Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-04-2015
- Ran by DarkSide_ at 2015-04-12 17:13:23
- Running from C:\Users\DarkSide_\Downloads
- Boot Mode: Normal
- ==========================================================
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- ==================== Installed Programs ======================
- (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
- Adobe Reader XI (11.0.10) - Português (HKLM-x32\...\{AC76BA86-7AD7-1046-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
- Application Insights Tools for Visual Studio 2013 (x32 Version: 2.4 - Microsoft Corporation) Hidden
- ASUS PC Link (HKLM-x32\...\{52AE8601-EA55-456E-80A9-7FB48E82CF81}_is1) (Version: 2.1.8.402 - ASUSTEK)
- ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 3.5.12 - ASUS)
- Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
- AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
- Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50716.0 - Microsoft Corporation) Hidden
- Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
- BitTorrent (HKU\S-1-5-21-2882039380-2428085164-2198080122-1001\...\BitTorrent) (Version: 7.9.3.39947 - BitTorrent Inc.)
- Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
- Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
- Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
- Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
- Blend for Visual Studio SDK for Windows Phone 8.0 (x32 Version: 3.0.30924.0 - Microsoft Corporation) Hidden
- Build Tools - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
- Build Tools - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
- Build Tools Language Resources - amd64 (Version: 12.0.31101 - Microsoft Corporation) Hidden
- Build Tools Language Resources - x86 (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
- CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
- Construct 2 r200 (HKLM\...\Construct 2_is1) (Version: 1.0.200.0 - Scirra)
- Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
- Dev-C++ (HKLM-x32\...\Dev-C++) (Version: 5.10 - Bloodshed Software)
- Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
- Entity Framework 6.1.1 Tools for Visual Studio 2013 (HKLM-x32\...\{85253F13-EE42-4850-A3A5-79B90E92D7AC}) (Version: 12.0.30610.0 - Microsoft Corporation)
- Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
- Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
- IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
- IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
- IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
- Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation)
- Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
- Java SE Development Kit 8 Update 40 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180400}) (Version: 8.0.400.26 - Oracle Corporation)
- Kit SDK de vérification de Visual Studio 2012 - fra (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
- KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
- KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - )
- League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
- League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
- LibreOffice 4.4.1.2 (HKLM-x32\...\{4A754DA6-6E12-40AF-BAF0-B7D60C6BE005}) (Version: 4.4.1.2 - The Document Foundation)
- LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
- LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
- LocalESPCui for en-us (x32 Version: 8.59.29989 - Microsoft) Hidden
- LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
- Memory Profiler (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
- Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
- Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
- Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
- Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
- Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
- Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
- Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
- Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
- Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
- Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
- Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
- Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
- Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
- Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
- Microsoft SQL Server 2012 Native Client (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
- Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
- Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
- Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation)
- Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
- Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
- Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
- Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
- Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
- Microsoft SQL Server Data Tools - enu (12.0.41012.0) (HKLM-x32\...\{AC8E0CF4-42A1-4151-B684-97CF6FD726CF}) (Version: 12.0.41012.0 - Microsoft Corporation)
- Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
- Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
- Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
- Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
- Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
- Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{8C06D6DB-A391-4686-B050-99CC522A7843}) (Version: 12.0.2000.8 - Microsoft Corporation)
- Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{4AEB505C-95E1-4964-9B64-8D27F3186D30}) (Version: 12.0.2000.8 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
- Microsoft Visual Studio Community 2013 with Update 4 (HKLM-x32\...\{96a8b90c-0a91-4e76-ab34-730c23923d11}) (Version: 12.0.31101 - Microsoft Corporation)
- Mozilla Firefox 37.0 (x86 pt-BR) (HKLM-x32\...\Mozilla Firefox 37.0 (x86 pt-BR)) (Version: 37.0 - Mozilla)
- Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0 - Mozilla)
- NetBeans IDE 8.0.2 (HKLM\...\nbi-nb-base-8.0.2.0.201411181905) (Version: 8.0.2 - NetBeans.org)
- Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
- Oracle VM VirtualBox 4.3.10 (HKLM\...\{5632714F-6A48-4BF2-89E0-F8B6CE9FE6D1}) (Version: 4.3.10 - Oracle Corporation)
- PowreShellIntegration.Notifications (x32 Version: 2.5.21003.1603 - Microsoft Corporation) Hidden
- PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
- Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
- Prerequisites for SSDT (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
- Python Tools Redirection Template (x32 Version: 1.3 - Microsoft Corporation) Hidden
- Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
- Revo Uninstaller Pro 3.1.2 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.2 - VS Revo Group, Ltd.)
- SDK de comprobación de Visual Studio 2012 - esn (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
- Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
- Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
- Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
- TeamSpeak 3 Client (HKU\S-1-5-21-2882039380-2428085164-2198080122-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
- TypeScript Power Tool (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
- TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.5.0 - Microsoft Corporation) Hidden
- Unchecky v0.3.7.2 (HKLM-x32\...\Unchecky) (Version: 0.3.7.2 - RaMMicHaeL)
- Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
- Visual Studio 2013 Update 4 (KB2829760) (HKLM-x32\...\{53d408db-eb91-43fb-9d8f-167681c19763}) (Version: 12.0.31101 - Microsoft Corporation)
- VS Update core components (x32 Version: 12.0.31101 - Microsoft Corporation) Hidden
- WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
- WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
- WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
- Windows Driver Package - ASUS Tek. Corporation (ATP) Mouse (04/02/2014 7.0.0.2) (HKLM\...\AECE1F84E8C99B9AD59A3E152EC9765364A9AA35) (Version: 04/02/2014 7.0.0.2 - ASUS Tek. Corporation)
- Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{166a69f6-6512-47ea-a342-17d954fc059a}) (Version: 12.0.31010.0 - Microsoft Corporation)
- WinHex (HKLM-x32\...\WinHex) (Version: - )
- WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
- XAMPP (HKLM-x32\...\xampp) (Version: 5.5.19-0 - Bitnami)
- Пакет Visual Studio 2012 Verification SDK - rus (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
- ==================== Custom CLSID (selected items): ==========================
- (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
- ==================== Restore Points =========================
- 11-04-2015 19:27:28 Ponto de verificação por HitmanPro
- ==================== Hosts content: ==========================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2013-08-22 10:25 - 2015-04-12 17:08 - 00001204 ____A C:\Windows\system32\Drivers\etc\hosts
- 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
- 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
- 0.0.0.0 media.opencandy.com
- 0.0.0.0 cdn.opencandy.com
- 0.0.0.0 tracking.opencandy.com
- 0.0.0.0 api.opencandy.com
- 0.0.0.0 installer.betterinstaller.com
- 0.0.0.0 installer.filebulldog.com
- 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
- 0.0.0.0 inno.bisrv.com
- 0.0.0.0 nsis.bisrv.com
- 0.0.0.0 cdn.file2desktop.com
- 0.0.0.0 cdn.goateastcach.us
- 0.0.0.0 cdn.guttastatdk.us
- 0.0.0.0 cdn.inskinmedia.com
- 0.0.0.0 cdn.insta.oibundles2.com
- 0.0.0.0 cdn.insta.playbryte.com
- 0.0.0.0 cdn.llogetfastcach.us
- 0.0.0.0 cdn.montiera.com
- 0.0.0.0 cdn.msdwnld.com
- 0.0.0.0 cdn.mypcbackup.com
- 0.0.0.0 cdn.ppdownload.com
- 0.0.0.0 cdn.riceateastcach.us
- 0.0.0.0 cdn.shyapotato.us
- 0.0.0.0 cdn.solimba.com
- 0.0.0.0 cdn.tuto4pc.com
- 0.0.0.0 cdn.appround.biz
- 0.0.0.0 cdn.bigspeedpro.com
- 0.0.0.0 cdn.bispd.com
- There are 4 more lines.
- ==================== Scheduled Tasks (whitelisted) =============
- (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
- Task: {07C624F3-4D7B-4C7B-9999-77651E3FD47F} - System32\Tasks\BlockAndSurf Update => C:\Program Files (x86)\version74BlockAndSurf\J4BlockAndSurfJ52.exe <==== ATTENTION
- Task: {1107AC59-84F8-44B4-98AA-69604B4C2775} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2014-12-04] (@ByELDI)
- Task: {4ABA1ADE-1143-4E3B-B72C-ACEC8B9FCC70} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
- Task: {51ECD93E-F4A8-4513-95C5-912AE08D2DB9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-18] (Google Inc.)
- Task: {5A750808-3D15-4965-A5E7-98673EA94B19} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
- Task: {7A5B40BB-7A84-430C-8EE1-08A9DEF6A0AF} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-23] (Microsoft Corporation)
- Task: {B2B8EF51-DF79-418A-A7FB-2416B2104D80} - System32\Tasks\SPBIW_UpdateTask_Time_3631353732373132342d2323782a32455b4134572d32 => Wscript.exe //B "C:\ProgramData\ShopperPro\spbihe.js" spbiu.exe /invoke /f:check_services /l:0 <==== ATTENTION
- Task: {B3324ED0-D20B-4AB9-9287-7F9E3A276626} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-18] (Google Inc.)
- Task: {B4F3F666-81BE-4AFA-85F0-774B89CB9E35} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-23] (Microsoft Corporation)
- Task: {C991D553-F39E-4A81-A4E0-25A30D6963B0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
- Task: {D36A59F8-509A-4962-AF68-9C16E068A903} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-02-26] (Microsoft Corporation)
- Task: {EDACFB66-8688-4BF8-B4DC-1C54D93EA052} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-01-23] (AsusTek)
- Task: C:\Windows\Tasks\BlockAndSurf Update.job => C:\Program Files (x86)\version74BlockAndSurf\J4BlockAndSurfJ52.exe <==== ATTENTION
- Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- ==================== Loaded Modules (whitelisted) ==============
- 2015-04-05 16:13 - 2015-03-30 18:07 - 01174856 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libglesv2.dll
- 2015-04-05 16:13 - 2015-03-30 18:07 - 00080200 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\libegl.dll
- 2015-04-05 16:13 - 2015-03-30 18:07 - 09279304 _____ () C:\Program Files (x86)\Google\Chrome\Application\41.0.2272.118\pdf.dll
- ==================== Alternate Data Streams (whitelisted) =========
- (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
- ==================== Safe Mode (whitelisted) ===================
- (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\16209442.sys => ""="Driver"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\16209442.sys => ""="Driver"
- ==================== EXE Association (whitelisted) ===============
- (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
- ==================== Other Areas ============================
- (Currently there is no automatic fix for this section.)
- HKU\S-1-5-21-2882039380-2428085164-2198080122-1001\Control Panel\Desktop\\Wallpaper ->
- DNS Servers: 192.168.25.1
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- (Currently there is no automatic fix for this section.)
- MSCONFIG\Services: AdobeARMservice => 2
- MSCONFIG\Services: AMD External Events Utility => 2
- MSCONFIG\Services: BaiduHips => 2
- MSCONFIG\Services: BDKVRTP => 2
- MSCONFIG\Services: BrsHelper => 2
- MSCONFIG\Services: CCL => 2
- MSCONFIG\Services: gupdate => 2
- MSCONFIG\Services: gupdatem => 3
- MSCONFIG\Services: insvc_1.10.0.13 => 2
- MSCONFIG\Services: jezyseko => 2
- MSCONFIG\Services: kowuqydi => 2
- MSCONFIG\Services: LolliScan => 2
- MSCONFIG\Services: MozillaMaintenance => 3
- MSCONFIG\Services: pemerusy => 2
- MSCONFIG\Services: Sed => 2
- MSCONFIG\Services: Service KMSELDI => 2
- MSCONFIG\Services: SkypeUpdate => 2
- MSCONFIG\Services: SPBIUpd => 2
- MSCONFIG\Services: Steam Client Service => 3
- MSCONFIG\Services: topupete => 2
- MSCONFIG\Services: xowideru => 2
- HKLM\...\StartupApproved\Run: => "Classic Start Menu"
- HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
- HKLM\...\StartupApproved\Run32: => "ap"
- HKLM\...\StartupApproved\Run32: => "WinCheck"
- HKLM\...\StartupApproved\Run32: => "gmsd_br_398"
- HKLM\...\StartupApproved\Run32: => "SPDriver"
- HKLM\...\StartupApproved\Run32: => "SmartWeb"
- HKLM\...\StartupApproved\Run32: => "YTDownloader"
- HKLM\...\StartupApproved\Run32: => "baidusdTray"
- HKU\S-1-5-21-2882039380-2428085164-2198080122-1001\...\StartupApproved\StartupFolder: => "crossbrowse.lnk"
- HKU\S-1-5-21-2882039380-2428085164-2198080122-1001\...\StartupApproved\StartupFolder: => "SmartWeb.lnk"
- HKU\S-1-5-21-2882039380-2428085164-2198080122-1001\...\StartupApproved\Run: => "PCLink"
- HKU\S-1-5-21-2882039380-2428085164-2198080122-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_668B766DA1932A13D0539817D246903D"
- HKU\S-1-5-21-2882039380-2428085164-2198080122-1001\...\StartupApproved\Run: => "SPDriver"
- HKU\S-1-5-21-2882039380-2428085164-2198080122-1001\...\StartupApproved\Run: => "YTDownloader"
- ==================== Accounts: =============================
- Administrator (S-1-5-21-2882039380-2428085164-2198080122-500 - Administrator - Disabled)
- DarkSide_ (S-1-5-21-2882039380-2428085164-2198080122-1001 - Administrator - Enabled) => C:\Users\DarkSide_
- Guest (S-1-5-21-2882039380-2428085164-2198080122-501 - Limited - Disabled)
- HomeGroupUser$ (S-1-5-21-2882039380-2428085164-2198080122-1003 - Limited - Enabled)
- ==================== Faulty Device Manager Devices =============
- Name: Microsoft Network Adapter Multiplexor Driver
- Description: Microsoft Network Adapter Multiplexor Driver
- Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
- Manufacturer: Microsoft
- Service: NdisImPlatformMp
- Problem: : This device is disabled. (Code 22)
- Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
- Name: VirtualBox Host-Only Ethernet Adapter
- Description: VirtualBox Host-Only Ethernet Adapter
- Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
- Manufacturer: Oracle Corporation
- Service: VBoxNetAdp
- Problem: : This device is disabled. (Code 22)
- Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
- Name: Standard SATA AHCI Controller
- Description: Standard SATA AHCI Controller
- Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
- Manufacturer: Standard SATA AHCI Controller
- Service: storahci
- Problem: : This device cannot start. (Code10)
- Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
- On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
- ==================== Event log errors: =========================
- Application errors:
- ==================
- Error: (04/11/2015 07:27:49 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000010f4,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssapiPublisher,0,REG_BINARY,0000007C3E79E720.72). hr = 0x80070005, Access is denied.
- .
- Operation:
- Abort Backup
- Context:
- Execution Context: Requestor
- Current State: SnapshotSetCreated
- Error: (04/11/2015 07:27:49 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000010f4,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssapiPublisher,0,REG_BINARY,0000007C3E79E720.72). hr = 0x80070005, Access is denied.
- .
- Operation:
- Abort Backup
- Context:
- Execution Context: Requestor
- Current State: SnapshotSetCreated
- Error: (04/11/2015 07:27:49 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00001214,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssapiPublisher,0,REG_BINARY,0000007D402DE940.72). hr = 0x80070005, Access is denied.
- .
- Operation:
- Executing Asynchronous Operation
- Context:
- Current State: DoSnapshotSet
- Error: (04/11/2015 07:27:49 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000310,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,000000268365DDC0.72). hr = 0x80070005, Access is denied.
- .
- Operation:
- Executing Asynchronous Operation
- Context:
- Current State: DoSnapshotSet
- Error: (04/11/2015 07:27:49 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000310,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,000000268365DDC0.72). hr = 0x80070005, Access is denied.
- .
- Operation:
- Executing Asynchronous Operation
- Context:
- Current State: DoSnapshotSet
- Error: (04/11/2015 07:27:49 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000310,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,000000268365DDC0.72). hr = 0x80070005, Access is denied.
- .
- Operation:
- Executing Asynchronous Operation
- Context:
- Current State: DoSnapshotSet
- Error: (04/11/2015 07:27:48 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000310,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,000000268365DDC0.72). hr = 0x80070005, Access is denied.
- .
- Operation:
- Executing Asynchronous Operation
- Context:
- Current State: DoSnapshotSet
- Error: (04/11/2015 07:27:48 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000310,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,000000268365DE80.72). hr = 0x80070005, Access is denied.
- .
- Operation:
- Executing Asynchronous Operation
- Context:
- Current State: DoSnapshotSet
- Error: (04/11/2015 07:27:48 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000310,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,000000268365DE80.72). hr = 0x80070005, Access is denied.
- .
- Operation:
- Executing Asynchronous Operation
- Context:
- Current State: DoSnapshotSet
- Error: (04/11/2015 07:27:48 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000310,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,0000002683359B50.72). hr = 0x80070005, Access is denied.
- .
- Operation:
- Executing Asynchronous Operation
- Context:
- Current State: DoSnapshotSet
- System errors:
- =============
- Error: (04/12/2015 05:08:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: The BDDefense service failed to start due to the following error:
- %%31
- Error: (04/12/2015 05:08:37 PM) (Source: EventLog) (EventID: 6008) (User: )
- Description: The previous system shutdown at 11:34:49 on 12/04/2015 was unexpected.
- Error: (04/12/2015 05:08:29 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT AUTHORITY)
- Description: 32212256841149040
- Error: (04/12/2015 10:54:51 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: The BDDefense service failed to start due to the following error:
- %%31
- Error: (04/12/2015 10:54:49 AM) (Source: EventLog) (EventID: 6008) (User: )
- Description: The previous system shutdown at 22:24:27 on 11/04/2015 was unexpected.
- Error: (04/11/2015 07:44:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: The BDDefense service failed to start due to the following error:
- %%31
- Error: (04/11/2015 07:38:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: The BDDefense service failed to start due to the following error:
- %%31
- Error: (04/11/2015 07:38:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: The Print Spooler service failed to start due to the following error:
- %%1069
- Error: (04/11/2015 07:38:01 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
- Description: The Spooler service was unable to log on as NT AUTHORITY\SYSTEM with the currently configured password due to the following error:
- %%50
- To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
- Error: (04/11/2015 07:37:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
- Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
- Microsoft Office Sessions:
- =========================
- Error: (04/11/2015 07:27:49 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: RegSetValueExW(0x000010f4,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssapiPublisher,0,REG_BINARY,0000007C3E79E720.72)0x80070005, Access is denied.
- Operation:
- Abort Backup
- Context:
- Execution Context: Requestor
- Current State: SnapshotSetCreated
- Error: (04/11/2015 07:27:49 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: RegSetValueExW(0x000010f4,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssapiPublisher,0,REG_BINARY,0000007C3E79E720.72)0x80070005, Access is denied.
- Operation:
- Abort Backup
- Context:
- Execution Context: Requestor
- Current State: SnapshotSetCreated
- Error: (04/11/2015 07:27:49 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: RegSetValueExW(0x00001214,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssapiPublisher,0,REG_BINARY,0000007D402DE940.72)0x80070005, Access is denied.
- Operation:
- Executing Asynchronous Operation
- Context:
- Current State: DoSnapshotSet
- Error: (04/11/2015 07:27:49 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: RegSetValueExW(0x00000310,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,000000268365DDC0.72)0x80070005, Access is denied.
- Operation:
- Executing Asynchronous Operation
- Context:
- Current State: DoSnapshotSet
- Error: (04/11/2015 07:27:49 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: RegSetValueExW(0x00000310,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,000000268365DDC0.72)0x80070005, Access is denied.
- Operation:
- Executing Asynchronous Operation
- Context:
- Current State: DoSnapshotSet
- Error: (04/11/2015 07:27:49 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: RegSetValueExW(0x00000310,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,000000268365DDC0.72)0x80070005, Access is denied.
- Operation:
- Executing Asynchronous Operation
- Context:
- Current State: DoSnapshotSet
- Error: (04/11/2015 07:27:48 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: RegSetValueExW(0x00000310,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,000000268365DDC0.72)0x80070005, Access is denied.
- Operation:
- Executing Asynchronous Operation
- Context:
- Current State: DoSnapshotSet
- Error: (04/11/2015 07:27:48 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: RegSetValueExW(0x00000310,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,000000268365DE80.72)0x80070005, Access is denied.
- Operation:
- Executing Asynchronous Operation
- Context:
- Current State: DoSnapshotSet
- Error: (04/11/2015 07:27:48 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: RegSetValueExW(0x00000310,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,000000268365DE80.72)0x80070005, Access is denied.
- Operation:
- Executing Asynchronous Operation
- Context:
- Current State: DoSnapshotSet
- Error: (04/11/2015 07:27:48 PM) (Source: VSS) (EventID: 8193) (User: )
- Description: RegSetValueExW(0x00000310,SYSTEM\CurrentControlSet\Services\VSS\Diag\SwProvider_{b5946137-7b9f-4925-af80-51abd60b20d5},0,REG_BINARY,0000002683359B50.72)0x80070005, Access is denied.
- Operation:
- Executing Asynchronous Operation
- Context:
- Current State: DoSnapshotSet
- ==================== Memory info ===========================
- Processor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
- Percentage of memory in use: 19%
- Total physical RAM: 8133.77 MB
- Available physical RAM: 6576.41 MB
- Total Pagefile: 16325.77 MB
- Available Pagefile: 14522.45 MB
- Total Virtual: 131072 MB
- Available Virtual: 131071.82 MB
- ==================== Drives ================================
- Drive c: () (Fixed) (Total:59.11 GB) (Free:13.93 GB) NTFS
- Drive d: (HD-1) (Fixed) (Total:465.76 GB) (Free:260.06 GB) NTFS
- ==================== MBR & Partition Table ==================
- ========================================================
- Disk: 0 (Size: 59.6 GB) (Disk ID: 00022612)
- Partition: GPT Partition Type.
- ========================================================
- Disk: 1 (Size: 465.8 GB) (Disk ID: 3848715C)
- Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
- ==================== End Of Log ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement