API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 17th, 2017
480
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 31.80 KB | None | 0 0
raw download clone embed print report
  1. Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16-10-2017
  2. Ran by lchatburn (17-10-2017 10:41:08)
  3. Running from \\scl001000\c$\Users\lchatburn\Downloads
  4. Microsoft(R) Windows(R) Server 2003, Standard Edition Service Pack 2 (X86) (2006-10-14 10:19:47)
  5. Boot Mode: Normal
  6. ==========================================================
  7.  
  8.  
  9. ==================== Accounts: =============================
  10.  
  11. Administrator (S-1-5-21-1104951075-3954929616-100337018-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
  12. ASPNET (S-1-5-21-1104951075-3954929616-100337018-1010 - Limited - Enabled)
  13. ConciseAdmin (S-1-5-21-1104951075-3954929616-100337018-1009 - Administrator - Enabled)
  14. Guest (S-1-5-21-1104951075-3954929616-100337018-501 - Limited - Disabled)
  15. IUSR_SEDDONWAR-DC01 (S-1-5-21-1104951075-3954929616-100337018-1002 - Limited - Enabled)
  16. IWAM_SEDDONWAR-DC01 (S-1-5-21-1104951075-3954929616-100337018-1001 - Limited - Enabled)
  17. NetESPAdmin (S-1-5-21-1104951075-3954929616-100337018-1022 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\netespadmin.SEDDONWAR-DC01
  18. SophosUpdateMgr (S-1-5-21-1104951075-3954929616-100337018-1008 - Limited - Enabled)
  19.  
  20. ==================== Security Center ========================
  21.  
  22. (If an entry is included in the fixlist, it will be removed.)
  23.  
  24.  
  25. ==================== Installed Programs ======================
  26.  
  27. (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
  28.  
  29. 32 Bit HP CIO Components Installer (HKLM\...\{47ECCB1F-2811-49C0-B6A7-26778639ABA0}) (Version: 3.1.1 - Hewlett-Packard) Hidden
  30. Angry IP Scanner (HKLM\...\Angry IP Scanner) (Version: 3.3.2 - Angry IP Scanner)
  31. ARGUS Developer (HKLM\...\{A9FC9346-5F73-4FEF-A8A5-E6019BB6EC6A}) (Version: - )
  32. ARGUS Zone Pane (HKLM\...\{746318F8-E47F-44C4-AD4D-BAAFABD8CEE0}) (Version: 1.2.4 - ARGUS Software)
  33. Cisco WebEx Meetings (HKLM\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
  34. Concise NetESP (HKLM\...\{48C76121-4F90-11D5-9884-0050BA85A903}) (Version: - )
  35. EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - )
  36. FreeFileSync 7.1 (HKLM\...\FreeFileSync) (Version: 7.1 - www.FreeFileSync.org)
  37. Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
  38. Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
  39. Headless Server Registry Update (HKLM\...\{4E5563B6-DE0A-4F3B-A5D6-15789FD12D9B}) (Version: 1.0.0.0 - Hewlett-Packard Company)
  40. HP Insight Management WBEM Providers for Windows Server 2003/2008 (HKLM\...\HP-{CB9CC4E0-ACBF-40C9-B1EF-F28CDF47486D}) (Version: 2.4.0.0 - Hewlett-Packard Company)
  41. HP ProLiant PCI-express Power Management Update for Windows (HKLM\...\{34D6E797-AA32-455D-8E65-4EBD1AC9DED7}) (Version: 1.3.0.0 - Hewlett-Packard Company)
  42. HP Version Control Agent (HKLM\...\{5A5F45AE-0250-4C34-9D89-F10BDDEE665F}) (Version: 6.2.0.860 - Hewlett Packard Development Company, L.P.)
  43. Internet Explorer Q903235 (HKLM\...\Q903235) (Version: - Microsoft Corporation)
  44. Internet Submissions (HKLM\...\{00B48B61-A263-4879-BB48-24201659F10D}) (Version: 1.0.0.0 - InstallShield Software Corporation) Hidden
  45. Internet Submissions (HKLM\...\{63459767-40A2-4991-894C-C2E813CE9ADE}) (Version: 3.1.0.0 - Sage (UK) Ltd)
  46. Java(TM) 6 Update 13 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216013FF}) (Version: 6.0.130 - Sun Microsystems, Inc.)
  47. MagicDisc 2.7.106 (HKLM\...\MagicDisc 2.7.106) (Version: - )
  48. Malwarebytes version 3.2.2.2029 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2029 - Malwarebytes)
  49. Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
  50. Microsoft .NET Framework 1.1 Hotfix (KB886903) (HKLM\...\M886903) (Version: - )
  51. Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
  52. Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
  53. Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
  54. Microsoft Group Policy Management Console with SP1 (HKLM\...\{CA3553E0-191B-4E2F-AD3C-82E33CB9D4E4}) (Version: 1.0.2.0 - Microsoft Corporation)
  55. Microsoft Office 2003 Resource Kit (HKLM\...\{90240409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
  56. Microsoft Office Outlook 2003 (HKLM\...\{90E00409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
  57. Microsoft Report Viewer Redistributable 2005 (HKLM\...\Microsoft Report Viewer Redistributable 2005) (Version: - Microsoft Corporation)
  58. Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
  59. Microsoft SOAP Toolkit 3.0 (HKLM\...\{BCB4C18A-ACA6-4383-8688-E19933A705DD}) (Version: 3.0.1325.4 - Microsoft Corporation)
  60. Microsoft Software Inventory Analyzer (HKLM\...\{1090D33C-8885-4E7D-893C-5A83092F6E8A}) (Version: 4.0.0.0008 - Microsoft Corporation)
  61. Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
  62. Microsoft SQL Server 2008 (HKLM\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)
  63. Microsoft SQL Server 2008 Browser (HKLM\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.2.4000.0 - Microsoft Corporation)
  64. Microsoft SQL Server 2008 Native Client (HKLM\...\{94317163-C5D1-4FCE-A0D9-F48FE06A7D7D}) (Version: 10.2.4000.0 - Microsoft Corporation)
  65. Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{5B161932-9D42-4D5E-858D-29BF4C670944}) (Version: 10.2.4000.0 - Microsoft Corporation)
  66. Microsoft SQL Server Management Studio Express (HKLM\...\{A4512736-8D63-4298-9271-5329931FA46B}) (Version: 9.00.2047.00 - Microsoft Corporation)
  67. Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
  68. Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
  69. Microsoft SQL Server VSS Writer (HKLM\...\{B857D868-F8B0-43EE-BC2B-D9E5ED21F237}) (Version: 10.2.4000.0 - Microsoft Corporation)
  70. Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
  71. Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
  72. Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
  73. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
  74. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
  75. Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
  76. Microsoft Visual J# 2.0 Redistributable Package - SE (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE) (Version: - Microsoft Corporation)
  77. MSXML 4.0 SP2 (KB925672) (HKLM\...\{A9CF9052-F4A0-475D-A00F-A8388C62DD63}) (Version: 4.20.9839.0 - Microsoft Corporation)
  78. MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
  79. MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
  80. MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
  81. MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
  82. MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
  83. MSXML 6 Service Pack 2 (KB2957482) (HKLM\...\{87741E76-9D88-49FD-9C7C-14E2B37EB065}) (Version: 6.20.2017.0 - Microsoft Corporation)
  84. Oce WPD2 (HKLM\...\{879EBBD4-5CC7-49e8-A590-A390D34C9F1D}) (Version: 2.10 - Oce)
  85. Pervasive PSQL v10.10 Workgroup (32-bit) (HKLM\...\{0A3238D7-AB32-1010-B717-F3E3F18B4A8C}) (Version: 10.12.022 - Pervasive Software)
  86. PowerChute Business Edition Agent (HKLM\...\{BCE9F441-9027-4911-82E0-5FB28057897D}) (Version: 9.0.0.613 - American Power Conversion)
  87. Sage e-Banking Core Components (HKLM\...\{02FDB688-0E6B-4398-9D9D-7C996C442AA9}) (Version: 1.0.0.0 - Sage (UK) Ltd.) Hidden
  88. Sage e-Banking Core Components (HKLM\...\{3F4C014E-32BB-465D-B4B0-72F0E195AD66}) (Version: 1.0.0.0 - Sage (UK) Ltd.) Hidden
  89. Sage e-Banking Payment Service Banks (HKLM\...\{72079465-092C-430E-916D-45A32A8AC312}) (Version: 1.0.0.0 - Sage (UK) Ltd. ) Hidden
  90. Sage e-Banking Payment Service Banks (HKLM\...\{83DCC98C-6E29-4478-860A-4D6D79AAC667}) (Version: 1.0.0.0 - Sage (UK) Ltd. ) Hidden
  91. Sage e-Banking: AlliedIrishSEPA (HKLM\...\{2BCC1107-491A-40F0-9222-3C11747D884E}) (Version: 4.0.109.0 - Sage (UK) Limited)
  92. Sage e-Banking: DanskeSEPA (HKLM\...\{78F227F4-6638-4EFD-8763-94E7DFA9CFD2}) (Version: 4.0.109.0 - Sage (UK) Limited)
  93. Sage e-Banking: SageSEPACreditTransfer(1) (HKLM\...\{3BBAECA2-1468-477A-B78F-99544BE53C7B}) (Version: 4.0.124.0 - Sage (UK) Limited)
  94. Sage Pay VSP (HKLM\...\{C82EB546-36F7-4F13-A60E-0ED48657CD25}) (Version: 1.0.0.0 - Sage (UK) Ltd) Hidden
  95. Sage Protx VSP (HKLM\...\{8B6A85B1-C2EA-48CA-8D3D-00CF7E1A5AB2}) (Version: 1.0.0.0 - Neil Haswell) Hidden
  96. SageEBanking (HKLM\...\{9EEE71B6-4699-4C66-BDE8-FC3611B9725F}) (Version: 4.0.118.0 - Sage (UK) Limited)
  97. Samsung CLP-500 Series (HKLM\...\Samsung CLP-500 Series) (Version: - )
  98. Service Pack 2 for SQL Server 2008 (KB2285068) (HKLM\...\KB2285068) (Version: 10.2.4000.0 - Microsoft Corporation)
  99. ShadowExplorer 0.8 (HKLM\...\ShadowExplorer_is1) (Version: 0.8.430.0 - ShadowExplorer.com)
  100. Snow Inventory Client (HKLM\...\{063EFBFF-D1B3-4D5B-8215-1B412D81DABE}) (Version: 3.6 - Snow Software AB)
  101. Sophos Management Server (HKLM\...\{B90BD304-83F6-49E0-BBF8-3EA448ED1E2B}) (Version: 5.0.0 - Sophos Limited)
  102. Sophos Update Manager (HKLM\...\{2C7A82DB-69BC-4198-AC26-BB862F1BE4D0}) (Version: 1.5.8.11 - Sophos Limited)
  103. Sophos Virus Removal Tool (HKLM\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.1 - Sophos Limited)
  104. Sql Server Customer Experience Improvement Program (HKLM\...\{C965F01C-76EA-4BD7-973E-46236AE312D7}) (Version: 10.2.4000.0 - Microsoft Corporation) Hidden
  105. TASBooks v6.02 (HKLM\...\{B60DA954-2BCC-4A4F-9525-DCC8A4E328BF}) (Version: 6.26 - TAS Software (a division of Sage (UK) Limited))
  106. Technesis SmartPrint Server (HKLM\...\{1FA51053-177C-495B-993C-F98A35D5C99B}) (Version: 5.63.000 - Technesis)
  107. TreeSize Free V2.3.3 (HKLM\...\TreeSize Free_is1) (Version: - JAM Software)
  108. VMware vSphere Client 5.1 (HKLM\...\{09DC364B-A77A-49A0-972B-E43F0DACC5E3}) (Version: 5.1.0.2669 - VMware, Inc.)
  109. WebFldrs (HKLM\...\{6F716D8C-398F-11D3-85E1-005004838609}) (Version: 9.50.7522 - Microsoft Corporation) Hidden
  110. Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
  111. Windows Internal Database (HKLM\...\Windows Internal Database) (Version: 9.4.5000.00 - Microsoft Corporation)
  112. Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
  113. Windows Management Framework Core (HKLM\...\KB968930) (Version: - Microsoft Corporation)
  114. Windows Resource Kit Tools (HKLM\...\{FA237125-51FF-408C-8BB8-30C2B3DFFF9C}) (Version: 5.2.3790 - Microsoft Corporation)
  115. Windows Server 2003 Service Pack 1 Administration Tools Pack (HKLM\...\{27B3563C-561C-4924-8C0E-EA102264873F}) (Version: 5.2.3790.1830 - Microsoft Corporation)
  116. Windows Server 2003 Service Pack 2 (HKLM\...\Windows Server 2003 Service Pack) (Version: 20070217.021455 - Microsoft Corporation)
  117. Windows Support Tools (HKLM\...\{F07F0BCD-5C6D-4499-9F05-6ED747078A72}) (Version: 5.2.3790.3959 - Microsoft Corporation)
  118. XML Paper Specification Shared Components Pack 1.0 (HKLM\...\XpsEPSC) (Version: - Microsoft Corporation) Hidden
  119.  
  120. ==================== Custom CLSID (Whitelisted): ==========================
  121.  
  122. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  123.  
  124. ShellIconOverlayIdentifiers: [Offline Files] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINNT\System32\cscui.dll [2007-02-17] (Microsoft Corporation)
  125. ContextMenuHandlers1: [Offline Files] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINNT\System32\cscui.dll [2007-02-17] (Microsoft Corporation)
  126. ContextMenuHandlers1: [Open With] -> {09799AFB-AD67-11d1-ABCD-00C04FC30936} => C:\WINNT\system32\SHELL32.dll [2015-02-19] (Microsoft Corporation)
  127. ContextMenuHandlers1: [Open With EncryptionMenu] -> {A470F8CF-A1E8-4f65-8335-227475AA5C46} => C:\WINNT\system32\SHELL32.dll [2015-02-19] (Microsoft Corporation)
  128. ContextMenuHandlers2: [Offline Files] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINNT\System32\cscui.dll [2007-02-17] (Microsoft Corporation)
  129. ContextMenuHandlers2: [Sharing] -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} => C:\WINNT\system32\ntshrui.dll [2007-02-17] (Microsoft Corporation)
  130. ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
  131. ContextMenuHandlers3: [Send To] -> {7BA4C740-9E81-11CF-99D3-00AA004AE837} => C:\WINNT\system32\SHELL32.dll [2015-02-19] (Microsoft Corporation)
  132. ContextMenuHandlers4: [EncryptionMenu] -> {A470F8CF-A1E8-4f65-8335-227475AA5C46} => C:\WINNT\system32\SHELL32.dll [2015-02-19] (Microsoft Corporation)
  133. ContextMenuHandlers4: [Offline Files] -> {750fdf0e-2a26-11d1-a3ea-080036587f03} => C:\WINNT\System32\cscui.dll [2007-02-17] (Microsoft Corporation)
  134. ContextMenuHandlers4: [Open With EncryptionMenu] -> {A470F8CF-A1E8-4f65-8335-227475AA5C46} => C:\WINNT\system32\SHELL32.dll [2015-02-19] (Microsoft Corporation)
  135. ContextMenuHandlers4: [Sharing] -> {f81e9010-6ea4-11ce-a7ff-00aa003ca9f6} => C:\WINNT\system32\ntshrui.dll [2007-02-17] (Microsoft Corporation)
  136. ContextMenuHandlers5: [New] -> {D969A300-E7FF-11d0-A93B-00A0C90F2719} => C:\WINNT\system32\SHELL32.dll [2015-02-19] (Microsoft Corporation)
  137. ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-08-30] (Malwarebytes)
  138.  
  139. ==================== Scheduled Tasks (Whitelisted) =============
  140.  
  141. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  142.  
  143.  
  144. (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
  145.  
  146. Task: C:\WINNT\Tasks\ftp backup.job => C:\Router Backup\ftp backup.bat
  147. Task: C:\WINNT\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  148. Task: C:\WINNT\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  149. Task: C:\WINNT\Tasks\Sophos Patch Feed.job => C:\Program Files\Sophos\Patch\PatchDataLoader\PatchDataLoader.exe
  150. Task: C:\WINNT\Tasks\Sophos Patch Purge.job => C:\Program Files\Sophos\Patch\SQL Tasks\SQLTasks.exeSQLTaskList_PatchApp.xml
  151.  
  152. ==================== Shortcuts & WMI ========================
  153.  
  154. (The entries could be listed to be restored or removed.)
  155.  
  156.  
  157. ==================== Loaded Modules (Whitelisted) ==============
  158.  
  159.  
  160. ==================== Alternate Data Streams (Whitelisted) =========
  161.  
  162. (If an entry is included in the fixlist, only the ADS will be removed.)
  163.  
  164.  
  165. ==================== Safe Mode (Whitelisted) ===================
  166.  
  167. (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
  168.  
  169. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KACNCST982389604875948 => ""="Service"
  170. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
  171. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys => ""="Driver"
  172. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys => ""="Driver"
  173. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wd.sys => ""="Driver"
  174. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KACNCST982389604875948 => ""="Service"
  175. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
  176. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NBF => ""="Service"
  177. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nbf.sys => ""="Driver"
  178. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProtectedStorage => ""="Service"
  179. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sglfb.sys => ""="Driver"
  180. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tga.sys => ""="Driver"
  181. HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UploadMgr => ""="Service"
  182.  
  183. ==================== Association (Whitelisted) ===============
  184.  
  185. (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
  186.  
  187. HKLM\...\batfile\DefaultIcon: %SystemRoot%\System32\shell32.dll,-153 <==== ATTENTION
  188. HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\shell32.dll,-153 <==== ATTENTION
  189.  
  190. ==================== Internet Explorer trusted/restricted ===============
  191.  
  192. (If an entry is included in the fixlist, it will be removed from the registry.)
  193.  
  194. IE trusted site: HKU\S-1-5-21-340939281-53681511-1314699864-13266\...\seddonad.com -> hxxp://collab.seddonad.com
  195.  
  196. ==================== Hosts content: ==========================
  197.  
  198. (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
  199.  
  200. 1980-01-01 01:00 - 2013-11-24 11:27 - 000000851 _____ C:\WINNT\system32\Drivers\etc\hosts
  201.  
  202. 127.0.0.1 localhost
  203. 192.168.1.4 remote.concise.it
  204. 192.168.8.1 APPSERVER.SEDDONHC.LOCAL
  205. 192.168.101.15 sugarich-cms.ctmgmt.local
  206.  
  207. ==================== Other Areas ============================
  208.  
  209. (Currently there is no automatic fix for this section.)
  210.  
  211. HKU\S-1-5-21-1801674531-602609370-839522115-500\Control Panel\Desktop\\Wallpaper -> (None)
  212. HKU\S-1-5-21-2686359784-2337446889-633414269-1112\Control Panel\Desktop\\Wallpaper -> (None)
  213. HKU\S-1-5-21-2686359784-2337446889-633414269-500\Control Panel\Desktop\\Wallpaper ->
  214. HKU\S-1-5-21-340939281-53681511-1314699864-12605\Control Panel\Desktop\\Wallpaper ->
  215. HKU\S-1-5-21-340939281-53681511-1314699864-13266\Control Panel\Desktop\\Wallpaper ->
  216. DNS Servers: 10.10.10.100 - 10.10.10.101
  217. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: ) (ConsentPromptBehaviorUser: ) (EnableLUA: 1)
  218. mpsdrv => Firewall Service is not running.
  219. MpsSvc => Firewall Service is not running.
  220. bfe => Firewall Service is not running.
  221. Windows Firewall is disabled.
  222.  
  223. ==================== MSCONFIG/TASK MANAGER disabled items ==
  224.  
  225. MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^EPSON Status Monitor 3 Environment Check(3).lnk => C:\WINNT\pss\EPSON Status Monitor 3 Environment Check(3).lnkCommon Startup
  226. MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Service Manager.lnk => C:\WINNT\pss\Service Manager.lnkCommon Startup
  227. MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
  228. MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
  229. MSCONFIG\startupreg: KASHCNCST982389604875948 => "C:\Program Files\NetESP\Agent\CNCST982389604875948\KaUsrTsk.exe"
  230. MSCONFIG\startupreg: MsmqIntCert => regsvr32 /s mqrt.dll
  231. MSCONFIG\startupreg: Sophos AutoUpdate Monitor => C:\Program Files\Sophos\AutoUpdate\almon.exe
  232. MSCONFIG\startupreg: SophosMessenger => "C:\Program Files\Sophos\SophosMessenger\Sophos.Messenger.exe"
  233.  
  234. ==================== FirewallRules (Whitelisted) ===============
  235.  
  236. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  237.  
  238. DomainProfile\AuthorizedApplications: [C:\WINNT\vsAOD.Exe] => Enabled:Visionsoft Audit on Demand Service
  239. DomainProfile\AuthorizedApplications: [C:\WINNT\system32\mqsvc.exe] => Enabled:Message Queuing
  240. DomainProfile\AuthorizedApplications: [C:\WINNT\LTsvc\LTSVC.exe] => Enabled:AgentService
  241. DomainProfile\AuthorizedApplications: [C:\WINNT\LTsvc\LTSVCmon.exe] => Enabled:AgentMonitor
  242. DomainProfile\AuthorizedApplications: [C:\WINNT\LTsvc\LTTray.exe] => Enabled:AgentTray
  243. DomainProfile\AuthorizedApplications: [C:\Program Files\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
  244. StandardProfile\AuthorizedApplications: [C:\WINNT\system32\mqsvc.exe] => Enabled:Message Queuing
  245. StandardProfile\AuthorizedApplications: [C:\WINNT\vsAOD.Exe] => Enabled:Visionsoft Audit on Demand Service
  246. StandardProfile\AuthorizedApplications: [C:\WINNT\LTSVC\LTSVC.exe] => Enabled:AgentService
  247. StandardProfile\AuthorizedApplications: [C:\WINNT\LTSVC\LTSvcMon.exe] => Enabled:AgentMonitor
  248. StandardProfile\AuthorizedApplications: [C:\WINNT\LTSVC\LTTray.exe] => Enabled:AgentTray
  249. DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
  250. DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
  251. DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
  252. DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
  253. DomainProfile\GloballyOpenPorts: [20247:TCP] => Enabled:20247
  254. DomainProfile\GloballyOpenPorts: [20247:UDP] => Enabled:20247
  255. DomainProfile\GloballyOpenPorts: [42000:UDP] => :LocalSubNet:Enabled:allowagent
  256. DomainProfile\GloballyOpenPorts: [42001:UDP] => :LocalSubNet:Enabled:allowagent
  257. DomainProfile\GloballyOpenPorts: [42002:UDP] => :LocalSubNet:Enabled:allowagent
  258. DomainProfile\GloballyOpenPorts: [42003:UDP] => :LocalSubNet:Enabled:allowagent
  259. DomainProfile\GloballyOpenPorts: [42004:UDP] => :LocalSubNet:Enabled:allowagent
  260. DomainProfile\GloballyOpenPorts: [162:UDP] => :LocalSubNet:Enabled:allowagent
  261. DomainProfile\GloballyOpenPorts: [4999:TCP] => :LocalSubNet,127.0.0.1/255.255.255.255:Enabled:allowagent
  262. DomainProfile\GloballyOpenPorts: [4998:TCP] => :LocalSubNet,127.0.0.1/255.255.255.255:Enabled:allowagent
  263. DomainProfile\GloballyOpenPorts: [4997:TCP] => :LocalSubNet,127.0.0.1/255.255.255.255:Enabled:allowagent
  264. DomainProfile\GloballyOpenPorts: [4996:TCP] => :LocalSubNet,127.0.0.1/255.255.255.255:Enabled:allowagent
  265. DomainProfile\GloballyOpenPorts: [5985:TCP] => Enabled:Windows Remote Management
  266. StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
  267. StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
  268. StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
  269. StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002
  270. StandardProfile\GloballyOpenPorts: [42000:UDP] => :LocalSubNet:Enabled:allowagent
  271. StandardProfile\GloballyOpenPorts: [42001:UDP] => :LocalSubNet:Enabled:allowagent
  272. StandardProfile\GloballyOpenPorts: [42002:UDP] => :LocalSubNet:Enabled:allowagent
  273. StandardProfile\GloballyOpenPorts: [42003:UDP] => :LocalSubNet:Enabled:allowagent
  274. StandardProfile\GloballyOpenPorts: [42004:UDP] => :LocalSubNet:Enabled:allowagent
  275. StandardProfile\GloballyOpenPorts: [162:UDP] => :LocalSubNet:Enabled:allowagent
  276. StandardProfile\GloballyOpenPorts: [4999:TCP] => :LocalSubNet,127.0.0.1/255.255.255.255:Enabled:allowagent
  277. StandardProfile\GloballyOpenPorts: [4998:TCP] => :LocalSubNet,127.0.0.1/255.255.255.255:Enabled:allowagent
  278. StandardProfile\GloballyOpenPorts: [4997:TCP] => :LocalSubNet,127.0.0.1/255.255.255.255:Enabled:allowagent
  279. StandardProfile\GloballyOpenPorts: [4996:TCP] => :LocalSubNet,127.0.0.1/255.255.255.255:Enabled:allowagent
  280.  
  281. ==================== Restore Points =========================
  282.  
  283. ATTENTION: System Restore is disabled
  284. Check "winmgmt" service or repair WMI.
  285.  
  286.  
  287. ==================== Faulty Device Manager Devices =============
  288.  
  289. Name: Communications Port (COM2)
  290. Description: Communications Port
  291. Class Guid: {4D36E978-E325-11CE-BFC1-08002BE10318}
  292. Manufacturer: (Standard port types)
  293. Service: Serial
  294. Problem: : This device cannot find enough free resources that it can use. If you want to use this device, you will need to disable one of the other devices on this system. (Code12)
  295. Resolution: Two devices have been assigned the same input/output (I/O) ports, the same interrupt, or the same Direct Memory Access channel (either by the BIOS, the operating system, or a combination of the two). This error message can also appear if the BIOS did not allocate enough resources to the device (for example, if a universal serial bus (USB) controller does not get an interrupt from the BIOS because of a corrupt Multiprocessor System (MPS) table).
  296. You can use Device Manager to determine where the conflict is and disable the conflicting device.
  297. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
  298.  
  299.  
  300. ==================== Event log errors: =========================
  301.  
  302. Application errors:
  303. ==================
  304. Error: (10/17/2017 10:10:20 AM) (Source: SophosUpdateManager) (EventID: 16421) (User: )
  305. Description: Sophos Update Manager failed to update from product release 'Payload-SDDM' with version 66.1. Details: Self-updater child process did not stop the service!
  306.  
  307. Error: (10/17/2017 10:08:20 AM) (Source: SophosUpdateManager) (EventID: 16421) (User: )
  308. Description: Sophos Update Manager failed to update from product release 'Payload-SDDM' with version 1.6.0. Details: Sophos Update Manager requires Windows 2008 or later.
  309.  
  310. Error: (10/17/2017 10:08:19 AM) (Source: SophosUpdateManager) (EventID: 16387) (User: )
  311. Description: Synchronize operation failed with an unexpected error. Details: Failed to download valid remote customer file content.
  312.  
  313. Error: (10/17/2017 09:10:20 AM) (Source: SophosUpdateManager) (EventID: 16421) (User: )
  314. Description: Sophos Update Manager failed to update from product release 'Payload-SDDM' with version 66.1. Details: Self-updater child process did not stop the service!
  315.  
  316. Error: (10/17/2017 09:08:20 AM) (Source: SophosUpdateManager) (EventID: 16421) (User: )
  317. Description: Sophos Update Manager failed to update from product release 'Payload-SDDM' with version 1.6.0. Details: Sophos Update Manager requires Windows 2008 or later.
  318.  
  319. Error: (10/17/2017 09:08:19 AM) (Source: SophosUpdateManager) (EventID: 16387) (User: )
  320. Description: Synchronize operation failed with an unexpected error. Details: Failed to download valid remote customer file content.
  321.  
  322. Error: (10/17/2017 08:10:19 AM) (Source: SophosUpdateManager) (EventID: 16421) (User: )
  323. Description: Sophos Update Manager failed to update from product release 'Payload-SDDM' with version 66.1. Details: Self-updater child process did not stop the service!
  324.  
  325. Error: (10/17/2017 08:08:19 AM) (Source: SophosUpdateManager) (EventID: 16421) (User: )
  326. Description: Sophos Update Manager failed to update from product release 'Payload-SDDM' with version 1.6.0. Details: Sophos Update Manager requires Windows 2008 or later.
  327.  
  328. Error: (10/17/2017 08:08:18 AM) (Source: SophosUpdateManager) (EventID: 16387) (User: )
  329. Description: Synchronize operation failed with an unexpected error. Details: Failed to download valid remote customer file content.
  330.  
  331. Error: (10/17/2017 07:10:18 AM) (Source: SophosUpdateManager) (EventID: 16421) (User: )
  332. Description: Sophos Update Manager failed to update from product release 'Payload-SDDM' with version 66.1. Details: Self-updater child process did not stop the service!
  333.  
  334.  
  335. System errors:
  336. =============
  337. Error: (10/17/2017 01:48:49 AM) (Source: NETLOGON) (EventID: 5719) (User: )
  338. Description: This computer was not able to set up a secure session with a domain
  339. controller in domain SEDDONAD due to the following:
  340. There are currently no logon servers available to service the logon request.
  341.  
  342.  
  343. This may lead to authentication problems. Make sure that this
  344. computer is connected to the network. If the problem persists,
  345. please contact your domain administrator.
  346.  
  347.  
  348.  
  349. ADDITIONAL INFO
  350.  
  351. If this computer is a domain controller for the specified domain, it
  352. sets up the secure session to the primary domain controller emulator in the specified
  353. domain. Otherwise, this computer sets up the secure session to any domain controller
  354. in the specified domain.
  355.  
  356. Error: (10/15/2017 09:17:11 PM) (Source: TermServDevices) (EventID: 1111) (User: )
  357. Description: Driver Remote Desktop Easy Print required for printer Microsoft Print to PDF (redirected 1) is unknown. Contact the administrator to install the driver before you log in again.
  358.  
  359. Error: (10/15/2017 09:17:11 PM) (Source: TermServDevices) (EventID: 1111) (User: )
  360. Description: Driver Remote Desktop Easy Print required for printer Microsoft XPS Document Writer (redirected 1) is unknown. Contact the administrator to install the driver before you log in again.
  361.  
  362. Error: (10/15/2017 09:17:10 PM) (Source: TermServDevices) (EventID: 1111) (User: )
  363. Description: Driver Send to Microsoft OneNote 16 Driver required for printer Send To OneNote 2016 is unknown. Contact the administrator to install the driver before you log in again.
  364.  
  365. Error: (10/15/2017 09:17:10 PM) (Source: TermServDevices) (EventID: 1111) (User: )
  366. Description: Driver Microsoft Print To PDF required for printer Microsoft Print to PDF is unknown. Contact the administrator to install the driver before you log in again.
  367.  
  368. Error: (10/15/2017 09:17:10 PM) (Source: TermServDevices) (EventID: 1111) (User: )
  369. Description: Driver Remote Desktop Easy Print required for printer Send To OneNote 2016 (redirected 1) is unknown. Contact the administrator to install the driver before you log in again.
  370.  
  371. Error: (10/15/2017 09:17:10 PM) (Source: TermServDevices) (EventID: 1111) (User: )
  372. Description: Driver Remote Desktop Easy Print required for printer Fax (redirected 1) is unknown. Contact the administrator to install the driver before you log in again.
  373.  
  374. Error: (10/15/2017 09:17:09 PM) (Source: TermServDevices) (EventID: 1111) (User: )
  375. Description: Driver Microsoft XPS Document Writer v4 required for printer Microsoft XPS Document Writer is unknown. Contact the administrator to install the driver before you log in again.
  376.  
  377. Error: (10/15/2017 09:17:08 PM) (Source: TermServDevices) (EventID: 1111) (User: )
  378. Description: Driver Remote Desktop Easy Print required for printer HP79C0AD (HP ENVY 5540 series) (redirected 1) is unknown. Contact the administrator to install the driver before you log in again.
  379.  
  380. Error: (10/15/2017 09:17:06 PM) (Source: TermServDevices) (EventID: 1111) (User: )
  381. Description: Driver CutePDF Writer required for printer CutePDF Writer is unknown. Contact the administrator to install the driver before you log in again.
  382.  
  383.  
  384. ==================== Memory info ===========================
  385.  
  386. Processor: Intel(R) Xeon(R) CPU E5-2630 0 @ 2.30GHz
  387. Percentage of memory in use: 41%
  388. Total physical RAM: 4095.21 MB
  389. Available physical RAM: 2405.18 MB
  390. Total Virtual: 5973.9 MB
  391. Available Virtual: 4226.2 MB
  392.  
  393. ==================== Drives ================================
  394.  
  395. Drive c: () (Fixed) (Total:410.59 GB) (Free:136.36 GB) NTFS
  396. Drive e: (Data Volume) (Fixed) (Total:60 GB) (Free:19.39 GB) NTFS
  397. Drive f: (Recovered Data) (Fixed) (Total:639.99 GB) (Free:106.18 GB) NTFS
  398. Drive n: () (Network) (Total:500 GB) (Free:133.82 GB)
  399. Drive w: () (Network) (Total:3999.87 GB) (Free:2162.81 GB)
  400.  
  401. ==================== MBR & Partition Table ==================
  402.  
  403. ========================================================
  404. Disk: 0 (Size: 410.7 GB) (Disk ID: CCE6CCE6)
  405. Partition 1: (Active) - (Size=410.6 GB) - (Type=07 NTFS)
  406.  
  407. ========================================================
  408. Disk: 1 (MBR Code: Windows XP) (Size: 60 GB) (Disk ID: D7C9E610)
  409. Partition 1: (Not Active) - (Size=60 GB) - (Type=07 NTFS)
  410.  
  411. ========================================================
  412. Disk: 2 (MBR Code: Windows XP) (Size: 640 GB) (Disk ID: 6E6A109E)
  413. Partition 1: (Not Active) - (Size=640 GB) - (Type=07 NTFS)
  414.  
  415. ==================== End of Addition.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!