Addition (Addition.txt):
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16-12-2017
Ran by Daniel M. Burkus (17-12-2017 15:40:02)
Running from C:\Users\Daniel M. Burkus.PC\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2016-01-28 16:14:06)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1259038908-1583320175-680065255-500 - Administrator - Disabled)
Daniel M. Burkus (S-1-5-21-1259038908-1583320175-680065255-1005 - Administrator - Enabled) => C:\Users\Daniel M. Burkus.PC
Guest (S-1-5-21-1259038908-1583320175-680065255-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1259038908-1583320175-680065255-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Spybot - Search and Destroy (Disabled - Out of date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AbleWord v3.0 (HKLM\...\AbleWord_is1) (Version: - )
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.009.20050 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 28.0.0.126 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 28.0.0.126 - Adobe Systems Incorporated)
ADS Scanner 2 (HKLM\...\ADS Scanner 2) (Version: 2 - Pointstone Software, LLC)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 17.8.2318 - AVAST Software)
Boilsoft Video Cutter 1.23 (HKLM\...\{C72AB84A-4F9E-4D80-8243-C9547773BE73}_is1) (Version: - Boilsoft, Inc.)
Boilsoft Video Joiner 6.57 (HKLM\...\{FD39EF4B-0B5C-4B33-8D57-2EE865A80EB1}_is1) (Version: - Boilsoft, Inc.)
Boilsoft Video Splitter 6.34 (HKLM\...\{24549038-9956-4EE5-976D-4419AAEA7DD5}_is1) (Version: - Boilsoft, Inc.)
calibre (HKLM\...\{1E376DEC-875A-4F53-9149-168582A0E274}) (Version: 2.71.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.38 - Piriform)
CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CutePDF Writer 3.1 (HKLM\...\CutePDF Writer Installation) (Version: 3.1 - Acro Software Inc.)
Direct MIDI to MP3 Converter version 7.0.0.0 (HKLM\...\Direct MIDI to MP3 Converter_is1) (Version: 7.0.0.0 - Piston Software)
ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version: - )
FFmpeg (Windows) for Audacity version 2.2.2 (HKLM\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FormatFactory 3.9.0.1 (HKLM\...\FormatFactory) (Version: 3.9.0.1 - Free Time)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 9.0.0.29935 - Foxit Software Inc.)
FreeOCR v5.4 (HKLM\...\freeocr_is1) (Version: - )
Hangul 2002 SE (HKLM\...\{CECBC29F-6D3A-4ED6-A686-7220EF9B69CC}) (Version: 5.7.5.3007 - Haansoft)
Internet Download Manager (HKLM\...\Internet Download Manager) (Version: - Tonec Inc.)
IrfanView 4.50 (32-bit) (HKLM\...\IrfanView) (Version: 4.50 - Irfan Skiljan)
KakaoTalk (HKLM\...\KakaoTalk) (Version: 2.6.3.1672 - Kakao Corp.)
Kaspersky Security Scan (HKLM\...\{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 16.0.0.1344 - Kaspersky Lab) Hidden
Kaspersky Security Scan (HKLM\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 16.0.0.1344 - Kaspersky Lab)
Kaspersky Software Updater (HKLM\...\{DEEDA858-A9B4-4212-8873-2F2CE2706E68}) (Version: 2.0.0.623 - Kaspersky Lab) Hidden
Kaspersky Software Updater (HKLM\...\InstallWIX_{DEEDA858-A9B4-4212-8873-2F2CE2706E68}) (Version: 2.0.0.623 - Kaspersky Lab)
K-Lite Mega Codec Pack 10.4.5 (HKLM\...\KLiteCodecPack_is1) (Version: 10.4.5 - )
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version: - )
Malwarebytes version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MKVToolNix 8.3.0 (32bit) (HKLM\...\MKVToolNix) (Version: 8.3.0 - Moritz Bunkus)
Movavi Video Converter 14 (HKLM\...\Movavi Video Converter 14) (Version: 14.3.0 - Movavi)
Mozilla Firefox 57.0.2 (x86 en-US) (HKLM\...\Mozilla Firefox 57.0.2 (x86 en-US)) (Version: 57.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.2.6549 - Mozilla)
MP3 Toolkit 1.0.5 (HKLM\...\MP3 Toolkit_is1) (Version: - MP3Toolkit.com)
MPC-BE 1.4.5.787 (HKLM\...\{903D098F-DD50-4342-AD23-DA868FCA3126}_is1) (Version: 1.4.5.787 - MPC-BE Team)
Nero 2016 (HKLM\...\{9C637A56-4287-487F-95BF-1422FC1AA879}) (Version: 17.0.04500 - Nero AG)
Nero Info (HKLM\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2003 - Nero AG)
Nero WaveEditor (HKLM\...\{D0656D0B-9712-45BD-9243-21FEBF5B05E5}) (Version: 14.0.00600 - Nero AG)
Norton Security Scan (HKLM\...\NSS) (Version: 4.6.1.84 - Symantec Corporation)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 342.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.00 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.4.125 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.4.125 - NVIDIA Corporation)
NVIDIA Graphics Driver 342.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.00 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
paint.net (HKLM\...\{F10AAD91-58DF-44EC-A647-810197141666}) (Version: 4.0.19 - dotPDN LLC)
Prerequisite installer (HKLM\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0010 - Nero AG) Hidden
Prerequisite installer (HKLM\...\{5F284483-EE8D-447E-BEBE-2BF13B08C4BF}) (Version: 17.0.0002 - Nero AG) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
RogueKiller version 12.11.21.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.11.21.0 - Adlice Software)
R-Undelete 5.0 (HKLM\...\R-Undelete 5.0NSIS) (Version: 5.0.164588 - R-Tools Technology Inc.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.11.4.125 - NVIDIA Corporation) Hidden
Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.1 - Sophos Limited)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Stashimi Stub Installer (HKLM\...\{910B539D-F257-46C8-9CB8-6C95EFF9CF22}) (Version: 18.001.1 - Nero AG) Hidden
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1212 - SUPERAntiSpyware.com)
Tipard PDF Converter Platinum 3.2.10 (HKLM\...\{7ABFBBCF-9DA2-4a62-B54D-3AFCA72FBBA4}_is1) (Version: 3.2.10 - Tipard Studio)
Tray Tools 2000 (HKLM\...\Tray Tools 2000) (Version: Tray Tools 2000 - Version 2.7 - Gregory Braun -- Software Design)
TreeSize Free V3.4.5 (HKLM\...\TreeSize Free_is1) (Version: 3.4.5 - JAM Software)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Winamp (HKLM\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.50 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-11-11] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-11-11] (AVAST Software)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_103.dll [2013-06-18] (Free Time)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x86.dll [2017-10-21] (Foxit Software Inc.)
ContextMenuHandlers1: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files\Spybot - Search & Destroy 2\SDECon32.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-11-11] (AVAST Software)
ContextMenuHandlers3: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-05] ()
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => C:\Program Files\FormatFactory\ShellEx_103.dll [2013-06-18] (Free Time)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-10-18] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-11-11] (AVAST Software)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x86.dll [2017-10-21] (Foxit Software Inc.)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files\Spybot - Search & Destroy 2\SDECon32.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6: [UnlockerShellExtension] -> {DDE4BEEB-DDE6-48fd-8EB5-035C09923F83} => C:\Program Files\Unlocker\UnlockerCOM.dll [2010-07-05] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {12663B07-140E-4C57-A7EC-B72E862B74B6} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-12-14] (Piriform Ltd)
Task: {1EDEBF28-27ED-428F-8EA6-BAA48B1C1482} - System32\Tasks\Norton Security Scan for Daniel M. Burkus => C:\Program Files\Norton Security Scan\Engine\4.6.1.84\Nss.exe [2017-08-17] (Symantec Corporation)
Task: {47A5CB3B-81DB-4550-B43B-66584D9DD57F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {4F9FCC77-0961-45B7-8B19-A5FC610B40A8} - System32\Tasks\SafeZone scheduled Autoupdate 1498554344 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {521571B3-88C9-4F3A-9296-984100592DA5} - System32\Tasks\{192A14D5-1617-470C-AB03-F92AFA889304} => C:\Windows\system32\pcalua.exe -a "C:\Users\Daniel M. Burkus.PC\Desktop\A78GA-M2T_080115_B.exe" -d "C:\Users\Daniel M. Burkus.PC\Desktop"
Task: {5439F437-1585-4F4B-B335-75DE0926C042} - System32\Tasks\{C91B6667-6FA7-4977-BE1A-CC3C386768BD} => C:\Windows\system32\pcalua.exe -a "C:\Users\Daniel M. Burkus.PC\Desktop\vcredist_x86.exe" -d "C:\Users\Daniel M. Burkus.PC\Desktop"
Task: {56FDB460-B837-44D0-BF48-B27FB59F8914} - System32\Tasks\{8BDA641D-7880-4690-8B38-75DCC0CDA57D} => C:\Windows\system32\pcalua.exe -a "C:\Users\Daniel Burkus\Virtual Machines\Install Files\EASY Video Editor (v 2.0)\EASY.exe plus Keygen\Easy Video Editor v2.0.exe" -d "C:\Users\Daniel Burkus\Virtual Machines\Install Files\EASY Video Editor (v 2.0)\EASY.exe plus Keygen"
Task: {7609A09A-65AD-4EA1-9094-339D2D39D483} - System32\Tasks\{8703A1E3-955E-4714-B632-178F571D3F03} => C:\Windows\system32\pcalua.exe -a "C:\Users\Daniel Burkus\Virtual Machines\Install Files\NeroBurning .exe file (with Keygen)\Nero-6[1].6.0.18.exe" -d "C:\Users\Daniel Burkus\Virtual Machines\Install Files\NeroBurning .exe file (with Keygen)"
Task: {98C055B9-AF23-45CB-9D0F-392B2DADFF72} - System32\Tasks\Nero\Nero Info => C:\Program Files\Common Files\Nero\Nero Info\NeroInfo.exe [2016-03-01] (Nero AG)
Task: {C2CCF148-F0A7-4D26-90FE-9E23911F4146} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-11-11] (AVAST Software)
Task: {C7399ABE-1E4A-49C8-BA3C-2BD498749EEF} - System32\Tasks\SafeZone scheduled Autoupdate 1458735473 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {D6C559EA-22F9-4CEF-8675-46685F8EFAE6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-12-13] (Adobe Systems Incorporated)
Task: {E0BEB5F0-C2D8-4F26-B4B3-0112A5BD01E0} - System32\Tasks\{98A6AAFD-D93D-499D-9F0E-2F5A130C370E} => C:\Windows\system32\pcalua.exe -a "C:\My Documents\A - Software Shortcuts\Set-up Files\converter.exe" -d "C:\My Documents\A - Software Shortcuts\Set-up Files"
Task: {F857E1A7-6248-4487-A478-1A025701E05E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2017-12-07] (AVAST Software)
Task: {FF55AC69-9AD3-4DC5-8418-69E159A58B32} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-12-14] (Piriform Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-11-11 07:13 - 2017-11-11 07:13 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-11-11 07:13 - 2017-11-11 07:13 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-11-11 07:13 - 2017-11-11 07:13 - 000237808 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-11-11 07:13 - 2017-11-11 07:13 - 000244584 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-11-11 07:13 - 2017-11-11 07:13 - 000151104 _____ () C:\Program Files\AVAST Software\Avast\network_notifications.dll
2017-12-16 08:02 - 2017-12-16 08:02 - 005766800 _____ () C:\Program Files\AVAST Software\Avast\defs\17121502\algo.dll
2017-11-11 07:13 - 2017-11-11 07:13 - 000710056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-11-11 07:13 - 2017-11-11 07:13 - 000245608 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2017-12-17 08:32 - 2017-12-17 08:32 - 005766800 _____ () C:\Program Files\AVAST Software\Avast\defs\17121604\algo.dll
2016-01-29 19:14 - 2016-01-22 16:56 - 000089008 _____ () C:\Windows\System32\cpwmon2k.dll
2015-12-15 13:38 - 2015-12-15 13:38 - 000326112 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan\dblite.dll
2015-10-27 16:44 - 2015-10-27 16:44 - 000404952 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan\ipm_service.dll
2016-01-29 16:48 - 2014-05-13 12:04 - 000109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-10-18 09:27 - 2014-05-13 12:04 - 000416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2016-01-29 16:48 - 2014-05-13 12:04 - 000167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-10-18 09:27 - 2012-08-23 10:38 - 000574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2016-10-18 09:27 - 2012-04-03 17:06 - 000565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-01-30 07:47 - 2010-07-05 06:32 - 000004608 _____ () C:\Program Files\Unlocker\UnlockerHook.dll
2016-10-28 18:18 - 2016-10-19 03:42 - 000018880 _____ () C:\Program Files\NVIDIA Corporation\Update Core\detoured.dll
2016-01-30 07:47 - 2010-07-05 04:51 - 000017408 _____ () C:\Program Files\Unlocker\UnlockerAssistant.exe
2017-09-08 21:38 - 2017-09-08 21:38 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-11-11 07:13 - 2017-11-11 07:13 - 000235816 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2016-11-26 23:42 - 2016-11-26 23:42 - 000332104 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Software Updater\dblite.dll
2016-12-21 20:21 - 2016-12-21 20:21 - 045077376 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Software Updater\libcef.dll
2016-06-02 18:06 - 2016-06-02 18:06 - 045077376 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Security Scan\libcef.dll
2016-11-26 23:37 - 2016-11-26 23:37 - 000418512 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Software Updater\ipm_service.dll
2017-11-11 07:13 - 2017-11-11 07:13 - 000142792 _____ () c:\Program Files\AVAST Software\Avast\vaarclient.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\5AF767F5.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\5AF767F5.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR501 => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com ->
www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com ->
www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com ->
www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com ->
www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com ->
www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com ->
www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com ->
www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com ->
www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com ->
www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info ->
www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com ->
www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com ->
www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com ->
www.123simsen.com
There are 7937 more sites.
IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1005\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1005\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1005\...\008k.com ->
www.008k.com
IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1005\...\00hq.com ->
www.00hq.com
IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1005\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1005\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1005\...\0scan.com ->
www.0scan.com
IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1005\...\1-2005-search.com ->
www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1005\...\1-domains-registrations.com ->
www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1005\...\1000gratisproben.com ->
www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1005\...\1001namen.com ->
www.1001namen.com
IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1005\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1005\...\100sexlinks.com ->
www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1005\...\10sek.com ->
www.10sek.com
IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1005\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1005\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1005\...\123fporn.info ->
www.123fporn.info
IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1005\...\123haustiereundmehr.com ->
www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1005\...\123moviedownload.com ->
www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1259038908-1583320175-680065255-1005\...\123simsen.com ->
www.123simsen.com
There are 7937 more sites.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-05-31 22:49 - 2017-12-17 08:38 - 000453575 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1
www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1
www.008k.com
127.0.0.1 008k.com
127.0.0.1
www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1
www.032439.com
127.0.0.1 032439.com
127.0.0.1
www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1
www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1
www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1
www.100888290cs.com
127.0.0.1
www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1
www.10sek.com
127.0.0.1
www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1
www.123fporn.info
127.0.0.1
www.123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123moviedownload.com
There are 15597 more lines.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1259038908-1583320175-680065255-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Daniel M. Burkus.PC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 210.220.163.82 - 219.250.36.130
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AB035A13-5F60-4C15-AD6D-F3740287AB2A}] => (Allow) C:\Program Files\Winamp\winamp.exe
FirewallRules: [{46A04708-A71C-47A9-B967-D1C29970E410}] => (Allow) C:\Program Files\Winamp\winamp.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{B36792AD-C22F-4AD5-A86A-58D4966FB2AF}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{48C47700-5F30-457F-B126-0B5E37C48496}] => (Allow) C:\Program Files\Nero\Nero 2016\Nero Burning ROM\StartNBR.exe
FirewallRules: [{85F7091D-F663-43CF-8309-8DB3E9020295}] => (Allow) C:\Program Files\Nero\KM\NMDllHost.exe
FirewallRules: [{B91AC728-BBF8-48A5-8717-069BCA465C6C}] => (Allow) C:\Program Files\Nero\KM\MediaHome.exe
FirewallRules: [{BDEDE059-95C2-4437-A88D-F9DD786FB4A0}] => (Allow) C:\Program Files\Nero\Nero 2016\Nero Burning ROM\nero.exe
FirewallRules: [{44024E3E-8628-47F5-826F-6D1B8C53570D}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe
FirewallRules: [{BE219DF0-6551-4830-9C73-63730DE92272}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{A07B9198-22F5-48B0-88F7-9A088AD2B0CB}] => (Allow) C:\Program Files\FormatFactory\FormatFactory.exe
FirewallRules: [{F85D6425-9E30-4683-BE9E-A98A865D2AFD}] => (Allow) C:\Program Files\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{C8C8449C-551A-4E75-AE3E-E09703125179}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{9F2D483B-605C-424A-A310-6870042B4E33}] => (Allow) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{ED93D084-BA17-416E-90D5-E23710D28A0B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3F3044D4-83EA-4F36-819C-0540DB3C62B0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{4245A8E4-FCDE-4230-8AC5-3557B279D5C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{6B02DDB3-3765-4A3C-BA3D-102013750252}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0EFE17E5-7BC2-42F9-BC63-9CBD3B95CEFE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{01DBBB7E-5C1F-431D-8166-39BBC37EE8D6}C:\windows\system32\mmc.exe] => (Block) C:\windows\system32\mmc.exe
FirewallRules: [UDP Query User{16E5C799-7688-4A3F-994C-F6D8EB1D84D9}C:\windows\system32\mmc.exe] => (Block) C:\windows\system32\mmc.exe
FirewallRules: [{519D31D1-370E-4C65-AF47-9D8768E95A66}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{E13B8375-E38E-4CF0-BBD1-05049B0D05A6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{7456F395-39EC-4769-81B4-36090891D776}] => (Allow) C:\Users\Daniel M. Burkus.PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{00DD1655-DA80-46D7-9438-F9E6BE620886}] => (Allow) C:\Users\Daniel M. Burkus.PC\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{88A6D0C8-A914-4DAD-BA5D-80DF22724A19}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{9EED5CCD-D9CE-4E2B-9FFC-B3D66868D551}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
StandardProfile\AuthorizedApplications: [C:\Program Files\Orbitdownloader\orbitdm.exe] => Enabled:Orbit
StandardProfile\AuthorizedApplications: [C:\Program Files\Orbitdownloader\orbitnet.exe] => Enabled:Orbit
==================== Restore Points =========================
16-12-2017 08:41:32 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
Name: Standard floppy disk controller
Description: Standard floppy disk controller
Class Guid: {4d36e969-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard floppy disk controllers)
Service: fdc
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/16/2017 10:42:46 AM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 5360. Message ID: [0x2509].
Error: (12/15/2017 08:13:52 PM) (Source: Windows Search Service) (EventID: 1019) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <30, 0x80040d07, "iehistory://{S-1-5-21-1259038908-1583320175-680065255-1005}/">.
Error: (12/15/2017 04:25:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x04d00fef
Faulting process id: 0x9ac
Faulting application start time: 0x01d375182232cfb2
Faulting application path: C:\Windows\Explorer.EXE
Faulting module path: unknown
Report Id: 18e6a84e-e169-11e7-ab4c-000ee8e22084
Error: (12/13/2017 10:15:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d6727a7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x025f0fef
Faulting process id: 0x1764
Faulting application start time: 0x01d37410e57e005d
Faulting application path: C:\Windows\Explorer.exe
Faulting module path: unknown
Report Id: b33e4c07-e007-11e7-bae8-000ee8e22084
Error: (12/13/2017 09:26:20 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\wbem\wmiprvse.exe; Description = ComboFix created restore point; Error = 0x800706be).
Error: (12/13/2017 08:10:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nvcplui.exe, version: 4.8.714.0, time stamp: 0x505f0220
Faulting module name: nvcplui.exe, version: 4.8.714.0, time stamp: 0x505f0220
Exception code: 0x40000015
Fault offset: 0x00157100
Faulting process id: 0x17c4
Faulting application start time: 0x01d37402ea55d044
Faulting application path: C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe
Faulting module path: C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe
Report Id: 2ed7ee8d-dff6-11e7-9930-000ee8e22084
Error: (12/13/2017 07:35:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nvcplui.exe, version: 7.8.840.0, time stamp: 0x58061fe3
Faulting module name: NVCPL.DLL, version: 8.17.13.4200, time stamp: 0x58061972
Exception code: 0xc0000005
Fault offset: 0x001d9b1c
Faulting process id: 0x580
Faulting application start time: 0x01d373fe190662f8
Faulting application path: C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe
Faulting module path: C:\Windows\system32\NVCPL.DLL
Report Id: 600410a9-dff1-11e7-9c90-c9bb37610dc4
Error: (12/13/2017 07:19:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mpc-hc.exe, version: 1.7.4.13, time stamp: 0x00000000
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0373b5ed
Faulting process id: 0x948
Faulting application start time: 0x01d373fbce9de85a
Faulting application path: C:\Program Files\K-Lite Codec Pack\Media Player Classic\mpc-hc.exe
Faulting module path: unknown
Report Id: 12be6e37-dfef-11e7-98cb-000ee8e22084
Error: (12/13/2017 03:11:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nvcplui.exe, version: 7.8.840.0, time stamp: 0x58061fe3
Faulting module name: nvcplui.exe, version: 7.8.840.0, time stamp: 0x58061fe3
Exception code: 0x40000015
Fault offset: 0x0015a770
Faulting process id: 0x1060
Faulting application start time: 0x01d373d9320a00a6
Faulting application path: C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe
Faulting module path: C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe
Report Id: 726b3bf6-dfcc-11e7-98cb-000ee8e22084
Error: (12/13/2017 03:07:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nvcplui.exe, version: 7.8.840.0, time stamp: 0x58061fe3
Faulting module name: nvcplui.exe, version: 7.8.840.0, time stamp: 0x58061fe3
Exception code: 0x40000015
Fault offset: 0x0015a770
Faulting process id: 0x890
Faulting application start time: 0x01d373d89891e8bd
Faulting application path: C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe
Faulting module path: C:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exe
Report Id: d7bb4fc9-dfcb-11e7-98cb-000ee8e22084
System errors:
=============
Error: (12/16/2017 11:45:18 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Group Policy Client service did not shut down properly after receiving a preshutdown control.
Error: (12/16/2017 11:44:40 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 11:12:35 AM on 12/16/2017 was unexpected.
Error: (12/15/2017 08:12:57 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
Error: (12/15/2017 08:12:57 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (12/15/2017 08:10:26 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
Error: (12/15/2017 08:10:26 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (12/15/2017 08:10:14 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
Error: (12/15/2017 08:10:14 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
Error: (12/15/2017 07:28:01 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (12/15/2017 05:59:41 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
CodeIntegrity:
===================================
Date: 2017-06-24 12:28:59.040
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\DANIEL~1.PC\AppData\Local\temp\24992B468C.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-06-24 12:28:59.034
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\DANIEL~1.PC\AppData\Local\temp\24992B468C.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-08-30 08:13:32.112
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Daniel M. Burkus.PC\AppData\Local\temp\46718817-3A6B268A-D70FA871-D9A8C342\1478bef5d3.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-30 06:31:48.985
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\idmwfp.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-30 06:31:34.352
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\vpcvmm.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-30 06:31:18.393
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-30 06:31:18.097
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\EEK\Run\epp32.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-30 06:31:17.925
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-29 20:22:49.178
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\idmwfp.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-29 20:22:34.452
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\vpcvmm.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 3600+
Percentage of memory in use: 82%
Total physical RAM: 2047.3 MB
Available physical RAM: 365.85 MB
Total Virtual: 4094.61 MB
Available Virtual: 1562.53 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.79 GB) (Free:39.41 GB) NTFS
Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Data Storage) (Fixed) (Total:232.88 GB) (Free:24.78 GB) NTFS
Drive g: (Data Storage) (Fixed) (Total:232.79 GB) (Free:40.82 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 697FBEB8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: BCE48856)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: B31CAE79)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================