Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-04-2015 01
- Ran by Jeff at 2015-04-29 07:57:18
- Running from C:\Users\Jeff\Downloads
- Boot Mode: Normal
- ==========================================================
- ==================== Accounts: =============================
- Administrator (S-1-5-21-4100569545-1831711435-1705162196-500 - Administrator - Disabled)
- Guest (S-1-5-21-4100569545-1831711435-1705162196-501 - Limited - Disabled)
- HomeGroupUser$ (S-1-5-21-4100569545-1831711435-1705162196-1003 - Limited - Enabled)
- Jeff (S-1-5-21-4100569545-1831711435-1705162196-1001 - Administrator - Enabled) => C:\Users\Jeff
- UpdatusUser (S-1-5-21-4100569545-1831711435-1705162196-1004 - Limited - Enabled) => C:\Users\UpdatusUser
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- ==================== Installed Programs ======================
- (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- 4G Hostless Modem (HKLM-x32\...\{B22E99A6-A16E-48D1-AB59-5BBEBEC7B4E2}) (Version: 1.0.0.2 - ZTE Corporation)
- Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
- Advanced Monitoring Agent (HKLM-x32\...\Advanced Monitoring Agent_is1) (Version: - )
- AirMagnet Surveyor (HKLM-x32\...\{36C753B1-DB3B-4853-9D77-B5037DD63E73}) (Version: - )
- Astrill (HKLM\...\{A77BCF74-A5A3-441B-9923-305EAD8B7976}_is1) (Version: - Astrill)
- Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 7.0 - Atheros)
- Autodesk DWG TrueView 2015 - English (HKLM\...\DWG TrueView 2015 - English) (Version: 20.0.210.0 - Autodesk)
- BitLord 2.4 (HKLM-x32\...\BitLord) (Version: 2.4.0-276 - House of Life)
- CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)
- Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
- CoolTools ChangeType v1.00 (HKLM-x32\...\chgtype) (Version: - )
- CR11Dist (HKLM-x32\...\{F2DD28CA-DD2C-426E-94F1-8E0145323A87}) (Version: 1.0.0 - AirMagnet, Inc.)
- DarkEyE Crypter V3 3.0.0 (HKLM-x32\...\DarkEyE Crypter V3 3.0.0) (Version: - )
- DllTool 1.0 (HKLM-x32\...\{8C36FC6F-3576-447C-B15D-FF1504C91104}_is1) (Version: - )
- Dropbox (HKU\S-1-5-21-4100569545-1831711435-1705162196-1001\...\Dropbox) (Version: 3.4.4 - Dropbox, Inc.)
- DWG TrueView 2015 - English (Version: 20.0.210.0 - Autodesk) Hidden
- Dynamic DNS for FreeDNS (HKLM-x32\...\{267F4306-E902-4C8B-8067-309249459D87}) (Version: 0.90.80 - Bunkhouse)
- FileZilla Client 3.10.3 (HKLM-x32\...\FileZilla Client) (Version: 3.10.3 - Tim Kosse)
- FortiExplorer v2.6.1083 (HKLM-x32\...\{6008CD1F-0002-0006-1083-18E44F07F5E2}) (Version: 2.6.1083 - Fortinet Inc.)
- GFI LanGuard 11 Agent (x32 Version: 11.0.2012.0717 - GFI Software Ltd) Hidden
- Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
- Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
- IcoFX 2.9 (HKLM-x32\...\IcoFX 2_is1) (Version: - )
- IIS 7.5 Express (HKLM-x32\...\{3A30B5F5-F12C-490F-8CD4-D200C75DF7E8}) (Version: 7.5.1190 - Microsoft Corporation)
- Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
- Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
- Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
- KMSpico v9.0.5.20131112 (HKLM\...\KMSpico_is1) (Version: 9.0.5.20131112 - )
- LAN Speed Test (HKLM-x32\...\{CE48BAE6-CDEF-4EB2-9AB0-67018F25C7C4}_is1) (Version: 3.4 - Totusoft) <==== ATTENTION
- Launch Manager (HKLM-x32\...\LManager) (Version: 5.2.1 - Acer Inc.)
- LST Server (HKLM-x32\...\{2639C038-B485-437E-B567-5ECAC81FD076}_is1) (Version: 1.3.0 - Totusoft)
- MetaPing 1.2.3.19 (HKLM-x32\...\MetaPing_is1) (Version: 1.2.3.19 - Hammer Software)
- Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
- Microsoft Visio Professional 2013 (HKLM-x32\...\Office15.VISPRO) (Version: 15.0.4569.1506 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
- Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
- Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
- Microsoft Visual Studio 6.0 Enterprise Edition (HKLM-x32\...\Visual Studio 6.0 Enterprise Edition) (Version: - )
- Microsoft Web Publishing Wizard 1.53 (HKLM-x32\...\WebPost) (Version: - )
- Mozilla Firefox 37.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-US)) (Version: 37.0.2 - Mozilla)
- Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0.2 - Mozilla)
- NetworkActiv AUTAPF 2.0 (HKLM-x32\...\NetworkActiv AUTAPF 2.0) (Version: - NetworkActiv Software)
- Nitro Pro 8 (HKLM\...\{A9FBDCA0-7A60-49A6-8421-9034EB9AFB94}) (Version: 8.5.0.26 - Nitro)
- Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
- NVIDIA Graphics Driver 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
- NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
- OpenVPN 2.3.4-I002 (HKLM-x32\...\OpenVPN) (Version: 2.3.4-I002 - )
- Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
- Pulseway (HKLM\...\{EEA88E88-C2C4-4262-956D-959C0E76B92C}) (Version: 4.6.4 - MMSOFT Design)
- puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
- Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version: - )
- SAP Crystal Reports runtime engine for .NET Framework (32-bit) (HKLM-x32\...\{FBAB5DC0-657B-424F-BE58-07DEFF68917C}) (Version: 13.0.5.891 - SAP)
- SAP Crystal Reports runtime engine for .NET Framework (64-bit) (HKLM\...\{8674E662-F413-4A50-A256-ABE97FECE84D}) (Version: 13.0.5.891 - SAP)
- Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
- ShadowExplorer 0.9 (HKLM-x32\...\ShadowExplorer_is1) (Version: 0.9.462.0 - ShadowExplorer.com)
- Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
- Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
- SolarWinds LANsurveyor (HKLM-x32\...\{EF2B9282-6C9E-4BA9-AE11-4F192CAD07CA}) (Version: 10.0 - SolarWinds)
- TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
- TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.40798 - TeamViewer)
- Trojan Killer (HKLM-x32\...\GridinSoft Trojan Killer) (Version: 2.2.7.1 - GridinSoft LLC)
- TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
- UltraVnc (HKLM\...\Ultravnc2_is1) (Version: 1.2.0.5 - uvnc bvba)
- Update for Skype for Business 2015 (KB2889853) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{BF1B3F01-93F3-4B83-93DB-132EB1AED259}) (Version: - Microsoft)
- VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
- VMware Virtual Disk Development Kit (HKLM-x32\...\{547EB317-F9FC-4571-B66A-83B3C9D6A2C8}) (Version: 5.1.1.1042608 - VMware, Inc.)
- VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.1 - VMware, Inc)
- VMware Workstation (Version: 10.0.1 - VMware, Inc.) Hidden
- WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
- ZDServer (HKLM-x32\...\{C8197F5F-E0DC-44f1-8AF2-1AA5A84F695D}) (Version: 1.0.1.1 - ZTE Corporation)
- ==================== Custom CLSID (selected items): ==========================
- (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
- ==================== Restore Points =========================
- 19-04-2015 20:12:35 ComboFix created restore point
- 24-04-2015 08:49:09 ComboFix created restore point
- ==================== Hosts content: ==========================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2012-07-26 06:26 - 2015-04-26 10:33 - 00000253 ____N C:\Windows\system32\Drivers\etc\hosts
- 127.0.0.1 www.virustotal.com
- 127.0.0.1 jotti.org
- 127.0.0.1 viruschef.com
- 127.0.0.1 novirusthanks.org
- 127.0.0.1 donotdistribute.com
- 127.0.0.1 nodistribute.com
- 127.0.0.1 www.metascan-online.com
- 127.0.0.1 virusscan.jotti.org
- 127.0.0.1 r.virscan.org
- ==================== Scheduled Tasks (whitelisted) =============
- (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
- Task: {012D1FF0-616A-43B0-B263-DBAC72D3C88A} - System32\Tasks\Update\chrome => Chrome.exe
- Task: {17D9E6AB-2E26-43DA-BD2E-774E85A488F8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-04-19] (Microsoft Corporation)
- Task: {51409D26-AB54-4992-BFFB-E8FD08C4EAFD} - System32\Tasks\{AE6C996A-9622-49BC-BFC0-ED635FA3FB3F} => Iexplore.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=6.11.0.102&LastError=404
- Task: {64C4380E-DEC0-4F28-884C-F664EA863C27} - System32\Tasks\LAN Subsystem => C:\Users\Jeff\Desktop\z89.exe
- Task: {6D90C171-01E3-47CD-8857-6A64C7618EE3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)
- Task: {7E2CFAB8-F0D1-4CA8-AC78-0DF5BCC71FFE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
- Task: {AF396572-D236-4AEB-A9A2-F51636674CF8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
- Task: {B09D68B9-5569-4ED6-82C4-DD8A7014676F} - System32\Tasks\Trojan Killer => C:\Program Files\GridinSoft Trojan Killer\trojankiller.exe [2015-04-23] (GridinSoft LLC)
- Task: {C2D80A2F-DB60-45F0-BB5B-BA55D36DF0EB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-03] (Google Inc.)
- Task: {C81592A0-3D2A-40A8-8D2F-9F0363E2B3D3} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2013-11-13] ()
- Task: {CD31AAA6-C96E-4172-967E-E9F92E1DF390} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-19] (Adobe Systems Incorporated)
- Task: {E42711F4-86BA-427A-89A7-E9B5C98B22CB} - System32\Tasks\Update\Google Update => Chrome.exe
- Task: {F1E2F90C-3D38-4709-AC6F-E1509BE36A3B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
- Task: {FB848EFF-975B-4F34-9FF0-AD43A99EF52B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-03] (Google Inc.)
- Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
- Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- ==================== Loaded Modules (whitelisted) ==============
- 2014-11-26 09:37 - 2015-01-06 12:22 - 00266752 _____ () C:\Program Files\Pulseway\OpenHardwareMonitorLib.dll
- 2015-04-19 17:45 - 2013-06-03 12:11 - 00431360 _____ () C:\ProgramData\ZDSupport\ZDServ\ZDServ.exe
- 2015-03-18 14:08 - 2015-03-18 14:08 - 08898720 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
- 2014-01-30 08:02 - 2014-01-30 08:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
- 2012-01-10 13:41 - 2015-03-30 05:56 - 00568904 _____ () C:\Program Files (x86)\puush\puush.exe
- 2014-11-25 12:09 - 2014-07-10 03:41 - 00354840 _____ () C:\Program Files (x86)\Astrill\asovpnc.exe
- 2014-11-25 12:09 - 2014-05-22 11:54 - 00203304 _____ () C:\Program Files (x86)\Astrill\ascache.exe
- 2010-03-23 12:26 - 2010-03-23 12:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
- 2012-07-17 16:20 - 2012-07-17 16:20 - 00305520 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\patchman\apistrings.dll
- 2012-07-17 16:24 - 2012-07-17 16:24 - 00159600 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\patchman\modlop.dll
- 2012-07-17 16:21 - 2012-07-17 16:21 - 00099184 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\patchman\httpserverattplugin.dll
- 2012-07-17 16:29 - 2012-07-17 16:29 - 00208752 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\patchman\patchautodownload.dll
- 2012-07-17 16:13 - 2012-07-17 16:13 - 02019184 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\patchman\crmimodule.dll
- 2012-07-17 16:28 - 2012-07-17 16:28 - 00183152 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\patchman\scanmngsys.dll
- 2012-07-17 16:29 - 2012-07-17 16:29 - 00049520 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\patchman\schedcompactdb.dll
- 2012-07-17 16:29 - 2012-07-17 16:29 - 00054640 _____ () C:\Program Files (x86)\Advanced Monitoring Agent\patchman\schedupdates.dll
- 2013-10-18 11:46 - 2013-10-18 11:46 - 01260624 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
- 2015-04-29 07:38 - 2015-04-29 07:38 - 00043008 _____ () c:\users\jeff\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpthmid6.dll
- 2015-03-04 22:45 - 2015-03-04 22:45 - 00750080 _____ () C:\Users\Jeff\AppData\Roaming\Dropbox\bin\libGLESv2.dll
- 2015-03-04 22:45 - 2015-03-04 22:45 - 00047616 _____ () C:\Users\Jeff\AppData\Roaming\Dropbox\bin\libEGL.dll
- 2015-03-04 22:45 - 2015-03-04 22:45 - 00865280 _____ () C:\Users\Jeff\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
- 2015-03-04 22:45 - 2015-03-04 22:45 - 00200704 _____ () C:\Users\Jeff\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
- 2015-03-04 22:45 - 2015-03-04 22:45 - 00010240 _____ () C:\Users\Jeff\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
- 2015-03-04 22:45 - 2015-03-04 22:45 - 00726016 _____ () C:\Users\Jeff\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
- 2015-03-04 22:45 - 2015-03-04 22:45 - 00010240 _____ () C:\Users\Jeff\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
- 2014-11-25 12:09 - 2014-05-22 11:54 - 00083992 _____ () C:\Program Files (x86)\Astrill\libgnurx-0.dll
- ==================== Alternate Data Streams (whitelisted) =========
- (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
- ==================== Safe Mode (whitelisted) ===================
- (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ASProxy => ""="service"
- ==================== EXE Association (whitelisted) ===============
- (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
- ==================== Internet Explorer trusted/restricted ===============
- (If an entry is included in the fixlist, the associated entry will be removed from the registry.)
- ==================== Other Areas ============================
- (Currently there is no automatic fix for this section.)
- HKU\S-1-5-21-4100569545-1831711435-1705162196-1001\Control Panel\Desktop\\Wallpaper -> E:\Hackaholic_by_lightisbright.jpg
- DNS Servers: 198.18.48.1 - 192.168.179.1
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- (Currently there is no automatic fix for this section.)
- ==================== FirewallRules (whitelisted) ===============
- (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
- FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
- FirewallRules: [Wininit-Shutdown-In-Rule-TCP-RPC] => (Allow) %systemroot%\system32\wininit.exe
- FirewallRules: [Wininit-Shutdown-In-Rule-TCP-RPC-EPMapper] => (Allow) %systemroot%\system32\wininit.exe
- FirewallRules: [ProximityUxHost-Sharing-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\proximityuxhost.exe
- FirewallRules: [ProximityUxHost-Sharing-Out-TCP-NoScope] => (Allow) %SystemRoot%\system32\proximityuxhost.exe
- FirewallRules: [NETDIS-DAS-In-UDP-Active] => (Allow) %SystemRoot%\system32\dashost.exe
- FirewallRules: [NETDIS-DAS-In-UDP] => (Allow) %SystemRoot%\system32\dashost.exe
- FirewallRules: [PlayTo-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
- FirewallRules: [PlayTo-In-UDP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
- FirewallRules: [PlayTo-In-UDP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
- FirewallRules: [PlayTo-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
- FirewallRules: [PlayTo-Out-UDP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
- FirewallRules: [PlayTo-Out-UDP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
- FirewallRules: [PlayTo-In-RTSP-NoScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
- FirewallRules: [PlayTo-In-RTSP-LocalSubnetScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
- FirewallRules: [PlayTo-In-RTSP-PlayToScope] => (Allow) %SystemRoot%\system32\mdeserver.exe
- FirewallRules: [TPMVSCMGR-Server-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
- FirewallRules: [TPMVSCMGR-Server-Out-TCP-NoScope] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
- FirewallRules: [TPMVSCMGR-Server-In-TCP] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
- FirewallRules: [TPMVSCMGR-Server-Out-TCP] => (Allow) %SystemRoot%\system32\RmtTpmVscMgrSvr.exe
- FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
- FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
- FirewallRules: [{6697BCF5-65E1-4B1F-A6E9-19A3372F916C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
- FirewallRules: [TCP Query User{17D6FC0B-3AC8-4DC8-A765-2296DBCAA389}E:\win 10\cybergate_v3.5.1.0\cybergate_v3.5.1.0.exe] => (Allow) E:\win 10\cybergate_v3.5.1.0\cybergate_v3.5.1.0.exe
- FirewallRules: [UDP Query User{D98637F2-C624-46DD-B4B7-03FC8C56400B}E:\win 10\cybergate_v3.5.1.0\cybergate_v3.5.1.0.exe] => (Allow) E:\win 10\cybergate_v3.5.1.0\cybergate_v3.5.1.0.exe
- FirewallRules: [{E55677C2-70E0-4281-BC2B-A994EA14C692}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
- FirewallRules: [{BA551F3D-686B-4FD4-A483-6C37D6B5D94A}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
- FirewallRules: [{52E23BA1-DFDC-4C73-8FE8-166EE84F90BC}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
- FirewallRules: [{EFA56BA0-324E-433D-8F9A-DD90B67AAD23}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
- FirewallRules: [{C163967F-51F2-4B94-9541-01A33232B313}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
- FirewallRules: [{D7802C18-75EB-4093-87B1-BF0EA9D060C2}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
- FirewallRules: [{7D97729C-29BF-4FC2-B97D-875756D68296}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
- FirewallRules: [{EB449DA3-AB7D-4ACC-A200-40FEBF74F3BD}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
- FirewallRules: [{EF5ED1EE-DEDC-42A6-9C57-CCA99D3DABA7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\outlook.exe
- FirewallRules: [{2E2E9E7A-7CD6-4E8E-BEF6-2F65D8A2E616}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
- FirewallRules: [{9FFED866-6EA5-460A-B272-6CEAFF4A9A5F}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
- FirewallRules: [{F1D1445E-5461-45D6-8678-D8DAA44C222F}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
- FirewallRules: [{06B109F3-7967-48DF-A8A7-8C5D8E123A9A}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
- FirewallRules: [{BCCCFCDD-5E8E-4DF2-9CE2-079C80E05577}] => (Allow) C:\Users\Jeff\AppData\Roaming\Dropbox\bin\Dropbox.exe
- FirewallRules: [{0C2235ED-88EE-4162-A269-A3B1D57FCF9F}] => (Allow) C:\Users\Jeff\AppData\Roaming\Dropbox\bin\Dropbox.exe
- FirewallRules: [{C8AD6E48-0301-4D4B-B02A-E9D8F1A2EDD6}] => (Allow) C:\Program Files (x86)\BitLord 2\Bitlord files\bitlord.exe
- FirewallRules: [{DF7C1C9B-F01D-4337-8CFF-3F065848724F}] => (Allow) C:\Program Files (x86)\BitLord 2\Bitlord files\bitlord.exe
- FirewallRules: [{EC05E3DB-DAA0-4FCC-A14E-C49990AD9416}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
- FirewallRules: [{777053C7-40C1-4423-8981-AD4F79BB205E}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
- FirewallRules: [{D8793AB9-4E4B-4BE4-A6CA-E8C937323223}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
- FirewallRules: [{91EAC995-C853-49E0-BD01-102D9223B9E0}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
- FirewallRules: [{9493CE65-6283-4258-8DB2-A365072CC1E7}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
- FirewallRules: [{6B307547-C2CC-4151-A033-86C0F5A617A1}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
- FirewallRules: [{59C4A643-F04E-4AE4-9EE5-AF72CC5454AD}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
- FirewallRules: [{8F8311DC-ABAD-408C-991D-F853CC6DB9DC}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
- FirewallRules: [{B8157819-A3EE-48D4-AEF8-16024E605AD1}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
- FirewallRules: [{8A4C4609-8C61-45F1-A2CA-F814E3B615D8}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
- FirewallRules: [{4CF28629-3F16-4EAF-AD7E-F49F99AAC62B}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
- FirewallRules: [{344645F2-02D3-4ED2-A3D7-FD4ADEF5D10D}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
- FirewallRules: [{DD20C060-5231-441C-AA4E-E75B511C2F4A}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
- FirewallRules: [{BB810A66-A5E5-4559-95A4-CE79F5943265}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
- FirewallRules: [{FDD76B0D-32B6-45AF-B833-5DFA9632A881}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- FirewallRules: [{85FA6E5F-40FA-4B5E-A11F-9C0528F14865}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- FirewallRules: [{1E6AFA20-0071-405D-997B-666FEFD2BAFB}] => (Allow) C:\Program Files (x86)\BitLord\BitLord.exe
- FirewallRules: [{259D0806-E722-4B83-87D6-069FF681F1AE}] => (Allow) C:\Program Files (x86)\BitLord\BitLord.exe
- FirewallRules: [{4C3ADD02-7185-4438-90A7-9163136E4F59}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe
- FirewallRules: [{F9654FE1-6FCA-45F8-8A6C-D4FD59F4AA7C}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe
- FirewallRules: [{521B185B-77BD-4A71-8E56-E591678EB425}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe
- FirewallRules: [{85FD5978-869E-4064-BB1F-F33359CA36BF}] => (Allow) C:\Program Files\uvnc bvba\UltraVNC\vncviewer.exe
- FirewallRules: [{87F39D07-6556-44B8-923E-19CA8FF3B83C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
- FirewallRules: [{BAE793F3-3553-4263-A368-942BB13EC6B4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
- FirewallRules: [{B6C2C829-BF7C-4031-A44B-63784EE08C56}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
- FirewallRules: [{415D181C-5014-4E1C-A064-63783FA831CB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
- FirewallRules: [{C169E1DE-561A-4397-8C61-B4FCDF7F2E10}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- FirewallRules: [{AC443E82-DE6D-49EC-AC27-5B5ECF38D832}] => (Allow) C:\Users\Jeff\Desktop\torchat-windows-0.9.9.553\bin\torchat.exe
- FirewallRules: [{45B27395-02A4-48F4-952C-4B5B16086129}] => (Allow) C:\Users\Jeff\Desktop\torchat-windows-0.9.9.553\bin\torchat.exe
- FirewallRules: [{9E13F0F7-7D52-4F59-9948-AA56A22A5722}] => (Allow) C:\Users\Jeff\Desktop\torchat-windows-0.9.9.553\bin\torchat.exe
- FirewallRules: [{F21749B7-D397-4F17-A8E0-BC7E71BB4005}] => (Allow) C:\Users\Jeff\Desktop\torchat-windows-0.9.9.553\bin\torchat.exe
- FirewallRules: [{B264D49E-5D94-4CBA-A99C-349512A5C3FD}] => (Allow) C:\Users\Jeff\Downloads\NanoCore.exe
- FirewallRules: [{CD84060D-11F2-4CAD-99EE-360536F96571}] => (Allow) C:\Users\Jeff\Downloads\NanoCore.exe
- FirewallRules: [{3C585033-6E38-4349-9FD2-91927F00F9BB}] => (Allow) C:\Users\Jeff\Downloads\NanoCore.exe
- FirewallRules: [{42E92F7D-0309-4539-B8D7-16910DD07EA9}] => (Allow) C:\Users\Jeff\Downloads\NanoCore.exe
- FirewallRules: [{BFEF7F70-D31B-498F-81A2-A088966DF050}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
- FirewallRules: [{E1364040-79AE-4792-8812-0BA9A179CAB6}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
- ==================== Faulty Device Manager Devices =============
- Name: Cisco Systems VPN Adapter for 64-bit Windows
- Description: Cisco Systems VPN Adapter for 64-bit Windows
- Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
- Manufacturer: Cisco Systems
- Service: CVirtA
- Problem: : This device is disabled. (Code 22)
- Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
- Name: Base System Device
- Description: Base System Device
- Class Guid:
- Manufacturer:
- Service:
- Problem: : The drivers for this device are not installed. (Code 28)
- Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
- Name: WAN Miniport (Network Monitor) #2
- Description: WAN Miniport (Network Monitor)
- Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
- Manufacturer: Microsoft
- Service: NdisWan
- Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
- Resolution: Update the driver
- Name: 1.3M HD WebCam
- Description: USB Video Device
- Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
- Manufacturer: Microsoft
- Service: usbvideo
- Problem: : This device is disabled. (Code 22)
- Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
- Name: Base System Device
- Description: Base System Device
- Class Guid:
- Manufacturer:
- Service:
- Problem: : The drivers for this device are not installed. (Code 28)
- Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
- ==================== Event log errors: =========================
- Application errors:
- ==================
- Error: (04/29/2015 05:45:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Toxic-Legend)
- Description: Activation of app microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe:Microsoft.WindowsLive.ModernPhotos.AppXsjk229593yvkhw8w13eans3t0eh9strp.wwa failed with error: -2144927150 See the Microsoft-Windows-TWinUI/Operational log for additional information.
- Error: (04/28/2015 07:37:25 PM) (Source: PerfNet) (EventID: 2004) (User: )
- Description:
- Error: (04/28/2015 06:54:33 PM) (Source: PerfNet) (EventID: 2004) (User: )
- Description:
- Error: (04/28/2015 06:20:01 PM) (Source: Application Error) (EventID: 1000) (User: )
- Description: Faulting application name: asovpnc.exe, version: 0.0.0.0, time stamp: 0x53be8938
- Faulting module name: asovpnc.exe, version: 0.0.0.0, time stamp: 0x53be8938
- Exception code: 0xc0000005
- Fault offset: 0x0003a610
- Faulting process id: 0x144c
- Faulting application start time: 0xasovpnc.exe0
- Faulting application path: asovpnc.exe1
- Faulting module path: asovpnc.exe2
- Report Id: asovpnc.exe3
- Faulting package full name: asovpnc.exe4
- Faulting package-relative application ID: asovpnc.exe5
- Error: (04/28/2015 02:49:11 PM) (Source: PerfNet) (EventID: 2004) (User: )
- Description:
- Error: (04/28/2015 02:41:01 PM) (Source: PerfNet) (EventID: 2004) (User: )
- Description:
- Error: (04/28/2015 02:21:49 PM) (Source: PerfNet) (EventID: 2004) (User: )
- Description:
- Error: (04/28/2015 02:21:44 PM) (Source: Perflib) (EventID: 1008) (User: )
- Description: BITSC:\Windows\System32\bitsperf.dll8
- Error: (04/28/2015 09:18:59 AM) (Source: SideBySide) (EventID: 35) (User: )
- Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
- Component identity found in manifest does not match the identity of the component requested.
- Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
- Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
- Please use sxstrace.exe for detailed diagnosis.
- Error: (04/28/2015 09:16:17 AM) (Source: SideBySide) (EventID: 35) (User: )
- Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
- Component identity found in manifest does not match the identity of the component requested.
- Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
- Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
- Please use sxstrace.exe for detailed diagnosis.
- System errors:
- =============
- Error: (04/29/2015 07:38:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
- Description: The ASProxy service terminated unexpectedly. It has done this 2 time(s).
- Error: (04/29/2015 05:41:19 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
- Description: The ASProxy service terminated unexpectedly. It has done this 1 time(s).
- Error: (04/28/2015 09:25:09 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
- Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
- Error: (04/28/2015 09:25:09 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
- Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
- Error: (04/28/2015 09:25:08 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
- Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
- Error: (04/28/2015 09:25:08 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
- Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
- Error: (04/28/2015 09:25:07 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
- Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
- Error: (04/28/2015 09:25:07 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
- Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
- Error: (04/28/2015 09:25:06 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
- Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
- Error: (04/28/2015 09:25:06 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
- Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 10. The Windows SChannel error state is 10.
- Microsoft Office Sessions:
- =========================
- Error: (04/29/2015 05:45:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Toxic-Legend)
- Description: microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe:Microsoft.WindowsLive.ModernPhotos.AppXsjk229593yvkhw8w13eans3t0eh9strp.wwa-2144927150
- Error: (04/28/2015 07:37:25 PM) (Source: PerfNet) (EventID: 2004) (User: )
- Description:
- Error: (04/28/2015 06:54:33 PM) (Source: PerfNet) (EventID: 2004) (User: )
- Description:
- Error: (04/28/2015 06:20:01 PM) (Source: Application Error) (EventID: 1000) (User: )
- Description: asovpnc.exe0.0.0.053be8938asovpnc.exe0.0.0.053be8938c00000050003a610144c01d081d1eac58359C:\Program Files (x86)\Astrill\asovpnc.exeC:\Program Files (x86)\Astrill\asovpnc.execcb42b8b-edca-11e4-bf79-b870f4f2a89e
- Error: (04/28/2015 02:49:11 PM) (Source: PerfNet) (EventID: 2004) (User: )
- Description:
- Error: (04/28/2015 02:41:01 PM) (Source: PerfNet) (EventID: 2004) (User: )
- Description:
- Error: (04/28/2015 02:21:49 PM) (Source: PerfNet) (EventID: 2004) (User: )
- Description:
- Error: (04/28/2015 02:21:44 PM) (Source: Perflib) (EventID: 1008) (User: )
- Description: BITSC:\Windows\System32\bitsperf.dll8
- Error: (04/28/2015 09:18:59 AM) (Source: SideBySide) (EventID: 35) (User: )
- Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files (x86)\microsoft office\Office15\lync.exe.Manifestc:\program files (x86)\microsoft office\Office15\UccApi.DLL1
- Error: (04/28/2015 09:16:17 AM) (Source: SideBySide) (EventID: 35) (User: )
- Description: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0"c:\program files (x86)\microsoft office\Office15\lync.exe.Manifestc:\program files (x86)\microsoft office\Office15\UccApi.DLL1
- CodeIntegrity Errors:
- ===================================
- Date: 2015-04-24 08:56:20.824
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2015-04-24 08:56:20.762
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2015-04-08 12:55:14.916
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2015-04-08 12:55:14.862
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2015-03-30 14:28:22.299
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2015-03-30 14:28:22.252
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2015-03-13 07:31:57.261
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2015-03-13 07:31:57.214
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2015-03-11 20:52:21.583
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- Date: 2015-03-11 20:52:21.534
- Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
- ==================== Memory info ===========================
- Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
- Percentage of memory in use: 22%
- Total physical RAM: 8043.86 MB
- Available physical RAM: 6229.83 MB
- Total Pagefile: 9259.86 MB
- Available Pagefile: 7345.34 MB
- Total Virtual: 8192 MB
- Available Virtual: 8191.72 MB
- ==================== Drives ================================
- Drive c: () (Fixed) (Total:265.42 GB) (Free:138.93 GB) NTFS
- Drive e: (Shadow Antrax) (Fixed) (Total:121.88 GB) (Free:25.74 GB) NTFS
- ==================== MBR & Partition Table ==================
- ========================================================
- Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 40F91AF4)
- Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
- Partition 2: (Not Active) - (Size=265.4 GB) - (Type=07 NTFS)
- Partition 3: (Not Active) - (Size=200 GB) - (Type=OF Extended)
- ==================== End Of Log ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement