniel\AppData\Local\ConnectedDevicesPlatform
2017-06-16 09:45 - 2017-06-16 09:45 - 00000000 ____D C:\Users\Daniel\AppData\Local\TileDataLayer
2017-06-15 21:39 - 2015-02-25 14:31 - 00450713 ____R C:\WINDOWS\system32\Drivers\etc\hosts.20170615-213957.backup
2017-06-15 21:34 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2017-06-15 19:54 - 2017-06-16 10:37 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-06-15 19:54 - 2017-06-16 10:31 - 00001464 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2017-06-15 19:54 - 2017-06-16 10:31 - 00001452 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2017-06-15 19:54 - 2017-06-16 10:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2017-06-15 19:54 - 2017-06-15 19:54 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-06-15 19:54 - 2015-06-16 17:32 - 00020760 _____ (Safer-Networking Ltd.) C:\WINDOWS\system32\sdnclean64.exe
2017-06-15 19:52 - 2017-06-15 19:53 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Daniel_2\Downloads\spybot-2.4.exe
2017-06-15 19:27 - 2017-06-16 10:04 - 00093600 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-06-15 19:27 - 2017-06-15 21:18 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-06-15 19:27 - 2017-06-15 21:18 - 00044960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-06-15 19:27 - 2017-06-15 21:17 - 00252832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-06-15 19:27 - 2017-06-15 19:27 - 00188312 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-06-15 19:26 - 2017-06-15 19:26 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-06-15 19:26 - 2017-06-15 19:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-06-15 19:26 - 2017-06-15 19:26 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-06-15 19:26 - 2017-06-15 19:26 - 00000000 ____D C:\Program Files\Malwarebytes
2017-06-15 19:26 - 2017-05-25 11:58 - 00077376 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-06-15 19:23 - 2017-06-15 19:23 - 04577221 _____ C:\Users\Daniel_2\Desktop\GSI6_DANIEL-PC_Daniel_06_15_2017_19_12_58.zip
2017-06-15 19:23 - 2017-06-15 19:23 - 00000000 ____D C:\ProgramData\s6vs
2017-06-15 19:18 - 2017-06-15 19:18 - 00000000 ____D C:\ProgramData\s70
2017-06-15 19:18 - 2017-06-15 19:18 - 00000000 ____D C:\ProgramData\s6ts
2017-06-15 19:12 - 2017-06-15 19:12 - 00000000 ____D C:\ProgramData\s95c
2017-06-15 19:12 - 2017-06-15 19:12 - 00000000 ____D C:\ProgramData\s90c
2017-06-15 19:12 - 2017-06-15 19:12 - 00000000 ____D C:\ProgramData\s46c
2017-06-15 19:01 - 2017-06-15 19:01 - 04560291 _____ C:\Users\Daniel\Desktop\GSI6_DANIEL-PC_Daniel_06_15_2017_18_52_42.zip
2017-06-15 19:01 - 2017-06-15 19:01 - 00000000 ____D C:\ProgramData\s8e4
2017-06-15 18:55 - 2017-06-15 18:55 - 00000000 ____D C:\ProgramData\s92s
2017-06-15 18:55 - 2017-06-15 18:55 - 00000000 ____D C:\ProgramData\s7t4
2017-06-15 18:52 - 2017-06-15 18:52 - 00000000 ____D C:\ProgramData\s6pk
2017-06-15 18:52 - 2017-06-15 18:52 - 00000000 ____D C:\ProgramData\s3v0
2017-06-15 18:52 - 2017-06-15 18:52 - 00000000 ____D C:\ProgramData\s1no
2017-06-15 18:50 - 2017-06-15 18:50 - 00000000 ____D C:\ProgramData\s6vk
2017-06-15 18:50 - 2017-06-15 18:50 - 00000000 ____D C:\ProgramData\s5rs
2017-06-15 18:50 - 2017-06-15 18:50 - 00000000 ____D C:\ProgramData\s1is
2017-06-15 18:45 - 2017-06-15 18:45 - 10414157 _____ C:\Users\Daniel_2\Downloads\GetSystemInfo6.2 (2).zip
2017-06-15 18:44 - 2017-06-15 18:45 - 10414157 _____ C:\Users\Daniel_2\Downloads\GetSystemInfo6.2 (1).zip
2017-06-15 16:54 - 2017-06-15 16:55 - 64232976 _____ (Malwarebytes ) C:\Users\Daniel_2\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.141-1.0.2092 (1).exe
2017-06-15 16:25 - 2017-06-15 16:28 - 138831128 _____ (Microsoft Corporation) C:\Users\Daniel_2\Downloads\msert (1).exe
2017-06-15 16:08 - 2017-04-21 14:53 - 00029376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2017-06-15 16:08 - 2017-04-21 14:53 - 00018600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr100_clr0400.dll
2017-06-15 16:08 - 2017-04-21 14:50 - 00030912 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2017-06-15 16:08 - 2017-04-21 14:50 - 00018592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr100_clr0400.dll
2017-06-15 16:08 - 2017-04-11 11:27 - 00993632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2017-06-15 16:08 - 2017-04-11 11:27 - 00690008 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2017-06-15 16:08 - 2017-03-15 11:15 - 00987840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2017-06-15 16:08 - 2017-03-15 11:15 - 00485576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2017-06-15 13:16 - 2017-06-15 13:16 - 00000468 _____ C:\Users\Daniel_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\mpam-fex64.lnk
2017-06-15 12:20 - 2017-06-15 12:21 - 00892944 _____ (Microsoft Corporation) C:\Users\Daniel_2\Downloads\mssstool64 (2).exe
2017-06-15 12:06 - 2017-06-15 12:06 - 00892944 _____ (Microsoft Corporation) C:\Users\Daniel_2\Downloads\mssstool64 (1).exe
2017-06-15 12:05 - 2017-06-15 12:05 - 00892944 _____ (Microsoft Corporation) C:\Users\Daniel_2\Downloads\mssstool64.exe
2017-06-15 10:51 - 2017-06-16 14:17 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B53B559B-0217-4370-8E56-2C2F05E20BEF}
2017-06-15 10:15 - 2017-06-15 21:33 - 00003240 _____ C:\WINDOWS\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2017-06-15 10:03 - 2017-06-15 10:03 - 00000000 ____D C:\Users\Daniel_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-06-15 09:56 - 2017-06-15 09:56 - 00000000 ___SD C:\WINDOWS\UpdateAssistantV2
2017-06-14 16:01 - 2017-06-14 16:01 - 00000000 ____D C:\ProgramData\s12s
2017-06-14 15:54 - 2017-06-14 15:55 - 02923656 _____ C:\Users\Daniel_2\Downloads\GetSystemInfo5.2.zip
2017-06-14 15:28 - 2017-06-14 15:28 - 00000000 ____D C:\ProgramData\s5p0
2017-06-14 15:23 - 2017-06-14 15:23 - 00000000 ____D C:\ProgramData\sk4
2017-06-14 15:23 - 2017-06-14 15:23 - 00000000 ____D C:\ProgramData\s7rk
2017-06-14 15:20 - 2017-06-14 15:20 - 10583640 _____ (AO Kaspersky Lab) C:\Users\Daniel_2\Downloads\GetSystemInfo6.2 (1).exe
2017-06-14 15:20 - 2017-06-14 15:20 - 00000000 ____D C:\ProgramData\sd4o
2017-06-14 15:20 - 2017-06-14 15:20 - 00000000 ____D C:\ProgramData\s9f8
2017-06-14 15:20 - 2017-06-14 15:20 - 00000000 ____D C:\ProgramData\s6r8
2017-06-14 15:16 - 2017-06-15 19:28 - 00000000 ____D C:\Users\Daniel_2\Desktop\New folder
2017-06-14 15:02 - 2017-06-14 15:02 - 00000000 ____D C:\ProgramData\sdg8
2017-06-14 14:56 - 2017-06-14 14:56 - 00000000 ____D C:\ProgramData\sdpc
2017-06-14 14:56 - 2017-06-14 14:56 - 00000000 ____D C:\ProgramData\sauo
2017-06-14 14:53 - 2017-06-14 14:53 - 00000000 ____D C:\ProgramData\s5t8
2017-06-14 14:47 - 2017-06-14 14:47 - 00000000 ____D C:\ProgramData\s6e0
2017-06-14 14:47 - 2017-06-14 14:47 - 00000000 ____D C:\ProgramData\s334
2017-06-14 14:40 - 2017-06-14 14:40 - 00000000 ____D C:\ProgramData\se9k
2017-06-14 14:40 - 2017-06-14 14:40 - 00000000 ____D C:\ProgramData\s98c
2017-06-14 14:39 - 2017-06-14 14:40 - 00000000 ____D C:\ProgramData\scic
2017-06-14 14:39 - 2017-06-14 14:39 - 10583640 _____ (AO Kaspersky Lab) C:\Users\Daniel_2\Downloads\GetSystemInfo6.2.exe
2017-06-14 14:38 - 2017-06-14 14:39 - 10414157 _____ C:\Users\Daniel_2\Downloads\GetSystemInfo6.2.zip
2017-06-14 13:30 - 2017-06-14 13:30 - 00002020 _____ C:\Users\Daniel_2\Desktop\6.8.2017 37748679 Compromised Computer Notification from Cox Communications - DNSChanger.txt
2017-06-14 13:26 - 2017-06-14 13:26 - 00300398 _____ C:\Users\Daniel_2\Desktop\cox-email.pdf
2017-06-14 13:00 - 2017-06-14 13:01 - 138309400 _____ (Microsoft Corporation) C:\Users\Daniel_2\Downloads\msert.exe
2017-06-14 12:39 - 2017-06-03 03:50 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-06-14 12:39 - 2017-06-03 03:16 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-06-14 12:39 - 2017-06-03 03:06 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-06-14 12:39 - 2017-06-03 02:58 - 00340832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-06-14 12:39 - 2017-06-03 02:55 - 00780640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-06-14 12:39 - 2017-06-03 02:54 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-06-14 12:39 - 2017-06-03 02:52 - 01021784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2017-06-14 12:39 - 2017-06-03 02:52 - 00607072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-06-14 12:39 - 2017-06-03 02:52 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2017-06-14 12:39 - 2017-06-03 02:50 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-06-14 12:39 - 2017-06-03 02:50 - 00381792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-06-14 12:39 - 2017-06-03 02:49 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-06-14 12:39 - 2017-06-03 02:44 - 01412640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-06-14 12:39 - 2017-06-03 02:44 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-06-14 12:39 - 2017-06-03 02:39 - 05686272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-06-14 12:39 - 2017-06-03 02:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-06-14 12:39 - 2017-06-03 02:32 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-06-14 12:39 - 2017-06-03 02:31 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-06-14 12:39 - 2017-06-03 02:31 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-06-14 12:39 - 2017-06-03 02:28 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-06-14 12:39 - 2017-06-03 02:28 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2017-06-14 12:39 - 2017-06-03 02:26 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-06-14 12:39 - 2017-06-03 02:26 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBrokerUI.dll
2017-06-14 12:39 - 2017-06-03 02:22 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-06-14 12:39 - 2017-06-03 02:22 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcorehc.dll
2017-06-14 12:39 - 2017-06-03 02:22 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-06-14 12:39 - 2017-06-03 02:20 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-06-14 12:39 - 2017-06-03 02:19 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-06-14 12:39 - 2017-06-03 02:16 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-06-14 12:39 - 2017-06-03 02:15 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-06-14 12:39 - 2017-06-03 02:15 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-06-14 12:39 - 2017-06-03 02:14 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-06-14 12:39 - 2017-06-03 02:12 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdProxy.dll
2017-06-14 12:39 - 2017-06-03 02:08 - 02643968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-06-14 12:39 - 2017-06-03 02:08 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-06-14 12:39 - 2017-06-03 02:07 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-06-14 12:39 - 2017-06-03 02:05 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-06-14 12:39 - 2017-06-03 02:05 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hnetcfg.dll
2017-06-14 12:39 - 2017-06-03 02:04 - 02006528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-06-14 12:39 - 2017-06-03 02:04 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-06-14 12:39 - 2017-06-03 02:03 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-06-14 12:39 - 2017-06-03 02:02 - 02997760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-06-14 12:39 - 2017-06-03 01:52 - 03403264 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-06-14 12:39 - 2017-06-03 01:50 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-06-14 12:39 - 2017-06-03 01:49 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-06-14 12:39 - 2017-06-03 01:48 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-06-14 12:39 - 2017-06-03 01:40 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-06-14 12:39 - 2017-03-03 23:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-06-14 12:39 - 2016-09-06 21:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-06-14 12:38 - 2017-06-03 03:50 - 00192856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-06-14 12:38 - 2017-06-03 03:14 - 01564512 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-06-14 12:38 - 2017-06-03 03:14 - 01214816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-06-14 12:38 - 2017-06-03 03:14 - 00629088 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-06-14 12:38 - 2017-06-03 03:14 - 00544096 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-06-14 12:38 - 2017-06-03 03:14 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-06-14 12:38 - 2017-06-03 03:14 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-06-14 12:38 - 2017-06-03 03:14 - 00334176 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-06-14 12:38 - 2017-06-03 03:14 - 00233824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-06-14 12:38 - 2017-06-03 03:14 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-06-14 12:38 - 2017-06-03 03:14 - 00136024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-06-14 12:38 - 2017-06-03 03:14 - 00096608 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-06-14 12:38 - 2017-06-03 03:14 - 00034648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-06-14 12:38 - 2017-06-03 03:11 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-06-14 12:38 - 2017-06-03 03:11 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-06-14 12:38 - 2017-06-03 03:09 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-06-14 12:38 - 2017-06-03 03:08 - 07783256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-06-14 12:38 - 2017-06-03 03:01 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-06-14 12:38 - 2017-06-03 02:59 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-06-14 12:38 - 2017-06-03 02:59 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-06-14 12:38 - 2017-06-03 02:59 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-06-14 12:38 - 2017-06-03 02:53 - 00404824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-06-14 12:38 - 2017-06-03 02:51 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-06-14 12:38 - 2017-06-03 02:51 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-06-14 12:38 - 2017-06-03 02:49 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-06-14 12:38 - 2017-06-03 02:49 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-06-14 12:38 - 2017-06-03 02:48 - 01112416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2017-06-14 12:38 - 2017-06-03 02:48 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-06-14 12:38 - 2017-06-03 02:48 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-06-14 12:38 - 2017-06-03 02:48 - 00857952 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-06-14 12:38 - 2017-06-03 02:48 - 00148832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2017-06-14 12:38 - 2017-06-03 02:45 - 22220864 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-06-14 12:38 - 2017-06-03 02:44 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-06-14 12:38 - 2017-06-03 02:40 - 01566552 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-06-14 12:38 - 2017-06-03 02:40 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-06-14 12:38 - 2017-06-03 02:39 - 02532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-06-14 12:38 - 2017-06-03 02:39 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-06-14 12:38 - 2017-06-03 02:23 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-06-14 12:38 - 2017-06-03 02:22 - 07217152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-06-14 12:38 - 2017-06-03 02:18 - 22569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-06-14 12:38 - 2017-06-03 02:16 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-06-14 12:38 - 2017-06-03 02:15 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-06-14 12:38 - 2017-06-03 02:15 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-06-14 12:38 - 2017-06-03 02:15 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-06-14 12:38 - 2017-06-03 02:14 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-06-14 12:38 - 2017-06-03 02:14 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-06-14 12:38 - 2017-06-03 02:14 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-06-14 12:38 - 2017-06-03 02:11 - 00353792 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-06-14 12:38 - 2017-06-03 02:10 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-06-14 12:38 - 2017-06-03 02:10 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2017-06-14 12:38 - 2017-06-03 02:10 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBrokerUI.dll
2017-06-14 12:38 - 2017-06-03 02:09 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-06-14 12:38 - 2017-06-03 02:09 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcorehc.dll
2017-06-14 12:38 - 2017-06-03 02:09 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll
2017-06-14 12:38 - 2017-06-03 02:08 - 12187648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-06-14 12:38 - 2017-06-03 02:08 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-06-14 12:38 - 2017-06-03 02:08 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-06-14 12:38 - 2017-06-03 02:08 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-06-14 12:38 - 2017-06-03 02:07 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-06-14 12:38 - 2017-06-03 02:07 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\HNetCfgClient.dll
2017-06-14 12:38 - 2017-06-03 02:06 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-06-14 12:38 - 2017-06-03 02:06 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-06-14 12:38 - 2017-06-03 02:04 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-06-14 12:38 - 2017-06-03 02:03 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-06-14 12:38 - 2017-06-03 02:01 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-06-14 12:38 - 2017-06-03 02:00 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-06-14 12:38 - 2017-06-03 01:58 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2017-06-14 12:38 - 2017-06-03 01:56 - 13091840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-06-14 12:38 - 2017-06-03 01:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-06-14 12:38 - 2017-06-03 01:53 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-06-14 12:38 - 2017-06-03 01:52 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-06-14 12:38 - 2017-06-03 01:52 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-06-14 12:38 - 2017-06-03 01:52 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-06-14 12:38 - 2017-06-03 01:51 - 01418240 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-06-14 12:38 - 2017-06-03 01:51 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2017-06-14 12:38 - 2017-06-03 01:50 - 04744704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-06-14 12:38 - 2017-06-03 01:49 - 03615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-06-14 12:38 - 2017-06-03 01:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-06-14 12:38 - 2017-06-03 01:49 - 02475520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-06-14 12:38 - 2017-06-03 01:49 - 02318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-06-14 12:38 - 2017-06-03 01:49 - 01845248 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-06-14 12:38 - 2017-06-03 01:49 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-06-14 12:38 - 2017-06-03 01:49 - 00351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\hnetcfg.dll
2017-06-14 12:38 - 2017-06-03 01:48 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-06-14 12:38 - 2017-06-03 01:48 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-06-14 12:38 - 2017-06-03 01:48 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-06-14 12:38 - 2017-06-03 01:46 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-06-14 12:38 - 2017-06-02 23:08 - 00080078 _____ C:\WINDOWS\system32\normidna.nls
2017-06-14 12:38 - 2017-05-24 22:56 - 00038752 _____ (Microsoft Corporation) C:\WINDOWS\system32\OOBEUpdater.exe
2017-06-14 12:38 - 2017-03-03 23:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-06-14 12:38 - 2017-03-03 23:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-06-14 12:38 - 2017-03-03 23:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-06-14 12:37 - 2017-06-03 02:16 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-06-12 14:09 - 2017-06-12 14:09 - 64232976 _____ (Malwarebytes ) C:\Users\Daniel_2\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.141-1.0.2092.exe
2017-06-12 11:07 - 2017-06-12 11:11 - 00000000 ____D C:\Users\Daniel_2\Desktop\2017-Pics
2017-06-12 09:56 - 2017-06-12 09:56 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2017-06-02 14:47 - 2017-06-02 14:48 - 00000000 ____D C:\Users\Cheryl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-05-30 15:04 - 2017-05-30 15:04 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-05-30 15:04 - 2017-05-30 15:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-05-30 15:03 - 2017-05-30 15:04 - 00000000 ____D C:\Program Files\iTunes
2017-05-30 15:03 - 2017-05-30 15:03 - 00000000 ____D C:\Program Files\iPod
2017-05-30 14:58 - 2017-05-30 14:58 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-05-30 14:57 - 2017-05-30 14:57 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2017-05-22 10:52 - 2017-05-22 10:52 - 04789838 _____ C:\Users\Daniel_2\Desktop\Pentair Partners.pdf
2017-05-22 10:48 - 2017-05-22 10:48 - 00390645 _____ C:\Users\Daniel_2\Desktop\Pool-Dorrado.pdf
2017-05-22 10:48 - 2017-05-22 10:48 - 00000000 ____D C:\Users\Daniel_2\AppData\LocalLow\Temp
2017-05-18 22:17 - 2017-05-18 22:17 - 00166288 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2017-05-18 22:17 - 2017-05-18 22:17 - 00131984 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus.sys
2017-05-17 14:25 - 2017-05-17 14:25 - 00247298 _____ C:\Users\Cheryl\Downloads\{4DC6E3F9-9288-47EB-B830-355D557C4FDD}.pdf
2017-05-17 14:24 - 2017-05-17 14:24 - 00088187 _____ C:\Users\Cheryl\Downloads\{158CEFFD-62FE-47B7-AC0A-4A951AA0C28C}.pdf
2017-05-17 14:24 - 2017-05-17 14:24 - 00076221 _____ C:\Users\Cheryl\Downloads\{BA677973-66F3-44DD-A536-F59D5A450C3E}.pdf
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-06-16 14:15 - 2012-02-21 12:02 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-06-16 13:41 - 2016-10-02 04:15 - 00000000 ____D C:\Users\Daniel
2017-06-16 13:29 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-06-16 10:35 - 2016-07-16 04:47 - 00000000 __RHD C:\Users\Public\Libraries
2017-06-16 10:31 - 2012-07-02 22:38 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-06-16 10:29 - 2016-07-16 04:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-06-16 10:21 - 2016-07-16 04:45 - 00000000 ____D C:\WINDOWS\INF
2017-06-16 09:46 - 2015-12-16 20:19 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-06-15 22:55 - 2016-10-02 04:09 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-06-15 22:27 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-06-15 21:34 - 2017-04-21 09:56 - 00000000 ____D C:\Program Files\Common Files\AV
2017-06-15 21:24 - 2016-10-02 04:15 - 01377926 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-06-15 21:17 - 2016-10-02 04:42 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-06-15 21:16 - 2016-07-15 23:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-06-15 19:48 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\rescache
2017-06-15 19:02 - 2011-03-12 12:50 - 00000000 ____D C:\Users\Daniel\Desktop\New folder
2017-06-15 16:13 - 2016-07-16 04:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-06-15 15:44 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-06-15 14:11 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\registration
2017-06-15 13:28 - 2015-12-20 11:50 - 00000000 ____D C:\WINDOWS\pss
2017-06-15 11:48 - 2011-03-09 11:37 - 00000000 ____D C:\Users\Daniel\AppData\Local\ElevatedDiagnostics
2017-06-15 10:51 - 2015-02-25 14:29 - 00000000 __SHD C:\Users\Daniel\AppData\Local\EmieUserList
2017-06-15 10:51 - 2015-02-25 14:29 - 00000000 __SHD C:\Users\Daniel\AppData\Local\EmieSiteList
2017-06-15 10:04 - 2014-04-13 14:02 - 00000000 ____D C:\Users\Daniel_2\AppData\Roaming\Dropbox
2017-06-15 10:03 - 2015-06-29 14:34 - 00000000 ____D C:\Users\Daniel_2\AppData\Local\Dropbox
2017-06-15 09:58 - 2016-10-02 04:09 - 00223672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-06-15 09:56 - 2016-07-16 04:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-06-15 09:56 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-06-15 09:56 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-06-15 09:49 - 2014-04-14 14:18 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-15 09:49 - 2014-04-14 14:18 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-14 14:59 - 2014-01-07 15:09 - 00001387 _____ C:\Users\Daniel_2\Desktop\Internet Explorer.lnk
2017-06-14 14:59 - 2012-02-29 12:27 - 00002519 _____ C:\Users\Daniel_2\Desktop\Google Chrome.lnk
2017-06-14 14:59 - 2011-02-17 11:03 - 00001383 _____ C:\Users\Daniel_2\Desktop\Internet Explorer (64-bit).lnk
2017-06-14 14:01 - 2014-04-14 15:57 - 00000000 ____D C:\Users\Daniel_2\Desktop\2014-Pics
2017-06-14 13:26 - 2013-08-19 14:31 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-06-14 13:18 - 2011-02-15 21:27 - 133627792 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-06-14 13:17 - 2014-04-14 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-14 12:48 - 2006-11-02 05:34 - 00000275 _____ C:\WINDOWS\win.ini
2017-06-14 12:42 - 2015-12-18 16:15 - 00002415 _____ C:\Users\Daniel_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-06-14 12:42 - 2015-12-18 16:15 - 00000000 ___RD C:\Users\Daniel_2\OneDrive
2017-06-14 11:50 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-06-14 11:50 - 2016-07-16 04:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-06-12 13:11 - 2016-07-15 23:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-06-12 13:11 - 2011-02-15 10:13 - 00565416 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-06-12 10:35 - 2014-04-13 12:23 - 00000000 ____D C:\ProgramData\Samsung
2017-06-12 10:35 - 2014-04-13 12:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-06-12 10:35 - 2014-04-13 12:23 - 00000000 ____D C:\Program Files (x86)\Samsung
2017-06-12 10:35 - 2011-02-15 09:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-06-12 10:11 - 2014-04-13 12:48 - 00001973 _____ C:\Users\Public\Desktop\Samsung Kies 3.lnk
2017-06-12 10:08 - 2014-04-13 12:52 - 00000000 ____D C:\Program Files\SAMSUNG
2017-06-12 10:04 - 2014-04-13 12:48 - 00000000 ____D C:\Users\Daniel_2\Documents\SelfMV
2017-06-02 23:36 - 2016-07-16 04:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-02 23:36 - 2016-07-16 04:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-02 14:48 - 2012-12-22 12:55 - 00000000 ____D C:\Users\Cheryl\AppData\Roaming\Dropbox
2017-06-02 14:46 - 2015-06-24 17:53 - 00000000 ____D C:\Users\Cheryl\AppData\Local\Dropbox
2017-05-30 15:04 - 2011-07-20 09:47 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Apple Computer
2017-05-30 15:02 - 2011-07-13 09:47 - 00000000 ____D C:\Program Files\Common Files\Apple
2017-05-30 14:57 - 2011-07-13 09:47 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-05-30 14:56 - 2012-12-30 18:32 - 00000000 ____D C:\Users\Daniel_2\Desktop\htc 12-30-12
2017-05-22 10:56 - 2012-02-29 12:27 - 00002527 _____ C:\Users\Daniel_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
==================== Files in the root of some directories =======
2011-03-12 12:37 - 2011-03-12 12:51 - 0000077 _____ () C:\Users\Daniel\AppData\Roaming\Rim.Desktop.Exception.log
2011-03-12 11:55 - 2011-07-01 08:14 - 0002021 _____ () C:\Users\Daniel\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2012-04-03 16:16 - 2011-01-04 09:26 - 0076407 _____ () C:\Users\Daniel\AppData\Roaming\Smiley.ico
2011-03-12 12:38 - 2011-03-12 12:38 - 0003584 _____ () C:\Users\Daniel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-02-16 09:17 - 2011-02-18 11:27 - 0021315 _____ () C:\Users\Daniel\AppData\Local\HWVendorDetection.log
2012-07-09 15:03 - 2016-07-29 13:20 - 0009456 _____ () C:\ProgramData\hpzinstall.log
Some files in TEMP:
====================
2017-06-12 10:06 - 2017-06-12 10:17 - 0066048 _____ () C:\Users\Daniel\AppData\Local\Temp\Execute2App.exe
2017-06-12 10:17 - 2017-06-12 10:17 - 0331264 _____ (TODO: <회사 이름>) C:\Users\Daniel\AppData\Local\Temp\Kies3RemoveAll.exe
2017-06-12 10:06 - 2014-05-07 17:43 - 0568832 _____ (Microsoft Corporation) C:\Users\Daniel\AppData\Local\Temp\msvcp90.dll
2017-06-12 10:06 - 2014-05-07 17:43 - 0655872 _____ (Microsoft Corporation) C:\Users\Daniel\AppData\Local\Temp\msvcr90.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-06-16 10:00
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-06-2017 01
Ran by Daniel (16-06-2017 14:30:32)
Running from C:\Users\Daniel\AppData\Local\Microsoft\Windows\INetCache\IE\UIOH6R5P
Windows 10 Home Version 1607 (X64) (2016-10-02 11:46:47)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1459875843-3859104557-3610610433-500 - Administrator - Disabled)
Cheryl (S-1-5-21-1459875843-3859104557-3610610433-1002 - Limited - Enabled) => C:\Users\Cheryl
Daniel (S-1-5-21-1459875843-3859104557-3610610433-1000 - Administrator - Enabled) => C:\Users\Daniel
Daniel_2 (S-1-5-21-1459875843-3859104557-3610610433-1001 - Limited - Enabled) => C:\Users\Daniel_2
DefaultAccount (S-1-5-21-1459875843-3859104557-3610610433-503 - Limited - Disabled)
Guest (S-1-5-21-1459875843-3859104557-3610610433-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.118 - Adobe Systems Incorporated)
Adobe Download Manager (HKLM-x32\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.103 - NOS Microsystems Ltd.)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.126 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.20) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.20 - Adobe Systems Incorporated)
AIO_Scan (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
C4200 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
c4200_Help (x32 Version: 82.0.210.000 - Hewlett-Packard) Hidden
Cisco Connect (HKLM-x32\...\Cisco Connect) (Version: 1.3.11069.2 - Cisco Consumer Products LLC)
Cisco Network Magic (x32 Version: 5.5.09195.0 - Pure Networks) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Photosmart C4200 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{276C40A7-8110-4976-80D2-39C669B84D32}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{39C8BE76-CF6A-466F-8618-0B52CC4CA0FC}) (Version: 8.3.27.17 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{2B5A1E68-6617-406D-B797-5DAB5B4630B8}) (Version: 12.5.26.37 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
Intel® Network Connections Drivers (HKLM\...\PROSet) (Version: 13.5 - Intel)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
Java 7 Update 13 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217013FF}) (Version: 7.0.130 - Oracle)
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
KB0817 Keyboard Driver (HKLM-x32\...\{ED5DCA6F-5FEA-47CB-83DB-210A468C298B}) (Version: 1.30.0000 - Gateway)
LSI PCI-SV92EX Soft Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Office Basic Edition 2003 (HKLM-x32\...\{91130409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyFreeCodec (HKU\S-1-5-21-1459875843-3859104557-3610610433-1000\...\MyFreeCodec) (Version: - )
Network Magic (HKLM-x32\...\Network MagicUninstall) (Version: 5.5.9195.0 - Cisco Systems, Inc.)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
PS_AIO_Software_min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
Pure Networks Platform (x32 Version: 11.2.09195.1 - Pure Networks) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5898 - Realtek Semiconductor Corp.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.5.43 - Safer-Networking Ltd.)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1459875843-3859104557-3610610433-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Daniel_2\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1459875843-3859104557-3610610433-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel_2\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => No File
CustomCLSID: HKU\S-1-5-21-1459875843-3859104557-3610610433-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel_2\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => No File
CustomCLSID: HKU\S-1-5-21-1459875843-3859104557-3610610433-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel_2\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => No File
CustomCLSID: HKU\S-1-5-21-1459875843-3859104557-3610610433-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Daniel_2\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll => No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00CEAAFB-AEC9-4978-976A-586E6563D59B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2016-07-04] (HP Inc.)
Task: {02213FD6-60D8-457B-89F3-A60AC7442549} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {03B6334A-6BE5-4E4F-867B-5679ADDA8083} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-27] (Microsoft Corporation)
Task: {09F2325D-59CB-464B-BE25-3685ABA4DF9D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {172722BA-B6B5-431B-844E-44E5E737C28C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {1C979D42-756E-497B-B2BC-D350FCF4B784} - System32\Tasks\OneDrive Standalone Update Task v2 => C:\Users\Daniel\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {29BB3931-56E9-40CF-AB95-0B259ADDC873} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1459875843-3859104557-3610610433-1001Core => C:\Users\Daniel_2\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {2E790289-858D-4F2D-ADDE-1A748A39A106} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {2FF3C4C7-EB54-45B3-8B32-BC8404481209} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {31D87257-9357-41F2-A4B7-87EA9F2C5546} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {34001681-BBF0-478A-85F5-48E5B7B5CF95} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {3615A49D-A61A-45BC-A592-712EE2559A57} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {377A66EC-7279-4521-87CE-891048DE0B14} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {388F9F29-88F1-4D75-9D92-2D4647ECAB84} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3CE9EB16-0B12-42A6-9A2F-9A5C5A502097} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {3D3D461E-7C93-4176-A48F-D024C8515929} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3E2C178C-11F7-4DE2-8A47-186BD961B494} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {3E8F5E01-DBAC-4DB5-83FD-BA8525468515} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {455ED4FC-2A18-4297-B7E5-2658D5F092D4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {46B43F4E-8A35-477A-96EF-7BFBD8072C00} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {4C07A74D-1C39-4BEC-A48A-DA3F179196D4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-07-04] (HP Inc.)
Task: {50A93176-A9EB-4C6F-9345-2BF1C352FAA4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-27] (Microsoft Corporation)
Task: {52DC586D-B8BD-48F3-BE92-C7AB25FAC819} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1459875843-3859104557-3610610433-1001UA1d262d764b28348 => C:\Users\Daniel_2\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {544CA68F-9B0F-4DFA-BBE6-FDAA42BA3DA4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1459875843-3859104557-3610610433-1002UA => C:\Users\Cheryl\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {5746F87C-CD37-499B-9457-6CA7B5488BA6} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {58483233-A679-4CFD-A4E1-9B4DAD1F9383} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {6B151AC9-0CB6-4ABB-961D-6A6051590871} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1459875843-3859104557-3610610433-1002UA1d2596bbeb2fe6e => C:\Users\Cheryl\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {6C6FF72E-C7D3-424A-96AF-1211E845DB0B} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6D93B13B-158F-4E19-B2A0-11F9A9CFC01E} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {6E274A6E-8A3E-469C-A81D-4D056C43FB7A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-10] (Adobe Systems Incorporated)
Task: {6F7580F4-D954-4223-97E7-C3C13B5955F3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {712C6861-2B14-4E72-92BA-22B6921FE2B7} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\WINDOWS\system32\gatherWiredInfo.vbs
Task: {73E98F4D-8F11-4293-B224-886A86279B1B} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {743FC4C8-94EB-45CD-AB21-EC24271C0BD0} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Cheryl\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {744AE0B4-EFAA-4AC8-951C-A10E6D7B1399} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {76AF196A-28CB-427F-98AF-0A105CFE123F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1459875843-3859104557-3610610433-1002Core1d2596bbe85b1c1 => C:\Users\Cheryl\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {7A31E640-84AB-4EDF-B16E-2F6881843424} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7F04D7D6-226F-4593-94C5-CC3FD2954F51} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {83CF1578-64B1-4086-B435-899720E2325E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1459875843-3859104557-3610610433-1002Core => C:\Users\Cheryl\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {83EFBE05-1046-449F-BC39-75E0AE5A19F8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2016-07-04] (HP Inc.)
Task: {8481A720-1CAC-499B-B272-EA9DA3D1C8D0} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {8A7E9D2D-0AA5-4D06-9CEA-D2341C74CBCD} - System32\Tasks\MHotkey => C:\WINDOWS\MHotKey.exe [2008-05-30] ()
Task: {8BF70707-B77D-41AF-A62F-80C6CDAB6435} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1459875843-3859104557-3610610433-1002UA1d2395428366d1 => C:\Users\Cheryl\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.)
Task: {934781AC-7AED-4309-8336-2A3FA8DFD2C2} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {94F5741F-D978-4666-9B25-86CB0B648C2E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2016-07-04] (HP Inc.)
Task: {99118D40-261A-47CC-AD19-03505BBEA8E2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {9917A237-AE31-468D-92F6-EED3A47EAC05} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {99764903-67FC-4E31-A6B6-0255EBDEAA4F} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {B0B90252-AED1-4AB3-AD4C-DE211ABC46AA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {B5E58CB6-F542-40D5-9B6F-AD2B9F1F6646} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe [2016-07-04] (HP Inc.)
Task: {B79DB5D9-4017-4FEC-A7AA-7839A649F209} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [2016-08-23] (AO Kaspersky Lab)
Task: {BCA81336-74CB-4555-AB2F-21435F0AAE0D} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BDD396F9-81BC-44F0-A65E-B16B570859DF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1459875843-3859104557-3610610433-1001Core1d262d76485369e => C:\Users\Daniel_2\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {C11A29F8-DC60-4968-BF44-7A4EF27D82E9} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C3AB2B7C-6539-4425-AF65-ED697E5B870A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1459875843-3859104557-3610610433-1002Core1d2395425711ca => C:\Users\Cheryl\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-07] (Dropbox, Inc.)
Task: {CBF7A2CB-005A-47D7-9673-D8E13AB4515A} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CDC2AB77-412A-44C9-9934-3B7F3CE9B273} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1459875843-3859104557-3610610433-1001UA1d24e41137fa61c => C:\Users\Daniel_2\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-12-04] (Dropbox, Inc.)
Task: {DB43E39A-2B74-4E73-9DB0-A9DAF0700141} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E09469F7-2445-4EB2-A214-2C160EB57A76} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1459875843-3859104557-3610610433-1001Core1d24e4112aa0d1e => C:\Users\Daniel_2\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-12-04] (Dropbox, Inc.)
Task: {E0D62EF0-0796-4D0F-8192-141CF2EDFDCD} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E6B20F2A-B2D8-4E9B-B3D1-0BDC568CB6AF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {E8737731-5173-4D77-8202-2683497C7724} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1459875843-3859104557-3610610433-1001UA => C:\Users\Daniel_2\AppData\Local\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\WINDOWS\system32\gatherWirelessInfo.vbs
Task: {F0268BDF-3911-4196-9D4F-E864FEBCD24C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F308ACFE-22E8-4EFB-A299-072270A4DB59} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-27] (Microsoft Corporation)
Task: {F6B6CF55-FC3E-4783-8930-EEB410DFE153} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F7110351-8DE2-4153-9420-0BED6DEA87C4} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F7159B2E-FB79-4F0A-BDAF-CF60832A2FE6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F989708B-D73D-4BA9-AC9B-D36449D63F93} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FA9C59DC-9D4C-4916-87E4-9192558CC846} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-27] (Microsoft Corporation)
Task: {FC1F4D7C-521F-4089-9BC6-FAAA0185BA2C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2015-06-16] (Safer-Networking Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1459875843-3859104557-3610610433-1001Core1d24e4112aa0d1e.job => C:\Users\Daniel_2\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1459875843-3859104557-3610610433-1001UA1d24e41137fa61c.job => C:\Users\Daniel_2\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1459875843-3859104557-3610610433-1002Core1d2395425711ca.job => C:\Users\Cheryl\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1459875843-3859104557-3610610433-1002UA1d2395428366d1.job => C:\Users\Cheryl\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1459875843-3859104557-3610610433-1001Core.job => C:\Users\Daniel_2\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1459875843-3859104557-3610610433-1001UA.job => C:\Users\Daniel_2\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1459875843-3859104557-3610610433-1002Core.job => C:\Users\Cheryl\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1459875843-3859104557-3610610433-1002UA.job => C:\Users\Cheryl\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-05-09 00:44 - 2017-05-09 00:44 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-05-09 00:44 - 2017-05-09 00:44 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-06-15 19:26 - 2017-05-25 14:11 - 02270664 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2016-07-16 04:42 - 2016-07-16 04:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-06-14 12:38 - 2017-06-03 03:01 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2011-02-21 16:06 - 2008-05-30 10:50 - 00581120 _____ () C:\WINDOWS\MHotKey.exe
2017-06-16 09:49 - 2017-06-16 09:49 - 00959168 _____ () C:\Users\Daniel\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2016-10-02 05:01 - 2016-10-02 05:01 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-14 19:00 - 2017-03-03 23:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-14 19:01 - 2017-03-03 23:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-14 19:01 - 2017-03-03 23:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-14 19:01 - 2017-03-03 23:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-06-14 12:38 - 2017-06-03 01:47 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-06-14 12:38 - 2017-06-03 01:47 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-06-14 12:38 - 2017-06-03 01:51 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-05-09 03:05 - 2017-05-09 03:05 - 00092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-05-09 03:05 - 2017-05-09 03:05 - 01354040 _____ () C:\Program Files\iTunes\libxml2.dll
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 17.0.0\kpcengine.2.3.dll
2017-06-15 19:54 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-06-15 19:54 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-06-15 19:54 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-06-15 19:54 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2017-06-16 09:48 - 2017-06-16 09:48 - 00679624 _____ () C:\Users\Daniel\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\ClientTelemetry.dll
2009-07-13 17:37 - 2009-07-13 17:37 - 00152112 _____ () C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll
2009-07-13 17:37 - 2009-07-13 17:37 - 00098304 _____ () C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\CFireWallCOM.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Daniel_2\Desktop\vr4qph.jpg:com.dropbox.attributes [322]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7936 more sites.
IE restricted site: HKU\S-1-5-21-1459875843-3859104557-3610610433-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1459875843-3859104557-3610610433-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1459875843-3859104557-3610610433-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1459875843-3859104557-3610610433-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1459875843-3859104557-3610610433-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1459875843-3859104557-3610610433-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1459875843-3859104557-3610610433-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1459875843-3859104557-3610610433-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1459875843-3859104557-3610610433-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1459875843-3859104557-3610610433-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1459875843-3859104557-3610610433-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1459875843-3859104557-3610610433-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1459875843-3859104557-3610610433-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1459875843-3859104557-3610610433-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1459875843-3859104557-3610610433-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1459875843-3859104557-3610610433-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1459875843-3859104557-3610610433-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1459875843-3859104557-3610610433-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1459875843-3859104557-3610610433-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1459875843-3859104557-3610610433-1000\...\123simsen.com -> www.123simsen.com
There are 7937 more sites.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 05:34 - 2017-06-15 21:39 - 00454552 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 www.100888290cs.com
127.0.0.1 100888290cs.com
127.0.0.1 100sexlinks.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 www.10sek.com
127.0.0.1 10sek.com
127.0.0.1 1-2005-search.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 www.123fporn.info
127.0.0.1 123fporn.info
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123moviedownload.com
127.0.0.1 123moviedownload.com
There are 15600 more lines.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1459875843-3859104557-3610610433-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Daniel\AppData\Local\Microsoft\Windows\Themes\img6.jpg
DNS Servers: 68.105.28.11 - 68.105.29.11
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{802E1D9D-6DC8-4A5F-A996-5CD679BED14F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{244529DB-60CB-4042-8C8E-DE606F7FC383}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0316495F-2E52-49DA-89D2-BE2D96A9134F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9ECFF359-583C-48AC-A921-6E071F106DDD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [UDP Query User{E179896F-D3B7-4CCD-8359-65BD2A3CA3D9}C:\users\cheryl\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\cheryl\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{4C7FEB1A-C735-4BFD-82EB-94C91128CE95}C:\users\cheryl\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\cheryl\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{B3AE1F0F-A840-4C44-9342-59313776958C}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{4ED76042-82F9-4B66-817C-70BC1A3382ED}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{1C0CAB25-5559-4DBF-B777-7C91A55350C9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{3340EBA9-241B-4223-AAB8-F555C2192552}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{C5497E31-CF10-4CEF-8433-72788D90576A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{4C982D6E-92D4-4D02-81F5-D7CD9198C38B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{A8A4BA28-7BF6-4E33-8B7D-51E2623DD129}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{6E729FE0-7608-4549-BF26-A7F2E99DA6B3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{EB2C4D7E-143B-4C05-8837-6B46C8A5C01D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{74A5ECFB-433B-420B-B3A8-981A054CB117}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{FB9D6429-77E3-4AD8-9C81-D9C3F88AD5FC}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{E5EC9155-F8E3-4E79-9F99-7E7A469425D6}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{3A0EE91C-427A-4D73-A66C-BE8618C3E2F4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{DD4AC37F-75DE-4C7A-95FA-72B904592BED}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{C76B3975-F8D2-4BE3-AFAE-086A7E1DAEC3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{2FA49990-4014-4DEE-B329-A60FE05C4638}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{0C400A04-DFC5-466E-A9A5-AA2BE721C2B3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{4549F95D-D73C-4FB5-AEF8-BB200493F7CA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{DADDFAC8-9E23-4E11-81C7-B05C7B5BC704}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{44177B5E-80AA-49EF-B4E6-CC939DA8E3FE}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{C486FE1E-F66C-464C-AC78-8677EE3F8E6D}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{3D367012-E0D6-463E-B466-5847A2A0E1A0}] => (Allow) C:\Users\Cheryl\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9DF61F9C-01EB-41D8-BE13-66DABCAC6EE9}] => (Allow) C:\Users\Cheryl\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{AEA13169-B8C0-411A-89AA-30F78C73DD0A}] => (Allow) C:\Users\Daniel_2\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{DD4CC8A9-7CB3-4B19-B660-0BF0D932B848}] => (Allow) C:\Users\Daniel_2\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FAA5A98F-94C3-43A8-AA23-4163228E8A74}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{785EB0A1-88BA-4412-94B1-12FB6EAAED0E}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{7D7BACBB-CB42-443A-A88A-3B004543F426}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{2F06E08F-69B0-4712-9FF5-22265B87FD63}] => (Allow) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
FirewallRules: [{0038FCF1-1B01-472C-8520-C6B958D70E55}] => (Allow) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
30-05-2017 14:50:48 Windows Update
06-06-2017 18:13:11 Scheduled Checkpoint
12-06-2017 11:06:17 Windows Update
15-06-2017 16:05:48 Windows Update
==================== Faulty Device Manager Devices =============
Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/16/2017 01:26:51 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWinLogon.dll".Error in manifest or policy file "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWinLogon.dll" on line 2.
The manifest file root element must be assembly.
Error: (06/16/2017 01:26:51 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Spybot - Search & Destroy 2\Tools.dll".Error in manifest or policy file "C:\Program Files (x86)\Spybot - Search & Destroy 2\Tools.dll" on line 2.
The manifest file root element must be assembly.
Error: (06/16/2017 01:26:51 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "C:\Windows\System32\sdnclean64.exe".Error in manifest or policy file "C:\Windows\System32\sdnclean64.exe" on line 2.
The manifest file root element must be assembly.
Error: (06/16/2017 01:26:51 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDResources.dll".Error in manifest or policy file "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDResources.dll" on line 2.
The manifest file root element must be assembly.
Error: (06/16/2017 01:26:51 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScanLibrary.dll".Error in manifest or policy file "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScanLibrary.dll" on line 2.
The manifest file root element must be assembly.
Error: (06/16/2017 01:26:51 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTasks.dll".Error in manifest or policy file "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTasks.dll" on line 2.
The manifest file root element must be assembly.
Error: (06/16/2017 01:26:50 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLists.dll".Error in manifest or policy file "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLists.dll" on line 2.
The manifest file root element must be assembly.
Error: (06/16/2017 01:26:50 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys".Error in manifest or policy file "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys" on line 2.
The manifest file root element must be assembly.
Error: (06/16/2017 01:26:50 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunizeLibrary.dll".Error in manifest or policy file "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunizeLibrary.dll" on line 2.
The manifest file root element must be assembly.
Error: (06/16/2017 01:26:50 PM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv32.sys".Error in manifest or policy file "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv32.sys" on line 2.
The manifest file root element must be assembly.
System errors:
=============
Error: (06/16/2017 02:15:13 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/16/2017 01:24:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/16/2017 10:33:42 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:
A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
Error: (06/16/2017 10:31:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:
A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
Error: (06/16/2017 10:31:16 AM) (Source: DCOM) (EventID: 10016) (User: Daniel-PC)
Description: The machine-default permission settings do not grant Local Activation permission for the COM Server application with CLSID
{C2F03A33-21F5-47FA-B4BB-156362A2F239}
and APPID
{316CDED5-E4AE-4B15-9113-7055D84DCC97}
to the user Daniel-PC\Daniel SID (S-1-5-21-1459875843-3859104557-3610610433-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.Cortana_1.7.0.14393_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742). This security permission can be modified using the Component Services administrative tool.
Error: (06/16/2017 10:02:07 AM) (Source: DCOM) (EventID: 10016) (User: Daniel-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
and APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
to the user Daniel-PC\Daniel SID (S-1-5-21-1459875843-3859104557-3610610433-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe SID (S-1-15-2-3624051433-2125758914-1423191267-1740899205-1073925389-3782572162-737981194). This security permission can be modified using the Component Services administrative tool.
Error: (06/16/2017 09:46:44 AM) (Source: DCOM) (EventID: 10016) (User: Daniel-PC)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{260EB9DE-5CBE-4BFF-A99A-3710AF55BF1E}
and APPID
{260EB9DE-5CBE-4BFF-A99A-3710AF55BF1E}
to the user Daniel-PC\Daniel SID (S-1-5-21-1459875843-3859104557-3610610433-1000) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ShellExperienceHost_10.0.14393.1358_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-155514346-2573954481-755741238-1654018636-1233331829-3075935687-2861478708). This security permission can be modified using the Component Services administrative tool.
Error: (06/16/2017 09:45:43 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/15/2017 09:31:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
and APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (06/15/2017 09:17:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SDWSCService service failed to start due to the following error:
A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
CodeIntegrity:
===================================
Date: 2017-06-16 14:29:25.715
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-16 14:29:25.712
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-16 14:29:25.678
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-16 14:29:25.674
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-16 13:26:51.191
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-16 10:37:52.690
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-16 10:35:25.668
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-16 10:34:19.763
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-16 10:33:42.873
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-16 10:31:19.516
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel® Core2 Quad CPU Q8200 @ 2.33GHz
Percentage of memory in use: 52%
Total physical RAM: 4061.17 MB
Available physical RAM: 1938.57 MB
Total Virtual: 8157.17 MB
Available Virtual: 5647.59 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:595.73 GB) (Free:512.05 GB) NTFS ==>[drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 68AC7C90)
Partition 1: (Active) - (Size=595.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
==================== End of Addition.txt ============================