Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16-10-2017
- Ran by lchatburn (17-10-2017 10:41:08)
- Running from \\scl001000\c$\Users\lchatburn\Downloads
- Microsoft(R) Windows(R) Server 2003, Standard Edition Service Pack 2 (X86) (2006-10-14 10:19:47)
- Boot Mode: Normal
- ==========================================================
- ==================== Accounts: =============================
- Administrator (S-1-5-21-1104951075-3954929616-100337018-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
- ASPNET (S-1-5-21-1104951075-3954929616-100337018-1010 - Limited - Enabled)
- ConciseAdmin (S-1-5-21-1104951075-3954929616-100337018-1009 - Administrator - Enabled)
- Guest (S-1-5-21-1104951075-3954929616-100337018-501 - Limited - Disabled)
- IUSR_SEDDONWAR-DC01 (S-1-5-21-1104951075-3954929616-100337018-1002 - Limited - Enabled)
- IWAM_SEDDONWAR-DC01 (S-1-5-21-1104951075-3954929616-100337018-1001 - Limited - Enabled)
- NetESPAdmin (S-1-5-21-1104951075-3954929616-100337018-1022 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\netespadmin.SEDDONWAR-DC01
- SophosUpdateMgr (S-1-5-21-1104951075-3954929616-100337018-1008 - Limited - Enabled)
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- ==================== Installed Programs ======================
- (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- 32 Bit HP CIO Components Installer (HKLM\...\{47ECCB1F-2811-49C0-B6A7-26778639ABA0}) (Version: 3.1.1 - Hewlett-Packard) Hidden
- Angry IP Scanner (HKLM\...\Angry IP Scanner) (Version: 3.3.2 - Angry IP Scanner)
- ARGUS Developer (HKLM\...\{A9FC9346-5F73-4FEF-A8A5-E6019BB6EC6A}) (Version: - )
- ARGUS Zone Pane (HKLM\...\{746318F8-E47F-44C4-AD4D-BAAFABD8CEE0}) (Version: 1.2.4 - ARGUS Software)
- Cisco WebEx Meetings (HKLM\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
- Concise NetESP (HKLM\...\{48C76121-4F90-11D5-9884-0050BA85A903}) (Version: - )
- EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - )
- FreeFileSync 7.1 (HKLM\...\FreeFileSync) (Version: 7.1 - www.FreeFileSync.org)
- Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
- Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
- Headless Server Registry Update (HKLM\...\{4E5563B6-DE0A-4F3B-A5D6-15789FD12D9B}) (Version: 1.0.0.0 - Hewlett-Packard Company)
- HP Insight Management WBEM Providers for Windows Server 2003/2008 (HKLM\...\HP-{CB9CC4E0-ACBF-40C9-B1EF-F28CDF47486D}) (Version: 2.4.0.0 - Hewlett-Packard Company)
- HP ProLiant PCI-express Power Management Update for Windows (HKLM\...\{34D6E797-AA32-455D-8E65-4EBD1AC9DED7}) (Version: 1.3.0.0 - Hewlett-Packard Company)
- HP Version Control Agent (HKLM\...\{5A5F45AE-0250-4C34-9D89-F10BDDEE665F}) (Version: 6.2.0.860 - Hewlett Packard Development Company, L.P.)
- Internet Explorer Q903235 (HKLM\...\Q903235) (Version: - Microsoft Corporation)
- Internet Submissions (HKLM\...\{00B48B61-A263-4879-BB48-24201659F10D}) (Version: 1.0.0.0 - InstallShield Software Corporation) Hidden
- Internet Submissions (HKLM\...\{63459767-40A2-4991-894C-C2E813CE9ADE}) (Version: 3.1.0.0 - Sage (UK) Ltd)
- Java(TM) 6 Update 13 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216013FF}) (Version: 6.0.130 - Sun Microsystems, Inc.)
- MagicDisc 2.7.106 (HKLM\...\MagicDisc 2.7.106) (Version: - )
- Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
- Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
- Microsoft .NET Framework 1.1 Hotfix (KB886903) (HKLM\...\M886903) (Version: - )
- Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
- Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
- Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
- Microsoft Group Policy Management Console with SP1 (HKLM\...\{CA3553E0-191B-4E2F-AD3C-82E33CB9D4E4}) (Version: 1.0.2.0 - Microsoft Corporation)
- Microsoft Office 2003 Resource Kit (HKLM\...\{90240409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
- Microsoft Office Outlook 2003 (HKLM\...\{90E00409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
- Microsoft Report Viewer Redistributable 2005 (HKLM\...\Microsoft Report Viewer Redistributable 2005) (Version: - Microsoft Corporation)
- Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
- Microsoft SOAP Toolkit 3.0 (HKLM\...\{BCB4C18A-ACA6-4383-8688-E19933A705DD}) (Version: 3.0.1325.4 - Microsoft Corporation)
- Microsoft Software Inventory Analyzer (HKLM\...\{1090D33C-8885-4E7D-893C-5A83092F6E8A}) (Version: 4.0.0.0008 - Microsoft Corporation)
- Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
- Microsoft SQL Server 2008 (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
- Microsoft SQL Server 2008 Browser (HKLM\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.2.4000.0 - Microsoft Corporation)
- Microsoft SQL Server 2008 Native Client (HKLM\...\{94317163-C5D1-4FCE-A0D9-F48FE06A7D7D}) (Version: 10.2.4000.0 - Microsoft Corporation)
- Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{5B161932-9D42-4D5E-858D-29BF4C670944}) (Version: 10.2.4000.0 - Microsoft Corporation)
- Microsoft SQL Server Management Studio Express (HKLM\...\{A4512736-8D63-4298-9271-5329931FA46B}) (Version: 9.00.2047.00 - Microsoft Corporation)
- Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
- Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
- Microsoft SQL Server VSS Writer (HKLM\...\{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}) (Version: 10.2.4000.0 - Microsoft Corporation)
- Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
- Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
- Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
- Microsoft Visual J# 2.0 Redistributable Package - SE (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE) (Version: - Microsoft Corporation)
- MSXML 4.0 SP2 (KB925672) (HKLM\...\{A9CF9052-F4A0-475D-A00F-A8388C62DD63}) (Version: 4.20.9839.0 - Microsoft Corporation)
- MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
- MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
- MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
- MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
- MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
- MSXML 6 Service Pack 2 (KB2957482) (HKLM\...\{87741E76-9D88-49FD-9C7C-14E2B37EB065}) (Version: 6.20.2017.0 - Microsoft Corporation)
- Oce WPD2 (HKLM\...\{879EBBD4-5CC7-49e8-A590-A390D34C9F1D}) (Version: 2.10 - Oce)
- Pervasive PSQL v10.10 Workgroup (32-bit) (HKLM\...\{0A3238D7-AB32-1010-B717-F3E3F18B4A8C}) (Version: 10.12.022 - Pervasive Software)
- PowerChute Business Edition Agent (HKLM\...\{BCE9F441-9027-4911-82E0-5FB28057897D}) (Version: 9.0.0.613 - American Power Conversion)
- Sage e-Banking Core Components (HKLM\...\{02FDB688-0E6B-4398-9D9D-7C996C442AA9}) (Version: 1.0.0.0 - Sage (UK) Ltd.) Hidden
- Sage e-Banking Core Components (HKLM\...\{3F4C014E-32BB-465D-B4B0-72F0E195AD66}) (Version: 1.0.0.0 - Sage (UK) Ltd.) Hidden
- Sage e-Banking Payment Service Banks (HKLM\...\{72079465-092C-430E-916D-45A32A8AC312}) (Version: 1.0.0.0 - Sage (UK) Ltd. ) Hidden
- Sage e-Banking Payment Service Banks (HKLM\...\{83DCC98C-6E29-4478-860A-4D6D79AAC667}) (Version: 1.0.0.0 - Sage (UK) Ltd. ) Hidden
- Sage e-Banking: AlliedIrishSEPA (HKLM\...\{2BCC1107-491A-40F0-9222-3C11747D884E}) (Version: 4.0.109.0 - Sage (UK) Limited)
- Sage e-Banking: DanskeSEPA (HKLM\...\{78F227F4-6638-4EFD-8763-94E7DFA9CFD2}) (Version: 4.0.109.0 - Sage (UK) Limited)
- Sage e-Banking: SageSEPACreditTransfer(1) (HKLM\...\{3BBAECA2-1468-477A-B78F-99544BE53C7B}) (Version: 4.0.124.0 - Sage (UK) Limited)
- Sage Pay VSP (HKLM\...\{C82EB546-36F7-4F13-A60E-0ED48657CD25}) (Version: 1.0.0.0 - Sage (UK) Ltd) Hidden
- Sage Protx VSP (HKLM\...\{8B6A85B1-C2EA-48CA-8D3D-00CF7E1A5AB2}) (Version: 1.0.0.0 - Neil Haswell) Hidden
- SageEBanking (HKLM\...\{9EEE71B6-4699-4C66-BDE8-FC3611B9725F}) (Version: 4.0.118.0 - Sage (UK) Limited)
- Samsung CLP-500 Series (HKLM\...\Samsung CLP-500 Series) (Version: - )
- Service Pack 2 for SQL Server 2008 (KB2285068) (HKLM\...\KB2285068) (Version: 10.2.4000.0 - Microsoft Corporation)
- ShadowExplorer 0.8 (HKLM\...\ShadowExplorer_is1) (Version: 0.8.430.0 - ShadowExplorer.com)
- Snow Inventory Client (HKLM\...\{063EFBFF-D1B3-4D5B-8215-1B412D81DABE}) (Version: 3.6 - Snow Software AB)
- Sophos Management Server (HKLM\...\{B90BD304-83F6-49E0-BBF8-3EA448ED1E2B}) (Version: 5.0.0 - Sophos Limited)
- Sophos Update Manager (HKLM\...\{2C7A82DB-69BC-4198-AC26-BB862F1BE4D0}) (Version: 1.5.8.11 - Sophos Limited)
- Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.1 - Sophos Limited)
- Sql Server Customer Experience Improvement Program (HKLM\...\{C965F01C-76EA-4BD7-973E-46236AE312D7}) (Version: 10.2.4000.0 - Microsoft Corporation) Hidden
- TASBooks v6.02 (HKLM\...\{B60DA954-2BCC-4A4F-9525-DCC8A4E328BF}) (Version: 6.26 - TAS Software (a division of Sage (UK) Limited))
- Technesis SmartPrint Server (HKLM\...\{1FA51053-177C-495B-993C-F98A35D5C99B}) (Version: 5.63.000 - Technesis)
- TreeSize Free V2.3.3 (HKLM\...\TreeSize Free_is1) (Version: - JAM Software)
- VMware vSphere Client 5.1 (HKLM\...\{09DC364B-A77A-49A0-972B-E43F0DACC5E3}) (Version: 5.1.0.2669 - VMware, Inc.)
- WebFldrs (HKLM\...\{6F716D8C-398F-11D3-85E1-005004838609}) (Version: 9.50.7522 - Microsoft Corporation) Hidden
- Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
- Windows Internal Database (HKLM\...\Windows Internal Database) (Version: 9.4.5000.00 - Microsoft Corporation)
- Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
- Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation)
- Windows Resource Kit Tools (HKLM\...\{FA237125-51FF-408C-8BB8-30C2B3DFFF9C}) (Version: 5.2.3790 - Microsoft Corporation)
- Windows Server 2003 Service Pack 1 Administration Tools Pack (HKLM\...\{27B3563C-561C-4924-8C0E-EA102264873F}) (Version: 5.2.3790.1830 - Microsoft Corporation)
- Windows Server 2003 Service Pack 2 (HKLM\...\Windows Server 2003 Service Pack) (Version: 20070217.021455 - Microsoft Corporation)
- Windows Support Tools (HKLM\...\{F07F0BCD-5C6D-4499-9F05-6ED747078A72}) (Version: 5.2.3790.3959 - Microsoft Corporation)
- XML Paper Specification Shared Components Pack 1.0 (HKLM\...\XpsEPSC) (Version: - Microsoft Corporation) Hidden
- ==================== Custom CLSID (Whitelisted): ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- ShellIconOverlayIdentifiers: [Offline Files] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINNT\System32\cscui.dll [2007-02-17] (Microsoft Corporation)
- ContextMenuHandlers1: [Offline Files] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINNT\System32\cscui.dll [2007-02-17] (Microsoft Corporation)
- ContextMenuHandlers1: [Open With] -> {09799AFB-AD67-11d1-ABCD-00C04FC30936} => C:\WINNT\system32\SHELL32.dll [2015-02-19] (Microsoft Corporation)
- ContextMenuHandlers1: [Open With EncryptionMenu] -> {A470F8CF-A1E8-4f65-8335-227475AA5C46} => C:\WINNT\system32\SHELL32.dll [2015-02-19] (Microsoft Corporation)
- ContextMenuHandlers2: [Offline Files] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINNT\System32\cscui.dll [2007-02-17] (Microsoft Corporation)
- ContextMenuHandlers2: [Sharing] -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} => C:\WINNT\system32\ntshrui.dll [2007-02-17] (Microsoft Corporation)
- ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
- ContextMenuHandlers3: [Send To] -> {7BA4C740-9E81-11CF-99D3-00AA004AE837} => C:\WINNT\system32\SHELL32.dll [2015-02-19] (Microsoft Corporation)
- ContextMenuHandlers4: [EncryptionMenu] -> {A470F8CF-A1E8-4f65-8335-227475AA5C46} => C:\WINNT\system32\SHELL32.dll [2015-02-19] (Microsoft Corporation)
- ContextMenuHandlers4: [Offline Files] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINNT\System32\cscui.dll [2007-02-17] (Microsoft Corporation)
- ContextMenuHandlers4: [Open With EncryptionMenu] -> {A470F8CF-A1E8-4f65-8335-227475AA5C46} => C:\WINNT\system32\SHELL32.dll [2015-02-19] (Microsoft Corporation)
- ContextMenuHandlers4: [Sharing] -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} => C:\WINNT\system32\ntshrui.dll [2007-02-17] (Microsoft Corporation)
- ContextMenuHandlers5: [New] -> {D969A300-E7FF-11d0-A93B-00A0C90F2719} => C:\WINNT\system32\SHELL32.dll [2015-02-19] (Microsoft Corporation)
- ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
- ==================== Scheduled Tasks (Whitelisted) =============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
- Task: C:\WINNT\Tasks\ftp backup.job => C:\Router Backup\ftp backup.bat
- Task: C:\WINNT\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
- Task: C:\WINNT\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
- Task: C:\WINNT\Tasks\Sophos Patch Feed.job => C:\Program Files\Sophos\Patch\PatchDataLoader\PatchDataLoader.exe
- Task: C:\WINNT\Tasks\Sophos Patch Purge.job => C:\Program Files\Sophos\Patch\SQL Tasks\SQLTasks.exeSQLTaskList_PatchApp.xml
- ==================== Shortcuts & WMI ========================
- (The entries could be listed to be restored or removed.)
- ==================== Loaded Modules (Whitelisted) ==============
- ==================== Alternate Data Streams (Whitelisted) =========
- (If an entry is included in the fixlist, only the ADS will be removed.)
- ==================== Safe Mode (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KACNCST982389604875948 => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys => ""="Driver"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys => ""="Driver"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wd.sys => ""="Driver"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KACNCST982389604875948 => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NBF => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nbf.sys => ""="Driver"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProtectedStorage => ""="Service"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sglfb.sys => ""="Driver"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tga.sys => ""="Driver"
- HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr => ""="Service"
- ==================== Association (Whitelisted) ===============
- (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
- HKLM\...\batfile\DefaultIcon: %SystemRoot%\System32\shell32.dll,-153 <==== ATTENTION
- HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\shell32.dll,-153 <==== ATTENTION
- ==================== Internet Explorer trusted/restricted ===============
- (If an entry is included in the fixlist, it will be removed from the registry.)
- IE trusted site: HKU\S-1-5-21-340939281-53681511-1314699864-13266\...\seddonad.com -> hxxp://collab.seddonad.com
- ==================== Hosts content: ==========================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 1980-01-01 01:00 - 2013-11-24 11:27 - 000000851 _____ C:\WINNT\system32\Drivers\etc\hosts
- 127.0.0.1 localhost
- 192.168.1.4 remote.concise.it
- 192.168.8.1 APPSERVER.SEDDONHC.LOCAL
- 192.168.101.15 sugarich-cms.ctmgmt.local
- ==================== Other Areas ============================
- (Currently there is no automatic fix for this section.)
- HKU\S-1-5-21-1801674531-602609370-839522115-500\Control Panel\Desktop\\Wallpaper -> (None)
- HKU\S-1-5-21-2686359784-2337446889-633414269-1112\Control Panel\Desktop\\Wallpaper -> (None)
- HKU\S-1-5-21-2686359784-2337446889-633414269-500\Control Panel\Desktop\\Wallpaper ->
- HKU\S-1-5-21-340939281-53681511-1314699864-12605\Control Panel\Desktop\\Wallpaper ->
- HKU\S-1-5-21-340939281-53681511-1314699864-13266\Control Panel\Desktop\\Wallpaper ->
- DNS Servers: 10.10.10.100 - 10.10.10.101
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: ) (ConsentPromptBehaviorUser: ) (EnableLUA: 1)
- mpsdrv => Firewall Service is not running.
- MpsSvc => Firewall Service is not running.
- bfe => Firewall Service is not running.
- Windows Firewall is disabled.
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^EPSON Status Monitor 3 Environment Check(3).lnk => C:\WINNT\pss\EPSON Status Monitor 3 Environment Check(3).lnkCommon Startup
- MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Service Manager.lnk => C:\WINNT\pss\Service Manager.lnkCommon Startup
- MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
- MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
- MSCONFIG\startupreg: KASHCNCST982389604875948 => "C:\Program Files\NetESP\Agent\CNCST982389604875948\KaUsrTsk.exe"
- MSCONFIG\startupreg: MsmqIntCert => regsvr32 /s mqrt.dll
- MSCONFIG\startupreg: Sophos AutoUpdate Monitor => C:\Program Files\Sophos\AutoUpdate\almon.exe
- MSCONFIG\startupreg: SophosMessenger => "C:\Program Files\Sophos\SophosMessenger\Sophos.Messenger.exe"
- ==================== FirewallRules (Whitelisted) ===============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- DomainProfile\AuthorizedApplications: [C:\WINNT\vsAOD.Exe] => Enabled:Visionsoft Audit on Demand Service
- DomainProfile\AuthorizedApplications: [C:\WINNT\system32\mqsvc.exe] => Enabled:Message Queuing
- DomainProfile\AuthorizedApplications: [C:\WINNT\LTsvc\LTSVC.exe] => Enabled:AgentService
- DomainProfile\AuthorizedApplications: [C:\WINNT\LTsvc\LTSVCmon.exe] => Enabled:AgentMonitor
- DomainProfile\AuthorizedApplications: [C:\WINNT\LTsvc\LTTray.exe] => Enabled:AgentTray
- DomainProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
- StandardProfile\AuthorizedApplications: [C:\WINNT\system32\mqsvc.exe] => Enabled:Message Queuing
- StandardProfile\AuthorizedApplications: [C:\WINNT\vsAOD.Exe] => Enabled:Visionsoft Audit on Demand Service
- StandardProfile\AuthorizedApplications: [C:\WINNT\LTSVC\LTSVC.exe] => Enabled:AgentService
- StandardProfile\AuthorizedApplications: [C:\WINNT\LTSVC\LTSvcMon.exe] => Enabled:AgentMonitor
- StandardProfile\AuthorizedApplications: [C:\WINNT\LTSVC\LTTray.exe] => Enabled:AgentTray
- DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
- DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
- DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
- DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
- DomainProfile\GloballyOpenPorts: [20247:TCP] => Enabled:20247
- DomainProfile\GloballyOpenPorts: [20247:UDP] => Enabled:20247
- DomainProfile\GloballyOpenPorts: [42000:UDP] => :LocalSubNet:Enabled:allowagent
- DomainProfile\GloballyOpenPorts: [42001:UDP] => :LocalSubNet:Enabled:allowagent
- DomainProfile\GloballyOpenPorts: [42002:UDP] => :LocalSubNet:Enabled:allowagent
- DomainProfile\GloballyOpenPorts: [42003:UDP] => :LocalSubNet:Enabled:allowagent
- DomainProfile\GloballyOpenPorts: [42004:UDP] => :LocalSubNet:Enabled:allowagent
- DomainProfile\GloballyOpenPorts: [162:UDP] => :LocalSubNet:Enabled:allowagent
- DomainProfile\GloballyOpenPorts: [4999:TCP] => :LocalSubNet,127.0.0.1/255.255.255.255:Enabled:allowagent
- DomainProfile\GloballyOpenPorts: [4998:TCP] => :LocalSubNet,127.0.0.1/255.255.255.255:Enabled:allowagent
- DomainProfile\GloballyOpenPorts: [4997:TCP] => :LocalSubNet,127.0.0.1/255.255.255.255:Enabled:allowagent
- DomainProfile\GloballyOpenPorts: [4996:TCP] => :LocalSubNet,127.0.0.1/255.255.255.255:Enabled:allowagent
- DomainProfile\GloballyOpenPorts: [5985:TCP] => Enabled:Windows Remote Management
- StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
- StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
- StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
- StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002
- StandardProfile\GloballyOpenPorts: [42000:UDP] => :LocalSubNet:Enabled:allowagent
- StandardProfile\GloballyOpenPorts: [42001:UDP] => :LocalSubNet:Enabled:allowagent
- StandardProfile\GloballyOpenPorts: [42002:UDP] => :LocalSubNet:Enabled:allowagent
- StandardProfile\GloballyOpenPorts: [42003:UDP] => :LocalSubNet:Enabled:allowagent
- StandardProfile\GloballyOpenPorts: [42004:UDP] => :LocalSubNet:Enabled:allowagent
- StandardProfile\GloballyOpenPorts: [162:UDP] => :LocalSubNet:Enabled:allowagent
- StandardProfile\GloballyOpenPorts: [4999:TCP] => :LocalSubNet,127.0.0.1/255.255.255.255:Enabled:allowagent
- StandardProfile\GloballyOpenPorts: [4998:TCP] => :LocalSubNet,127.0.0.1/255.255.255.255:Enabled:allowagent
- StandardProfile\GloballyOpenPorts: [4997:TCP] => :LocalSubNet,127.0.0.1/255.255.255.255:Enabled:allowagent
- StandardProfile\GloballyOpenPorts: [4996:TCP] => :LocalSubNet,127.0.0.1/255.255.255.255:Enabled:allowagent
- ==================== Restore Points =========================
- ATTENTION: System Restore is disabled
- Check "winmgmt" service or repair WMI.
- ==================== Faulty Device Manager Devices =============
- Name: Communications Port (COM2)
- Description: Communications Port
- Class Guid: {4D36E978-E325-11CE-BFC1-08002BE10318}
- Manufacturer: (Standard port types)
- Service: Serial
- Problem: : This device cannot find enough free resources that it can use. If you want to use this device, you will need to disable one of the other devices on this system. (Code12)
- Resolution: Two devices have been assigned the same input/output (I/O) ports, the same interrupt, or the same Direct Memory Access channel (either by the BIOS, the operating system, or a combination of the two). This error message can also appear if the BIOS did not allocate enough resources to the device (for example, if a universal serial bus (USB) controller does not get an interrupt from the BIOS because of a corrupt Multiprocessor System (MPS) table).
- You can use Device Manager to determine where the conflict is and disable the conflicting device.
- On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
- ==================== Event log errors: =========================
- Application errors:
- ==================
- Error: (10/17/2017 10:10:20 AM) (Source: SophosUpdateManager) (EventID: 16421) (User: )
- Description: Sophos Update Manager failed to update from product release 'Payload-SDDM' with version 66.1. Details: Self-updater child process did not stop the service!
- Error: (10/17/2017 10:08:20 AM) (Source: SophosUpdateManager) (EventID: 16421) (User: )
- Description: Sophos Update Manager failed to update from product release 'Payload-SDDM' with version 1.6.0. Details: Sophos Update Manager requires Windows 2008 or later.
- Error: (10/17/2017 10:08:19 AM) (Source: SophosUpdateManager) (EventID: 16387) (User: )
- Description: Synchronize operation failed with an unexpected error. Details: Failed to download valid remote customer file content.
- Error: (10/17/2017 09:10:20 AM) (Source: SophosUpdateManager) (EventID: 16421) (User: )
- Description: Sophos Update Manager failed to update from product release 'Payload-SDDM' with version 66.1. Details: Self-updater child process did not stop the service!
- Error: (10/17/2017 09:08:20 AM) (Source: SophosUpdateManager) (EventID: 16421) (User: )
- Description: Sophos Update Manager failed to update from product release 'Payload-SDDM' with version 1.6.0. Details: Sophos Update Manager requires Windows 2008 or later.
- Error: (10/17/2017 09:08:19 AM) (Source: SophosUpdateManager) (EventID: 16387) (User: )
- Description: Synchronize operation failed with an unexpected error. Details: Failed to download valid remote customer file content.
- Error: (10/17/2017 08:10:19 AM) (Source: SophosUpdateManager) (EventID: 16421) (User: )
- Description: Sophos Update Manager failed to update from product release 'Payload-SDDM' with version 66.1. Details: Self-updater child process did not stop the service!
- Error: (10/17/2017 08:08:19 AM) (Source: SophosUpdateManager) (EventID: 16421) (User: )
- Description: Sophos Update Manager failed to update from product release 'Payload-SDDM' with version 1.6.0. Details: Sophos Update Manager requires Windows 2008 or later.
- Error: (10/17/2017 08:08:18 AM) (Source: SophosUpdateManager) (EventID: 16387) (User: )
- Description: Synchronize operation failed with an unexpected error. Details: Failed to download valid remote customer file content.
- Error: (10/17/2017 07:10:18 AM) (Source: SophosUpdateManager) (EventID: 16421) (User: )
- Description: Sophos Update Manager failed to update from product release 'Payload-SDDM' with version 66.1. Details: Self-updater child process did not stop the service!
- System errors:
- =============
- Error: (10/17/2017 01:48:49 AM) (Source: NETLOGON) (EventID: 5719) (User: )
- Description: This computer was not able to set up a secure session with a domain
- controller in domain SEDDONAD due to the following:
- There are currently no logon servers available to service the logon request.
- This may lead to authentication problems. Make sure that this
- computer is connected to the network. If the problem persists,
- please contact your domain administrator.
- ADDITIONAL INFO
- If this computer is a domain controller for the specified domain, it
- sets up the secure session to the primary domain controller emulator in the specified
- domain. Otherwise, this computer sets up the secure session to any domain controller
- in the specified domain.
- Error: (10/15/2017 09:17:11 PM) (Source: TermServDevices) (EventID: 1111) (User: )
- Description: Driver Remote Desktop Easy Print required for printer Microsoft Print to PDF (redirected 1) is unknown. Contact the administrator to install the driver before you log in again.
- Error: (10/15/2017 09:17:11 PM) (Source: TermServDevices) (EventID: 1111) (User: )
- Description: Driver Remote Desktop Easy Print required for printer Microsoft XPS Document Writer (redirected 1) is unknown. Contact the administrator to install the driver before you log in again.
- Error: (10/15/2017 09:17:10 PM) (Source: TermServDevices) (EventID: 1111) (User: )
- Description: Driver Send to Microsoft OneNote 16 Driver required for printer Send To OneNote 2016 is unknown. Contact the administrator to install the driver before you log in again.
- Error: (10/15/2017 09:17:10 PM) (Source: TermServDevices) (EventID: 1111) (User: )
- Description: Driver Microsoft Print To PDF required for printer Microsoft Print to PDF is unknown. Contact the administrator to install the driver before you log in again.
- Error: (10/15/2017 09:17:10 PM) (Source: TermServDevices) (EventID: 1111) (User: )
- Description: Driver Remote Desktop Easy Print required for printer Send To OneNote 2016 (redirected 1) is unknown. Contact the administrator to install the driver before you log in again.
- Error: (10/15/2017 09:17:10 PM) (Source: TermServDevices) (EventID: 1111) (User: )
- Description: Driver Remote Desktop Easy Print required for printer Fax (redirected 1) is unknown. Contact the administrator to install the driver before you log in again.
- Error: (10/15/2017 09:17:09 PM) (Source: TermServDevices) (EventID: 1111) (User: )
- Description: Driver Microsoft XPS Document Writer v4 required for printer Microsoft XPS Document Writer is unknown. Contact the administrator to install the driver before you log in again.
- Error: (10/15/2017 09:17:08 PM) (Source: TermServDevices) (EventID: 1111) (User: )
- Description: Driver Remote Desktop Easy Print required for printer HP79C0AD (HP ENVY 5540 series) (redirected 1) is unknown. Contact the administrator to install the driver before you log in again.
- Error: (10/15/2017 09:17:06 PM) (Source: TermServDevices) (EventID: 1111) (User: )
- Description: Driver CutePDF Writer required for printer CutePDF Writer is unknown. Contact the administrator to install the driver before you log in again.
- ==================== Memory info ===========================
- Processor: Intel(R) Xeon(R) CPU E5-2630 0 @ 2.30GHz
- Percentage of memory in use: 41%
- Total physical RAM: 4095.21 MB
- Available physical RAM: 2405.18 MB
- Total Virtual: 5973.9 MB
- Available Virtual: 4226.2 MB
- ==================== Drives ================================
- Drive c: () (Fixed) (Total:410.59 GB) (Free:136.36 GB) NTFS
- Drive e: (Data Volume) (Fixed) (Total:60 GB) (Free:19.39 GB) NTFS
- Drive f: (Recovered Data) (Fixed) (Total:639.99 GB) (Free:106.18 GB) NTFS
- Drive n: () (Network) (Total:500 GB) (Free:133.82 GB)
- Drive w: () (Network) (Total:3999.87 GB) (Free:2162.81 GB)
- ==================== MBR & Partition Table ==================
- ========================================================
- Disk: 0 (Size: 410.7 GB) (Disk ID: CCE6CCE6)
- Partition 1: (Active) - (Size=410.6 GB) - (Type=07 NTFS)
- ========================================================
- Disk: 1 (MBR Code: Windows XP) (Size: 60 GB) (Disk ID: D7C9E610)
- Partition 1: (Not Active) - (Size=60 GB) - (Type=07 NTFS)
- ========================================================
- Disk: 2 (MBR Code: Windows XP) (Size: 640 GB) (Disk ID: 6E6A109E)
- Partition 1: (Not Active) - (Size=640 GB) - (Type=07 NTFS)
- ==================== End of Addition.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement