Scan results of Farbar Restoration Scan Device (FRST) (x64) Model: 26-12-2017

Ran by administrator (administrator) on ALFA (27-12-2017 13:10:29)

Working from C:UsersadministratorDownloads

Loaded Profiles: administrator (Accessible Profiles: administrator)

Platform: Home windows Server 2016 Normal (X64) Language: Español (España, internacional)

Web Explorer Model 11 (Default browser: Chrome)

Boot Mode: Regular

==================== Processes (Whitelisted) =================

(If an entry is included within the fixlist, the method shall be closed. The file won’t be moved.)

(Code Sector) C:Program FilesTeraCopyTeraCopyService.exe

(Avast Software program s.r.o.) C:Program FilesAVAST SoftwareAvast BusinessAvastSvc.exe

(Hewlett-Packard Firm) C:Program FilesHewlett-PackardAMSserviceHpAmsStor.exe

(Microsoft Company) C:WindowsSystem32ismserv.exe

(Hewlett-Packard Firm) C:Program FilesHewlett-PackardiLO 3serviceProLiantMonitor.exe

(Microsoft Company) C:WindowsSystem32dfsrs.exe

(Hewlett Packard Enterprise Improvement LP) C:Program FilesHewlett-PackardAMSservicehpqams.exe

(Microsoft Company) C:Program FilesWindows DefenderMsMpEng.exe

(Microsoft Company) C:WindowsADWSMicrosoft.ActiveDirectory.WebServices.exe

(Microsoft Company) C:WindowsSystem32dns.exe

(Microsoft Company) C:WindowsSystem32dfssvc.exe

(Microsoft Company) C:WindowsSystem32ntfrs.exe

(Microsoft Company) C:WindowsSystem32vds.exe

(Ammyy LLC) C:UsersadministratorDesktopAA_v3.exe

(Google Inc.) C:Program Information (x86)GoogleUpdate1.3.33.7GoogleCrashHandler.exe

(Google Inc.) C:Program Information (x86)GoogleUpdate1.3.33.7GoogleCrashHandler64.exe

(Acronis) C:Program Information (x86)Frequent FilesAcronisSchedule2schedhlp.exe

() C:Program Information (x86)GoogleDrivegoogledrivesync.exe

(Avast Software program s.r.o.) C:Program FilesAVAST SoftwareAvast BusinessAvastUI.exe

() C:Program Information (x86)GoogleDrivegoogledrivesync.exe

(Luis Cobian, CobianSoft) C:Program Information (x86)Cobian Backup 11cbService.exe

(Luis Cobian, CobianSoft) C:Program Information (x86)Cobian Backup 11cbInterface.exe

(CobianSoft, Luis Cobian) C:Program Information (x86)Cobian Backup 11cbVSCService11.exe

(Emsisoft Ltd) C:Program FilesEmsisoft Anti-Malwarea2service.exe

(Malwarebytes) C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe

(Malwarebytes) C:Program FilesMalwarebytesAnti-Malwarembamtray.exe

(Google Inc.) C:Program Information (x86)GoogleChromeApplicationchrome.exe

(Google Inc.) C:Program Information (x86)GoogleChromeApplicationchrome.exe

(Google Inc.) C:Program Information (x86)GoogleChromeApplicationchrome.exe

(Google Inc.) C:Program Information (x86)GoogleChromeApplicationchrome.exe

(Google Inc.) C:Program Information (x86)GoogleChromeApplicationchrome.exe

(Google Inc.) C:Program Information (x86)GoogleChromeApplicationchrome.exe

(Google Inc.) C:Program Information (x86)GoogleChromeApplicationchrome.exe

(Google Inc.) C:Program Information (x86)GoogleChromeApplicationchrome.exe

(Microsoft Company) C:Program FilesWindows DefenderMpCmdRun.exe

(Microsoft Company) C:WindowsSystem32dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included within the fixlist, the registry merchandise shall be restored to default or eliminated. The file won’t be moved.)

“Path” (%SystemRootpercentsystem32;%SystemRoot%;%SystemRootpercentSystem32Wbem;%SYSTEMROOTpercentSystem32WindowsPowerShellv1.0 -> %SystemRootpercentsystem32;%SystemRoot%;%SystemRootpercentSystem32Wbem;%SYSTEMROOTpercentSystem32WindowsPowerShellv1.0) <==== Repaired efficiently

HKLM…Run: [QLogicSaveSystemInfo] => rundll32.exe qlco10011.dll,QLSaveSystemInfo

HKLM…Run: [Acronis Scheduler2 Service] => C:Program Information (x86)Frequent FilesAcronisSchedule2schedhlp.exe [392072 2012-10-12] (Acronis)

HKLM…Run: [emsisoft anti-malware] => c:program filesemsisoft anti-malwarea2guard.exe [8850344 2017-11-29] (Emsisoft Ltd)

HKLM-x32…Run: [avast] => C:Program FilesAVAST SoftwareAvast BusinessavastUI.exe [4770952 2016-10-24] (Avast Software program s.r.o.)

HKLM-x32…Run: [C:12090629546howtodecryptaesfiles.txt] => C:12090629546howtodecryptaesfiles.txt

HKLM-x32…Run: [Cobian Backup 11 interface] => C:Program Information (x86)Cobian Backup 11cbInterface.exe [4407808 2013-03-07] (Luis Cobian, CobianSoft)

HKLM…PoliciesExplorer: [ShowSuperHidden] 1

HKUS-1-5-21-4017227460-457275624-4033542720-500…Run: [GoogleDriveSync] => C:Program Information (x86)GoogleDrivegoogledrivesync.exe [41061856 2017-11-20] ()

Lsa: [Notification Packages] rassfm scecli

SecurityProviders: pwdssp.dll, credssp.dll

BootExecute: autocheck autochk /q /v * 

GroupPolicy: Restriction <==== ATTENTION

GroupPolicyUser: Restriction <==== ATTENTION

==================== Web (Whitelisted) ====================

(If an merchandise is included within the fixlist, if it’s a registry merchandise it is going to be eliminated or restored to default.)

Tcpip..Interfaces{ca96c418-fb49-4ae9-9db3-75f1eee47840}: [NameServer] 192.168.10.251,127.0.0.1

Web Explorer:

==================

HKUS-1-5-21-4017227460-457275624-4033542720-500SoftwareMicrosoftInternet ExplorerMain,Begin Web page = res://iesetup.dll/HardAdmin.htm

FireFox:

========

FF Plugin-x32: @instruments.google.com/Google Replace;model=3 -> C:Program Information (x86)GoogleUpdate1.3.33.7npGoogleUpdate3.dll [2017-11-14] (Google Inc.)

FF Plugin-x32: @instruments.google.com/Google Replace;model=9 -> C:Program Information (x86)GoogleUpdate1.3.33.7npGoogleUpdate3.dll [2017-11-14] (Google Inc.)

Chrome: 

=======

CHR Profile: C:UsersadministratorAppDataLocalGoogleChromeUser DataDefault [2017-12-27]

CHR Extension: (No Identify) – C:UsersadministratorAppDataLocalGoogleChromeUser DataDefaultExtensionsaapocclcgogkmnckokdopfmhonfmgoek [2017-11-22]

CHR Extension: (No Identify) – C:UsersadministratorAppDataLocalGoogleChromeUser DataDefaultExtensionsaohghmighlieiainnegkcijnfilokake [2017-11-22]

CHR Extension: (No Identify) – C:UsersadministratorAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2017-02-15]

CHR Extension: (No Identify) – C:UsersadministratorAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-15]

CHR Extension: (No Identify) – C:UsersadministratorAppDataLocalGoogleChromeUser DataDefaultExtensionsfelcaaldnbdncclmgdcncolpebgiejap [2017-11-22]

CHR Extension: (No Identify) – C:UsersadministratorAppDataLocalGoogleChromeUser DataDefaultExtensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-02-15]

CHR Extension: (Software Launcher for Drive (by Google)) – C:UsersadministratorAppDataLocalGoogleChromeUser DataDefaultExtensionslmjegmlicamnimmfhcmpkclmigmmcbeh [2017-07-26]

CHR Extension: (Chrome Internet Retailer Funds) – C:UsersadministratorAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2017-10-10]

CHR Extension: (No Identify) – C:UsersadministratorAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2017-02-15]

CHR Extension: (Chrome Media Router) – C:UsersadministratorAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-18]

CHR HKUS-1-5-21-4017227460-457275624-4033542720-500SOFTWAREGoogleChromeExtensions…ChromeExtension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] – hxxps://clients2.google.com/service/update2/crx

==================== Providers (Whitelisted) ====================

(If an entry is included within the fixlist, it is going to be faraway from the registry. The file won’t be moved except listed individually.)

R2 a2AntiMalware; C:Program FilesEmsisoft Anti-Malwarea2service.exe [9216648 2017-11-29] (Emsisoft Ltd)

R2 ADWS; C:WindowsADWSMicrosoft.ActiveDirectory.WebServices.exe [465920 2017-02-08] (Microsoft Company)

S2 AmmyyAdmin; C:UsersadministratorDesktopAA_v3.exe [773624 2017-05-17] (Ammyy LLC)

R2 avast! Antivirus; C:Program FilesAVAST SoftwareAvast BusinessAvastSvc.exe [54344 2016-10-24] (Avast Software program s.r.o.)

R2 cbVSCService11; C:Program Information (x86)Cobian Backup 11cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]

R2 CobianBackup11; C:Program Information (x86)Cobian Backup 11cbService.exe [1131008 2013-03-07] (Luis Cobian, CobianSoft) [File not signed]

R2 Dfs; C:Windowssystem32dfssvc.exe [454144 2017-02-08] (Microsoft Company)

R2 DFSR; C:Windowssystem32DFSRs.exe [3887104 2017-03-04] (Microsoft Company)

R2 DNS; C:Windowssystem32dns.exe [2078720 2016-09-15] (Microsoft Company)

S3 DsRoleSvc; C:Windowssystem32dsrolesrv.dll [293376 2017-02-08] (Microsoft Company)

R2 HpAmsStor; C:Program FilesHewlett-PackardAMSserviceHpAmsStor.exe [15248 2015-11-10] (Hewlett-Packard Firm)

R2 hpqams; C:Program FilesHewlett-PackardAMSservicehpqams.exe [560528 2015-11-10] (Hewlett Packard Enterprise Improvement LP)

R2 IsmServ; C:WindowsSystem32ismserv.exe [69120 2017-02-08] (Microsoft Company)

R2 Kdc; C:Windowssystem32kdcsvc.dll [564224 2017-03-04] (Microsoft Company)

S3 KdsSvc; C:Windowssystem32KdsSvc.dll [37888 2017-02-08] (Microsoft Company)

S3 KPSSVC; C:Windowssystem32kpssvc.dll [177152 2016-07-16] (Microsoft Company)

S3 MaxSyncUpService; C:Program Information (x86)MaxSyncUpmsusvc.exe [2340080 2017-05-30] (@MAX Software program)

R2 MBAMService; C:Program FilesMalwarebytesAnti-Malwarembamservice.exe [6234056 2017-11-01] (Malwarebytes)

R2 NTDS; C:Windowssystem32ntdsa.dll [95744 2016-08-06] (Microsoft Company)

R2 NtFrs; C:Windowssystem32ntfrs.exe [1002496 2017-02-08] (Microsoft Company)

R2 ProLiantMonitor; C:Program FilesHewlett-PackardiLO 3serviceProLiantMonitor.exe [259984 2015-02-09] (Hewlett-Packard Firm)

S3 RSoPProv; C:Windowssystem32RSoPProv.exe [97280 2016-07-16] (Microsoft Company)

S3 RSoPProv; C:WindowsSysWOW64RSoPProv.exe [83968 2016-07-16] (Microsoft Company)

S3 sacsvr; C:Windowssystem32sacsvr.dll [16896 2016-07-16] (Microsoft Company)

R2 sysdown; C:Program FilesHewlett-PackardiLO 3serviceProLiantMonitor.exe [259984 2015-02-09] (Hewlett-Packard Firm)

R2 TeraCopyService; C:Program FilesTeraCopyTeraCopyService.exe [110416 2017-05-05] (Code Sector)

R2 UALSVC; C:WindowsSystem32ualsvc.dll [261120 2016-07-16] (Microsoft Company)

S3 WdNisSvc; C:Program FilesWindows DefenderNisSrv.exe [347328 2016-07-16] (Microsoft Company)

R2 WinDefend; C:Program FilesWindows DefenderMsMpEng.exe [103712 2017-03-04] (Microsoft Company)

===================== Drivers (Whitelisted) ======================

(If an entry is included within the fixlist, it is going to be faraway from the registry. The file won’t be moved except listed individually.)

R2 aswMonFlt; C:Windowssystem32driversaswMonFlt.sys [90344 2016-10-24] (Avast Software program s.r.o.)

R1 aswRdr; C:WindowsSystem32Driversaswrdr2.sys [80376 2016-10-24] (Avast Software program s.r.o.)

R0 aswRvrt; C:WindowsSystem32DriversaswRvrt.sys [74680 2016-10-24] ()

R1 aswSnx; C:WindowsSystem32DriversaswSnx.sys [1053392 2016-10-24] (Avast Software program s.r.o.)

R1 aswSP; C:WindowsSystem32DriversaswSP.sys [441944 2016-10-24] (Avast Software program s.r.o.)

R1 aswTdi; C:WindowsSystem32DriversaswTdi.sys [78264 2016-10-24] (Avast Software program s.r.o.)

S3 aswVmm; C:WindowsSystem32DriversaswVmm.sys [292840 2016-10-24] ()

S0 bfad; C:WindowsSystem32driversbfad.sys [1964296 2014-09-29] (QLogic Company)

S0 bfadfcoei; C:WindowsSystem32driversbfadfcoei.sys [2279264 2016-07-16] (QLogic Company)

S0 bfadi; C:WindowsSystem32driversbfadi.sys [2279264 2016-07-16] (QLogic Company)

S0 bfad_up; C:WindowsSystem32driversbfad_up.sys [17160 2014-09-29] (QLogic Company)

S0 bxfcoe; C:WindowsSystem32driversbxfcoe.sys [205152 2016-07-16] (QLogic Company)

S0 bxois; C:WindowsSystem32driversbxois.sys [536416 2016-07-16] (QLogic Company)

R1 DfsDriver; C:WindowsSystem32driversdfs.sys [55648 2017-02-08] (Microsoft Company)

R0 DfsrRo; C:WindowsSystem32driversdfsrro.sys [67424 2017-02-08] (Microsoft Company)

S0 elxfcoe; C:WindowsSystem32driverselxfcoe.sys [758624 2016-07-16] (Emulex)

R1 epp; C:PROGRAM FILESEMSISOFT ANTI-MALWAREepp.sys [124552 2016-11-23] (Emsisoft Ltd)

R1 ESProtectionDriver; C:Windowssystem32driversmbae64.sys [77432 2017-11-29] ()

R0 HPpSA; C:WindowsSystem32driversHPpSA.sys [32440 2015-11-17] (PMC-Sierra Firm)

R3 hpqilo3chif; C:Windowssystem32DRIVERShpqilo3chif.sys [43920 2013-11-23] (Hewlett-Packard Firm)

R3 hpqilo3core; C:WindowsSystem32drivershpqilo3core.sys [47384 2013-05-22] (Hewlett-Packard Firm)

R0 hpqilo3whea; C:WindowsSystem32DRIVERShpqilo3whea.sys [18472 2010-02-12] (Hewlett-Packard Firm)

S0 HPSA2; C:WindowsSystem32driversHPSA2.sys [173456 2015-08-20] (Hewlett-Packard Firm)

R0 HPSA3; C:WindowsSystem32driversHPSA3.sys [180408 2015-11-17] (PMC-Sierra Firm)

S3 IPsecGW; C:WindowsSystem32driversipsecgw.sys [18432 2016-07-16] (Microsoft Company)

S1 isiigddb; C:Windowssystem32driversisiigddb.sys [72816 2017-12-16] (Microsoft Company)

R2 MBAMChameleon; C:WindowsSystem32DriversMbamChameleon.sys [193968 2017-12-16] (Malwarebytes)

R3 MBAMFarflt; C:Windowssystem32DRIVERSfarflt.sys [110016 2017-12-16] (Malwarebytes)

R3 MBAMProtection; C:Windowssystem32DRIVERSmbam.sys [46008 2017-12-16] (Malwarebytes)

R0 MBAMSwissArmy; C:WindowsSystem32Driversmbamswissarmy.sys [253880 2017-12-16] (Malwarebytes)

R3 MBAMWebProtection; C:Windowssystem32DRIVERSmwac.sys [94144 2017-12-27] (Malwarebytes)

R1 MpKslabc00e18; C:ProgramDataMicrosoftWindows DefenderDefinition Updates{28A42F52-5F3E-47F5-9BB2-4F0BF5BFCDCC}MpKslabc00e18.sys [58120 2017-12-26] (Microsoft Company)

S3 MsLbfoProvider; C:WindowsSystem32driversMsLbfoProvider.sys [121344 2016-07-16] (Microsoft Company)

S0 ql2300i; C:WindowsSystem32driversql2300i.sys [1632608 2016-07-16] (QLogic Company)

S0 ql40xx2i; C:WindowsSystem32driversql40xx2i.sys [475488 2016-07-16] (QLogic Company)

S0 qlfcoe; C:WindowsSystem32driversqlfcoe.sys [1357064 2015-03-24] (QLogic Company)

S0 qlfcoei; C:WindowsSystem32driversqlfcoei.sys [1300320 2016-07-16] (QLogic Company)

S3 RasGre; C:WindowsSystem32driversrasgre.sys [45056 2016-07-16] (Microsoft Company)

S0 sacdrv; C:WindowsSystem32DRIVERSsacdrv.sys [95072 2016-09-15] (Microsoft Company)

S3 smbdirect; C:WindowsSystem32DRIVERSsmbdirect.sys [159232 2016-09-15] (Microsoft Company)

S0 WdBoot; C:WindowsSystem32driversWdBoot.sys [44056 2016-07-16] (Microsoft Company)

R0 WdFilter; C:WindowsSystem32driversWdFilter.sys [290144 2016-07-16] (Microsoft Company)

S3 WdNisDrv; C:WindowsSystem32DriversWdNisDrv.sys [123232 2016-07-16] (Microsoft Company)

R1 ZAM; C:WindowsSystem32driverszam64.sys [203680 2017-12-17] (Zemana Ltd.)

R1 ZAM_Guard; C:WindowsSystem32driverszamguard64.sys [203680 2017-12-17] (Zemana Ltd.)

S3 vwifibus; SystemRootSystem32driversvwifibus.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included within the fixlist, it is going to be faraway from the registry. The file won’t be moved except listed individually.)

NETSVC: sacsvr -> C:Windowssystem32sacsvr.dll (Microsoft Company)

==================== One Month Created recordsdata and folders ========

(If an entry is included within the fixlist, the file/folder shall be moved.)

2017-12-27 13:10 – 2017-12-27 13:11 – 000015715 _____ C:UsersadministratorDownloadsFRST.txt

2017-12-27 13:09 – 2017-12-27 13:09 – 000000000 ____D C:UsersadministratorDownloadsFRST-OlderVersion

2017-12-22 11:07 – 2017-12-27 13:10 – 000000000 ____D C:FRST

2017-12-22 11:06 – 2017-12-27 13:09 – 002391552 _____ (Farbar) C:UsersadministratorDownloadsFRST64.exe

2017-12-21 02:21 – 2017-12-21 02:21 – 000000000 ____D C:UsersadministratorDownloadsSATI-Q-20171220T210443Z-003

2017-12-21 01:51 – 2017-12-21 01:51 – 000000000 ____D C:UsersadministratorDownloadsSATI-Q-20171220T210443Z-001

2017-12-21 01:47 – 2017-12-21 01:47 – 000000000 ____D C:UsersadministratorDownloadsSATI-Q-20171220T210443Z-002

2017-12-21 01:44 – 2017-12-21 01:44 – 000000000 ____D C:UsersadministratorDownloadsSATI-Q-20171220T210443Z-004

2017-12-21 01:42 – 2017-12-21 01:42 – 000000000 ____D C:UsersadministratorDownloadsSATI-Q-20171220T210443Z-006

2017-12-21 01:40 – 2017-12-21 01:40 – 000000000 ____D C:UsersadministratorDownloadsSATI-Q-20171220T210443Z-005

2017-12-21 01:39 – 2017-12-21 01:39 – 000000000 ____D C:UsersadministratorDownloadsSATI-Q-20171220T210443Z-007

2017-12-21 01:39 – 2017-12-21 01:39 – 000000000 ____D C:UsersadministratorDownloadscontrolsalud-20171220T210156Z-001

2017-12-20 18:17 – 2017-12-20 19:52 – 1387098212 _____ C:UsersadministratorDownloadsSATI-Q-20171220T210443Z-001.zip

2017-12-20 18:17 – 2017-12-20 19:50 – 1215464476 _____ C:UsersadministratorDownloadsSATI-Q-20171220T210443Z-002.zip

2017-12-20 18:17 – 2017-12-20 19:48 – 1161162502 _____ C:UsersadministratorDownloadsSATI-Q-20171220T210443Z-003.zip

2017-12-20 18:17 – 2017-12-20 19:45 – 1098453796 _____ C:UsersadministratorDownloadsSATI-Q-20171220T210443Z-004.zip

2017-12-20 18:17 – 2017-12-20 19:36 – 934886682 _____ C:UsersadministratorDownloadsSATI-Q-20171220T210443Z-006.zip

2017-12-20 18:17 – 2017-12-20 19:22 – 721786001 _____ C:UsersadministratorDownloadsSATI-Q-20171220T210443Z-005.zip

2017-12-20 18:17 – 2017-12-20 18:42 – 251871437 _____ C:UsersadministratorDownloadsSATI-Q-20171220T210443Z-007.zip

2017-12-20 18:02 – 2017-12-20 18:03 – 085306491 _____ C:UsersadministratorDownloadscontrolsalud-20171220T210156Z-001.zip

2017-12-19 11:18 – 2017-12-19 11:20 – 000000000 ____D C:Program FilesRecuva

2017-12-19 11:18 – 2017-12-19 11:18 – 000003938 _____ C:WindowsSystem32TasksCCleaner Replace

2017-12-19 11:18 – 2017-12-19 11:18 – 000002870 _____ C:WindowsSystem32TasksCCleanerSkipUAC

2017-12-19 11:18 – 2017-12-19 11:18 – 000001699 _____ C:UsersPublicDesktopRecuva.lnk

2017-12-19 11:18 – 2017-12-19 11:18 – 000000863 _____ C:UsersPublicDesktopCCleaner.lnk

2017-12-19 11:18 – 2017-12-19 11:18 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsRecuva

2017-12-19 11:18 – 2017-12-19 11:18 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsCCleaner

2017-12-19 11:18 – 2017-12-19 11:18 – 000000000 ____D C:Program FilesCCleaner

2017-12-19 11:16 – 2017-12-19 11:17 – 005562976 _____ (Piriform Ltd) C:UsersadministratorDownloadsrcsetup153.exe

2017-12-18 15:12 – 2017-12-18 15:12 – 000000000 ____D C:UsersadministratorAppDataLocalFSDART

2017-12-18 15:11 – 2017-12-18 15:18 – 000000000 ____D C:ProgramDataF-Safe

2017-12-18 15:11 – 2017-12-18 15:11 – 000524248 _____ (F-Safe Company) C:UsersadministratorDownloadsF-SecureOnlineScanner.exe

2017-12-18 15:11 – 2017-12-18 15:11 – 000000000 ____D C:UsersadministratorAppDataLocalF-Safe

2017-12-18 15:10 – 2017-12-18 15:11 – 000000459 _____ C:Windowswininit.ini

2017-12-18 15:10 – 2017-12-18 15:10 – 000000000 ____D C:ProgramDataMcAfee Safety Scan

2017-12-18 15:10 – 2017-12-18 15:10 – 000000000 ____D C:ProgramDataMcAfee

2017-12-18 15:09 – 2017-12-18 15:10 – 011026328 _____ (McAfee, Inc.) C:UsersadministratorDownloadsSecurityScan_Release.exe

2017-12-18 10:25 – 2017-12-18 10:25 – 000000000 ____D C:UsersadministratorAppDataLocalESET

2017-12-18 10:24 – 2017-12-18 10:24 – 006968952 _____ (ESET spol. s r.o.) C:UsersadministratorDownloadsesetonlinescanner_enu.exe

2017-12-17 10:20 – 2017-12-18 10:21 – 000000000 ____D C:ProgramDataHitmanPro

2017-12-17 10:20 – 2017-12-17 10:21 – 011584088 _____ (SurfRight B.V.) C:UsersadministratorDownloadsHitmanPro_x64.exe

2017-12-17 10:19 – 2017-12-17 10:19 – 011024040 _____ (SurfRight B.V.) C:UsersadministratorDownloadsHitmanPro.exe

2017-12-17 02:25 – 2017-12-17 02:25 – 000028272 _____ C:Windowssystem32DriversTrueSight.sys

2017-12-17 02:24 – 2017-12-17 10:18 – 000000000 ____D C:ProgramDataRogueKiller

2017-12-17 02:24 – 2017-12-17 02:24 – 026867784 _____ (Adlice Software program) C:UsersadministratorDownloadsRogueKiller_portable64.exe

2017-12-17 01:35 – 2017-12-27 13:11 – 015797688 _____ C:WindowsZAM_Guard.krnl.hint

2017-12-17 01:35 – 2017-12-27 13:11 – 015049496 _____ C:WindowsZAM.krnl.hint

2017-12-17 01:35 – 2017-12-17 01:35 – 000203680 _____ (Zemana Ltd.) C:Windowssystem32Driverszamguard64.sys

2017-12-17 01:35 – 2017-12-17 01:35 – 000203680 _____ (Zemana Ltd.) C:Windowssystem32Driverszam64.sys

2017-12-17 01:35 – 2017-12-17 01:35 – 000000000 ____D C:UsersadministratorAppDataLocalZemana

2017-12-17 01:34 – 2017-12-17 01:35 – 015808656 _____ (Copyright 2017.) C:UsersadministratorDownloadsZemana.AntiMalware.Moveable (1).exe

2017-12-17 00:23 – 2017-12-17 00:24 – 015808656 _____ (Copyright 2017.) C:UsersadministratorDownloadsZemana.AntiMalware.Moveable.exe

2017-12-17 00:20 – 2017-12-17 00:20 – 000002205 _____ C:UsersadministratorDesktopmalwarebytes.txt

2017-12-16 22:43 – 2017-12-27 11:46 – 000094144 _____ (Malwarebytes) C:Windowssystem32Driversmwac.sys

2017-12-16 22:43 – 2017-12-16 22:43 – 000193968 _____ (Malwarebytes) C:Windowssystem32DriversMbamChameleon.sys

2017-12-16 22:43 – 2017-12-16 22:43 – 000110016 _____ (Malwarebytes) C:Windowssystem32Driversfarflt.sys

2017-12-16 22:43 – 2017-12-16 22:43 – 000046008 _____ (Malwarebytes) C:Windowssystem32Driversmbam.sys

2017-12-16 22:42 – 2017-12-16 22:42 – 000253880 _____ (Malwarebytes) C:Windowssystem32Driversmbamswissarmy.sys

2017-12-16 22:42 – 2017-12-16 22:42 – 000001912 _____ C:UsersPublicDesktopMalwarebytes.lnk

2017-12-16 22:42 – 2017-12-16 22:42 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsMalwarebytes

2017-12-16 22:42 – 2017-12-16 22:42 – 000000000 ____D C:ProgramDataMalwarebytes

2017-12-16 22:42 – 2017-12-16 22:42 – 000000000 ____D C:Program FilesMalwarebytes

2017-12-16 22:42 – 2017-11-29 09:11 – 000077432 _____ C:Windowssystem32Driversmbae64.sys

2017-12-16 22:40 – 2017-12-16 22:41 – 083316440 _____ (Malwarebytes ) C:UsersadministratorDownloadsmb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3374.exe

2017-12-16 18:58 – 2017-12-16 21:26 – 000000000 ____D C:ProgramDataEmsisoft

2017-12-16 18:57 – 2017-12-16 18:57 – 000000937 _____ C:UsersPublicDesktopEmsisoft Anti-Malware.lnk

2017-12-16 18:57 – 2017-12-16 18:57 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsEmsisoft Anti-Malware

2017-12-16 18:56 – 2017-12-27 13:00 – 000000000 ____D C:Program FilesEmsisoft Anti-Malware

2017-12-16 18:47 – 2017-12-16 18:52 – 253383016 _____ (Emsisoft Ltd. ) C:UsersadministratorDownloadsEmsisoftAntiMalwareSetup_bc.exe

2017-12-16 13:35 – 2017-12-16 13:35 – 000072816 _____ (Microsoft Company) C:Windowssystem32Driversisiigddb.sys

2017-12-14 15:36 – 2017-12-14 15:36 – 000000000 ____D C:WindowsSysWOW64XPSViewer

2017-12-14 15:35 – 2017-12-14 15:35 – 000000000 ____D C:Program FilesReference Assemblies

2017-12-14 15:35 – 2017-12-14 15:35 – 000000000 ____D C:Program FilesMSBuild

2017-12-14 15:35 – 2017-12-14 15:35 – 000000000 ____D C:Program Information (x86)Reference Assemblies

2017-12-14 15:35 – 2017-12-14 15:35 – 000000000 ____D C:Program Information (x86)MSBuild

2017-12-14 15:31 – 2016-05-25 11:03 – 000778936 _____ (Microsoft Company) C:WindowsSysWOW64PresentationNative_v0300.dll

2017-12-14 15:31 – 2016-05-25 11:03 – 000103120 _____ (Microsoft Company) C:WindowsSysWOW64PresentationCFFRasterizerNative_v0300.dll

2017-12-14 15:31 – 2016-05-25 11:03 – 000035480 _____ (Microsoft Company) C:WindowsSysWOW64TsWpfWrp.exe

2017-12-14 15:30 – 2016-05-25 14:31 – 001166520 _____ (Microsoft Company) C:Windowssystem32PresentationNative_v0300.dll

See also  GTA V Infernus v31

2017-12-14 15:30 – 2016-05-25 14:31 – 000124624 _____ (Microsoft Company) C:Windowssystem32PresentationCFFRasterizerNative_v0300.dll

2017-12-14 15:30 – 2016-05-25 14:31 – 000035480 _____ (Microsoft Company) C:Windowssystem32TsWpfWrp.exe

2017-12-14 15:26 – 2017-12-14 15:26 – 002869264 _____ (Microsoft Company) C:UsersadministratorDownloadsdotNetFx35setup.exe

2017-12-14 15:21 – 2017-12-14 15:21 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsCobian Backup 11

2017-12-14 15:21 – 2017-12-14 15:21 – 000000000 ____D C:Program Information (x86)Cobian Backup 11

2017-12-14 15:19 – 2017-12-14 15:19 – 019709440 _____ (Luis Cobian, CobianSoft) C:UsersadministratorDownloadscbSetup.exe

2017-12-14 15:19 – 2017-12-14 15:19 – 000000000 ____D C:UsersadministratorDesktopServicios sospechosos

2017-12-14 14:47 – 2017-12-14 15:38 – 000003656 _____ C:WindowsSystem32TasksCreateExplorerShellUnelevatedTask

2017-12-14 14:36 – 2017-12-21 02:29 – 000000000 ____D C:UsersadministratorAppDataRoamingTeraCopy

2017-12-14 14:36 – 2017-12-14 14:36 – 000000000 ___HD C:UsersadministratorAppDataRoamingObsidium

2017-12-14 14:36 – 2017-12-14 14:36 – 000000000 ___HD C:Usersadministrator.obs32

2017-12-14 14:35 – 2017-12-14 14:35 – 000001725 _____ C:ProgramDataMicrosoftWindowsStart MenuTeraCopy.lnk

2017-12-14 14:35 – 2017-12-14 14:35 – 000000000 ____D C:Program FilesTeraCopy

2017-12-14 14:04 – 2017-12-14 14:05 – 000000000 ____D C:Share copia encriptada

2017-12-12 12:26 – 2017-12-14 13:06 – 000636278 _____ C:Windowsntbtlog.txt

2017-12-09 17:01 – 2017-12-12 12:46 – 000000371 _____ C:UsersPublicDesktopRDP PORT CHANGED.txt

2017-12-09 17:01 – 2017-12-12 12:46 – 000000371 _____ C:RDP PORT CHANGED.txt

2017-12-09 15:55 – 2017-12-09 15:55 – 000000162 _____ C:WindowsSysWOW64s3456784.txt

2017-12-09 06:30 – 2017-12-09 06:30 – 000000167 _____ C:UsersPublicDesktopOK_SNT.ntuser.dat.crashlog.txt

2017-12-09 06:29 – 2016-04-17 04:01 – 000000082 _____ C:WindowsSysWOW64decryptaesfiles.txt

2017-12-09 06:29 – 2016-02-03 18:38 – 000510456 _____ (Alexander Roshal) C:WindowsSysWOW64cfwin32.dll

2017-12-09 06:29 – 2013-01-09 07:26 – 000155736 _____ (Sysinternals) C:WindowsSysWOW64sdelete.dll

2017-12-06 12:52 – 2017-12-06 12:52 – 000000000 ____D C:Program FilesCommon Filesavast software program

2017-12-06 01:10 – 2017-12-06 01:10 – 001322120 _____ (Acronis) C:Windowssystem32Driverstib_mounter.sys

2017-12-06 00:29 – 2017-12-06 00:30 – 000000000 ____D C:UsersadministratorDownloadsAcronis

2017-12-06 00:23 – 2017-12-06 00:24 – 000000012 ____N C:UsersadministratorDesktopEventos de auditoria.txt

2017-12-05 14:27 – 2017-12-14 16:50 – 000000000 ____D C:ProgramDataAcronis

2017-12-05 13:48 – 2017-12-05 13:49 – 000000000 ____D C:UsersadministratorDownloadsAcronis.Backup.And.Restoration.Server.With.Common.Restore.v11.5.32266.ES.Incl.Serial

2017-12-05 13:47 – 2017-12-05 13:47 – 001381582 _____ (Igor Pavlov) C:UsersadministratorDownloads7z1604-x64.exe

2017-12-05 13:47 – 2017-12-05 13:47 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuPrograms7-Zip

2017-12-05 13:47 – 2017-12-05 13:47 – 000000000 ____D C:Program Files7-Zip

2017-12-05 11:29 – 2017-12-05 11:29 – 000000000 ____D C:UsersadministratorAppDataLocalComms

2017-11-29 21:49 – 2017-11-30 02:11 – 943465172 _____ C:UsersadministratorDownloadsAcronis.Backup.And.Restoration.Server.With.Common.Restore.v11.5.32266.ES.Incl.Serial.rar

2017-11-29 13:48 – 2017-11-29 13:48 – 000000000 ____D C:UsersadministratorDownloadsNueva carpeta

==================== One Month Modified recordsdata and folders ========

(If an entry is included within the fixlist, the file/folder shall be moved.)

2017-12-27 13:10 – 2017-01-25 11:42 – 000072424 _____ C:Windowssystem32driverslist.csv

2017-12-26 20:00 – 2017-02-15 10:27 – 000000000 ____D C:WindowsNTDS

2017-12-17 03:20 – 2016-07-16 10:23 – 000000000 ____D C:Windowsrescache

2017-12-17 03:06 – 2017-01-25 11:44 – 002897042 _____ C:Windowssystem32PerfStringBackup.INI

2017-12-17 03:06 – 2016-09-12 08:25 – 001238820 _____ C:Windowssystem32perfh00A.dat

2017-12-17 03:06 – 2016-09-12 08:25 – 000310748 _____ C:Windowssystem32perfc00A.dat

2017-12-17 03:00 – 2016-09-12 08:44 – 000000006 ____H C:WindowsTasksSA.DAT

2017-12-15 05:27 – 2017-01-25 12:57 – 000002230 _____ C:ProgramDataMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2017-12-15 05:27 – 2017-01-25 12:57 – 000002218 _____ C:UsersPublicDesktopGoogle Chrome.lnk

2017-12-14 15:38 – 2016-07-16 10:02 – 000000000 ____D C:WindowsCbsTemp

2017-12-14 15:36 – 2016-07-16 10:23 – 000000000 ____D C:WindowsSysWOW64MUI

2017-12-14 15:36 – 2016-07-16 10:23 – 000000000 ____D C:Windowssystem32MUI

2017-12-14 15:35 – 2016-07-16 10:21 – 000000000 ____D C:WindowsINF

2017-12-14 15:20 – 2017-02-11 19:21 – 000000000 ____D C:UsersadministratorAppDataLocalConnectedDevicesPlatform

2017-12-14 15:04 – 2017-04-04 12:43 – 000004298 _____ C:WindowsSystem32Tasksavast! Emergency Replace

2017-12-14 15:03 – 2017-02-15 10:31 – 000003416 _____ C:Windowssystem32confignetlogon.dnb

2017-12-14 15:03 – 2017-02-15 10:31 – 000002125 _____ C:Windowssystem32confignetlogon.dns

2017-12-14 15:02 – 2017-02-15 10:26 – 000000000 ____D C:Windowssystem32dns

2017-12-14 14:59 – 2016-07-16 03:04 – 000065536 _____ C:Windowssystem32configBBI

2017-12-14 14:36 – 2017-02-11 19:21 – 000000000 ____D C:Usersadministrator

2017-12-14 14:29 – 2017-08-25 20:54 – 000002664 _____ C:WindowsSystem32TasksFinalizar backup

2017-12-14 14:29 – 2017-08-25 20:53 – 000002644 _____ C:WindowsSystem32TasksIniciar backup

2017-12-14 13:13 – 2017-10-06 22:50 – 000000448 __RSH C:Usersadministratorntuser.pol

2017-12-14 13:12 – 2017-02-11 19:14 – 000003752 __RSH C:ProgramDatantuser.pol

2017-12-09 07:54 – 2017-03-07 23:23 – 000000000 ____D C:UsersadministratorAppDataRoamingTeamViewer

2017-12-09 07:53 – 2017-02-15 13:30 – 000000000 ____D C:ProgramDataMaxSyncUp

2017-12-09 07:53 – 2017-01-25 12:58 – 000000000 ____D C:UsersAdministrador.ALFAAppDataRoamingTeamViewer

2017-12-09 07:53 – 2017-01-25 11:40 – 000000000 ____D C:UsersAdministrador.ALFAAppDataLocalConnectedDevicesPlatform

2017-12-09 07:53 – 2017-01-25 08:18 – 000000000 ___HD C:cpqsystem

2017-12-09 07:53 – 2016-09-12 08:45 – 000000000 ____D C:UsersAdministradorAppDataLocalConnectedDevicesPlatform

2017-12-09 07:24 – 2017-08-25 22:46 – 000000000 ____D C:ProgramDataMicrosoftWindowsStart MenuProgramsBackup and Sync from Google

2017-12-09 06:30 – 2017-03-09 10:22 – 000002296 ____N C:UsersadministratorDocumentsDefault.rdp

2017-12-07 16:27 – 2017-08-25 22:46 – 000002075 _____ C:UsersPublicDesktopGoogle Slides.lnk

2017-12-06 12:52 – 2017-04-05 12:52 – 000000000 ____D C:WindowsSystem32TasksAVAST Software program

2017-12-05 14:52 – 2017-07-26 15:39 – 000000000 ____D C:Windowssystem32appmgmt

2017-12-05 14:27 – 2016-07-16 10:23 – 000000000 ____D C:Windowssecurity

==================== Information within the root of some directories =======

2017-04-04 14:25 – 2017-04-04 14:25 – 000007605 ____N () C:UsersadministratorAppDataLocalResmon.ResmonCfg

Some recordsdata in TEMP:

====================

2017-12-17 02:24 – 2016-11-11 07:13 – 001886344 _____ (Microsoft Company) C:UsersadministratorAppDataLocalTempdllnt_dump.dll

==================== Bamital & volsnap ======================

(There isn’t any automated repair for recordsdata that don’t go verification.)

C:Windowssystem32winlogon.exe => File is digitally signed

C:Windowssystem32wininit.exe => File is digitally signed

C:WindowsSysWOW64wininit.exe IS MISSING <==== ATTENTION

C:Windowsexplorer.exe => File is digitally signed

C:WindowsSysWOW64explorer.exe => File is digitally signed

C:Windowssystem32svchost.exe => File is digitally signed

C:WindowsSysWOW64svchost.exe => File is digitally signed

C:Windowssystem32services.exe => File is digitally signed

C:Windowssystem32User32.dll => File is digitally signed

C:WindowsSysWOW64User32.dll => File is digitally signed

C:Windowssystem32userinit.exe => File is digitally signed

C:WindowsSysWOW64userinit.exe => File is digitally signed

C:Windowssystem32rpcss.dll => File is digitally signed

C:Windowssystem32dnsapi.dll => File is digitally signed

C:WindowsSysWOW64dnsapi.dll => File is digitally signed

C:Windowssystem32Driversvolsnap.sys => File is digitally signed

LastRegBack: 2017-12-14 13:21

==================== Finish of FRST.txt ============================

Extra scan results of Farbar Restoration Scan Device (x64) Model: 26-12-2017

Ran by administrator (27-12-2017 13:12:43)

Working from C:UsersadministratorDownloads

Home windows Server 2016 Normal (X64) (2017-01-25 14:39:44)

Boot Mode: Regular

==========================================================

 

 

==================== Accounts: =============================

 

Administrator (0 – Administrator – Enabled) => %systemrootpercentsystem32configsystemprofile

Visitor (0 – Restricted – Disabled) => %systemrootpercentsystem32configsystemprofile

krbtgt (0 – Restricted – Disabled) => %systemrootpercentsystem32configsystemprofile

DefaultAccount (S-1-5-21-3983913466-1508181481-3891534483-503 – Restricted – Disabled)

SUPPORT_388945a0 (0 – Restricted – Disabled) => %systemrootpercentsystem32configsystemprofile

agorenstein (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

lprudent (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

dsatragno (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

csilvestre (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

nvain (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

cgarcia (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

nrossato (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

cvecchiarelli (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

IUSR_ALFA (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

IWAM_ALFA (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

aquiroga (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

meserra (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

asistente (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

secretaria (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

rmsoria (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

IUSR_BETA (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

IWAM_BETA (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

investigacion (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

gchattas (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

estudios (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

becario (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

comunicacion (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

desarrolloinstitucio (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

recepcion (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

avarela (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

enfermeria (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

mkenny (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

mlvbalaguer (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

BETA$ (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

NEWALFA$ (0 – Restricted – Disabled) => %systemrootpercentsystem32configsystemprofile

ALFA$ (0 – Restricted – Enabled) => %systemrootpercentsystem32configsystemprofile

 

==================== Safety Middle ========================

 

(If an entry is included within the fixlist, it is going to be eliminated.)

 

 

==================== Put in Packages ======================

 

(Solely the adware packages with “Hidden” flag might be added to the fixlist to unhide them. The adware packages ought to be uninstalled manually.)

 

@MAX SyncUp 6.0 (HKLM…{68EF9E48-C970-4124-BBC1-85C8ADD59109}_is1) (Model:  – @MAX Software program)

7-Zip 16.04 (x64) (HKLM…7-Zip) (Model: 16.04 – Igor Pavlov)

avast! File Server Safety (HKLM-x32…avast) (Model: 8.0.1609.0 – AVAST Software program)

Backup and Sync from Google (HKLM-x32…{908DB568-E5FA-40C7-A2AA-AB340190858B}) (Model: 3.38.7642.3857 – Google, Inc.)

CCleaner (HKLM…CCleaner) (Model: 5.38 – Piriform)

Cobian Backup 11 Gravity (HKLM-x32…CobBackup11) (Model:  – )

Emsisoft Anti-Malware (HKLM…{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Model: 2017.4 – Emsisoft Ltd.)

Google Chrome (HKLM-x32…Google Chrome) (Model: 63.0.3239.84 – Google Inc.)

Google Replace Helper (HKLM-x32…{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Model: 1.3.33.7 – Google Inc.) Hidden

HP ProLiant iLO 3/4 Administration Controller Package deal (HKLM…HP-{15EC9FFF-3B11-4F2A-92F8-F63F33F64B31}) (Model: 3.20.0.0 – Hewlett-Packard Firm)

HPE ProLiant Agentless Administration Service (HKLM…{89C1F171-F24A-401C-B688-FAE669866478}) (Model: 10.40.0.0 – Hewlett Packard Enterprise Improvement LP) Hidden

HPE ProLiant Agentless Administration Service (HKLM…HP-{EDE88CBB-3384-4DDA-B23B-7E54A3F4344F}) (Model: 10.40.0.0 – Hewlett Packard Enterprise Improvement LP)

Malwarebytes versión 3.3.1.2183 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Model: 3.3.1.2183 – Malwarebytes)

MergeModule2012 (HKLM…{3E0D2B4B-CA5F-40D6-B0AE-648008897125}) (Model: 1.0.0 – Microsoft) Hidden

Microsoft Visible C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Model: 9.0.30729.6161 – Microsoft Company)

Recuva (HKLM…Recuva) (Model: 1.53 – Piriform)

TeraCopy model 3.26 (HKLM…TeraCopy_is1) (Model: 3.26 – Code Sector)

 

==================== Customized CLSID (Whitelisted): ==========================

 

(If an entry is included within the fixlist, it is going to be faraway from the registry. The file won’t be moved except listed individually.)

 

ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:Program Information (x86)GoogleDrivegoogledrivesync64.dll [2017-11-20] (Google)

ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:Program Information (x86)GoogleDrivegoogledrivesync64.dll [2017-11-20] (Google)

ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:Program Information (x86)GoogleDrivegoogledrivesync64.dll [2017-11-20] (Google)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:Program FilesAVAST SoftwareAvast BusinessashShA64.dll [2016-10-24] (Avast Software program s.r.o.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2016-10-04] (Igor Pavlov)

ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:Program FilesAVAST SoftwareAvast BusinessashShA64.dll [2016-10-24] (Avast Software program s.r.o.)

ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:Program Information (x86)GoogleDrivecontextmenu64.dll [2017-11-20] (Google)

ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:Program FilesTeraCopyTeraCopyExt.dll [2016-12-07] ()

ContextMenuHandlers2-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:PROGRAM FILESEMSISOFT ANTI-MALWAREa2contmenu.dll [2015-10-21] (Emsisoft Ltd)

ContextMenuHandlers2-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:PROGRAM FILESEMSISOFT ANTI-MALWAREA2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd)

ContextMenuHandlers2-x32: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:Program FilesTeraCopyTeraCopyExt.dll [2016-12-07] ()

ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:Program FilesAVAST SoftwareAvast BusinessashShA64.dll [2016-10-24] (Avast Software program s.r.o.)

ContextMenuHandlers3-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:PROGRAM FILESEMSISOFT ANTI-MALWAREa2contmenu.dll [2015-10-21] (Emsisoft Ltd)

ContextMenuHandlers3-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:PROGRAM FILESEMSISOFT ANTI-MALWAREA2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd)

ContextMenuHandlers3-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2017-11-01] (Malwarebytes)

ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2016-10-04] (Igor Pavlov)

ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:Program Information (x86)GoogleDrivecontextmenu64.dll [2017-11-20] (Google)

ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:Program FilesRecuvaRecuvaShell64.dll [2016-06-06] (Piriform Ltd)

ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:Program FilesTeraCopyTeraCopyExt.dll [2016-12-07] ()

ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:Program Files7-Zip7-zip.dll [2016-10-04] (Igor Pavlov)

ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:Program FilesAVAST SoftwareAvast BusinessashShA64.dll [2016-10-24] (Avast Software program s.r.o.)

ContextMenuHandlers6-x32: [Emsisoft Shell Extension] -> {AB77609F-2178-4E6F-9C4B-44AC179D937A} => C:PROGRAM FILESEMSISOFT ANTI-MALWAREa2contmenu.dll [2015-10-21] (Emsisoft Ltd)

ContextMenuHandlers6-x32: [Emsisoft Shell Extension x64] -> {E3F21FC7-6D65-48E7-B62B-E9ED8200C764} => C:PROGRAM FILESEMSISOFT ANTI-MALWAREA2CONTMENU64.DLL [2015-10-21] (Emsisoft Ltd)

ContextMenuHandlers6-x32: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2017-11-01] (Malwarebytes)

ContextMenuHandlers6-x32: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:Program FilesRecuvaRecuvaShell64.dll [2016-06-06] (Piriform Ltd)

ContextMenuHandlers6-x32: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:Program FilesTeraCopyTeraCopyExt.dll [2016-12-07] ()

 

==================== Scheduled Duties (Whitelisted) =============

 

(If an entry is included within the fixlist, it is going to be faraway from the registry. The file won’t be moved except listed individually.)

 

Activity: {005E9852-43C1-4545-9089-3B62C3790C01} – System32TasksAvast SoftwareOverseer => C:Program FilesCommon Filesavast softwareoverseeroverseer.exe [2017-12-06] (AVAST Software program)

Activity: {01D24577-4E2B-4858-9B61-043DCF098E87} – System32TasksCCleanerSkipUAC => C:Program FilesCCleanerCCleaner.exe [2017-12-13] (Piriform Ltd)

Activity: {18CFC687-ED43-4982-9DE7-FBC9E36BFEF6} – System32TasksMicrosoftWindowsPLAServer Supervisor Efficiency Monitor => %systemrootpercentsystem32rundll32.exe %systemrootpercentsystem32pla.dll,PlaHost “Server Manager Performance Monitor” “$(Arg0)”

Activity: {2CFC8EDF-FE50-4562-B8D3-DF254C3E018F} – System32TasksGoogleUpdateTaskMachineUA => C:Program Information (x86)GoogleUpdateGoogleUpdate.exe [2017-01-25] (Google Inc.)

Activity: {41600EBB-B4B7-472A-9F58-8AA04A7F8984} – System32TasksMicrosoftWindowsNetwork ControllerSDN Diagnostics Activity

Activity: {423523CC-C7A9-46CD-B449-0C6C806C3F8D} – System32TasksMicrosoftWindowsSoftware Stock LoggingConfiguration => %systemrootpercentsystem32cmd.exe /d /c %systemrootpercentsystem32silcollector.cmd configure

Activity: {51AE33E2-880E-4C98-9283-D504F1A0142A} – System32TasksIniciar backup => C:Program Information (x86)GoogleDrivegoogledrivesync.exe [2017-11-20] ()

Activity: {7A51A7AB-56A0-440E-92B8-274FE8092C1A} – System32TasksAVAST SoftwareAvast settings backup => C:Program FilesCommon FilesAVavast! Antivirusbackup.exe

Activity: {B3969132-6F86-4C86-8112-7654CCE8EE1D} – System32Tasksavast! Emergency Replace => C:Program FilesAVAST SoftwareAvast BusinessAvastEmUpdate.exe [2017-04-05] (Avast Software program s.r.o.)

Activity: {C42217E9-71C2-483D-932D-C517BA56D1A3} – System32TasksCCleaner Replace => C:Program FilesCCleanerCCUpdate.exe [2017-12-13] (Piriform Ltd)

Activity: {D27F3323-DB9F-42A6-8FE1-E91CFC98449C} – System32TasksGoogleUpdateTaskMachineCore => C:Program Information (x86)GoogleUpdateGoogleUpdate.exe [2017-01-25] (Google Inc.)

Activity: {DF1BA6A6-82D9-4DF9-A787-7804CDFA74B5} – System32TasksMicrosoftWindowsServer ManagerServerManager => C:Windowssystem32ServerManagerLauncher.exe [2016-07-16] (Microsoft Company)

Activity: {E0A67649-21C8-4620-81A8-EACF01A98AC3} – System32TasksMicrosoftWindowsSoftware Stock LoggingCollection => %systemrootpercentsystem32cmd.exe /d /c %systemrootpercentsystem32silcollector.cmd publish

Activity: {EFDC23D7-2F66-41E7-8D44-7E7532F8AABD} – System32TasksFinalizar backup => taskkill [Argument = /f /im googledrivesync.exe]

Activity: {F0240DDF-FDD2-46B9-8664-34A1B0825CD3} – System32TasksMicrosoftWindowsServer ManagerCleanupOldPerfLogs => %systemrootpercentsystem32cscript.exe /B /nologo %systemrootpercentsystem32calluxxprovider.vbs $(Arg0) $(Arg1) $(Arg2)

Activity: {F4FA9ECF-F4C5-4FA5-AE74-EA2ABA016D2C} – System32TasksCreateExplorerShellUnelevatedTask => C:Windowsexplorer.exe /NOUACCHECK

 

(If an entry is included within the fixlist, the duty (.job) file shall be moved. The file which is operating by the duty won’t be moved.)

 

 

==================== Shortcuts & WMI ========================

 

(The entries might be listed to be restored or eliminated.)

See also  IMEI Generator Soft

 

 

==================== Loaded Modules (Whitelisted) ==============

 

2016-07-16 10:18 – 2016-07-16 10:18 – 000231424 _____ () C:WindowsSYSTEM32ism32k.dll

2017-03-18 18:49 – 2017-03-04 04:19 – 002681200 _____ () C:Windowssystem32CoreUIComponents.dll

2015-11-10 08:46 – 2015-11-10 08:46 – 000044944 _____ () C:Program FilesHewlett-PackardAMSserviceCQMGSTOR.dll

2015-11-10 08:46 – 2015-11-10 08:46 – 000038800 _____ () C:Program FilesHewlett-PackardAMSservicecqstrutl.dll

2015-11-10 08:46 – 2015-11-10 08:46 – 000056208 _____ () C:Program FilesHewlett-PackardAMSserviceCPQIDE.DLL

2015-11-10 08:46 – 2015-11-10 08:46 – 000054160 _____ () C:Program FilesHewlett-PackardAMSserviceCPQMDISK.dll

2015-11-10 08:46 – 2015-11-10 08:46 – 000067984 _____ () C:Program FilesHewlett-PackardAMSserviceCPQMSCSI.DLL

2015-11-10 08:47 – 2015-11-10 08:47 – 000065936 _____ () C:Program FilesHewlett-PackardAMSserviceCPQSAS.DLL

2015-11-10 08:47 – 2015-11-10 08:47 – 000344464 _____ () C:Program FilesHewlett-PackardAMSservicew2kmgAMS.dll

2017-11-20 15:27 – 2017-11-20 15:27 – 041061856 _____ () C:Program Information (x86)GoogleDrivegoogledrivesync.exe

2017-12-14 14:35 – 2016-12-07 16:40 – 003681104 _____ () C:Program FilesTeraCopyTeraCopyExt.dll

2017-12-14 14:35 – 2017-03-14 16:51 – 001714688 _____ () C:Program FilesTeraCopyTeraCopy64.dll

2017-01-25 18:05 – 2016-09-07 01:56 – 000134656 _____ () C:WindowsShellExperiencesWindows.UI.Shell.SharedUtilities.dll

2017-03-18 18:47 – 2017-03-04 03:31 – 000474112 _____ () C:WindowsShellExperiencesQuickActions.dll

2017-03-18 18:48 – 2017-03-04 03:12 – 009760768 _____ () C:WindowsSystemAppsMicrosoft.Home windows.Cortana_cw5n1h2txyewyCortanaApi.dll

2017-03-18 18:48 – 2017-03-04 03:05 – 001401856 _____ () C:WindowsSystemAppsMicrosoft.Home windows.Cortana_cw5n1h2txyewyCortana.Core.dll

2017-03-18 18:48 – 2017-03-04 03:05 – 000757248 _____ () C:WindowsSystemAppsMicrosoft.Home windows.Cortana_cw5n1h2txyewyCSGSuggestLib.dll

2017-03-18 18:48 – 2017-03-04 03:05 – 002424320 _____ () C:WindowsSystemAppsMicrosoft.Home windows.Cortana_cw5n1h2txyewyCortana.BackgroundTask.dll

2017-03-18 18:49 – 2017-03-04 03:08 – 004853760 _____ () C:WindowsSystemAppsMicrosoft.Home windows.Cortana_cw5n1h2txyewyRemindersUI.dll

2017-12-16 22:42 – 2017-11-29 09:11 – 002301384 _____ () C:PROGRAM FILESMALWAREBYTESANTI-MALWARESelfProtectionSdk.dll

2017-12-16 22:42 – 2017-11-29 09:11 – 002358728 _____ () C:PROGRAM FILESMALWAREBYTESANTI-MALWAREMwacLib.dll

2017-12-15 05:27 – 2017-12-06 01:24 – 002873688 _____ () C:Program Information (x86)GoogleChromeApplication63.0.3239.84swiftshaderlibglesv2.dll

2017-12-15 05:26 – 2017-12-06 01:24 – 000137048 _____ () C:Program Information (x86)GoogleChromeApplication63.0.3239.84swiftshaderlibegl.dll

2017-12-17 11:17 – 2017-12-17 10:00 – 005116928 _____ () C:Program FilesAVAST SoftwareAvast Businessdefs17121700algo.dll

2017-12-26 12:01 – 2017-12-26 08:55 – 005116928 _____ () C:Program FilesAVAST SoftwareAvast Businessdefs17122602algo.dll

2017-12-14 15:03 – 2017-12-14 15:03 – 000088064 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442_ctypes.pyd

2017-12-14 15:03 – 2017-12-14 15:03 – 000919552 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442_hashlib.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000098816 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442win32api.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000110080 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442pywintypes27.dll

2017-12-14 15:04 – 2017-12-14 15:04 – 000364544 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442pythoncom27.dll

2017-12-14 15:04 – 2017-12-14 15:04 – 000686080 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442unicodedata.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000320512 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442win32com.shell.shell.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 001177088 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442wx._core_.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000806912 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442wx._gdi_.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000816640 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442wx._windows_.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 001067520 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442wx._controls_.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000733696 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442wx._misc_.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000736256 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442pysqlite2._sqlite.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000119808 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442win32file.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000108544 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442win32security.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000007168 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442hashobjs_ext.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000017920 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442thumbnails_ext.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000082432 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442usb_ext.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000013824 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442common.time34.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000018432 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442win32event.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000027648 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442windows.conditional.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000017408 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442windows.winwrap.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000089088 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442windows.volumes.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000167936 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442win32gui.pyd

2017-12-14 15:03 – 2017-12-14 15:03 – 000046080 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442_socket.pyd

2017-12-14 15:03 – 2017-12-14 15:04 – 001311744 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442_ssl.pyd

2017-12-14 15:03 – 2017-12-14 15:03 – 000129536 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442_elementtree.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000127488 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442pyexpat.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000038912 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442win32inet.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000077824 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442wx._html2.pyd

2017-12-14 15:03 – 2017-12-14 15:03 – 000036864 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442_psutil_windows.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000524248 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442windows._lib_cacheinvalidation.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000011264 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442win32crypt.pyd

2017-12-14 15:03 – 2017-12-14 15:03 – 000218624 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442PIL._imaging.pyd

2017-12-14 15:03 – 2017-12-14 15:03 – 000027648 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442_multiprocessing.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000020480 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442_yappi.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000035840 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442win32process.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000024064 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442win32pipe.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000010240 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442select.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000025600 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442win32pdh.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000059392 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442windows.device_monitor.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000017408 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442win32profile.pyd

2017-12-14 15:04 – 2017-12-14 15:04 – 000022528 _____ () C:UsersadministratorAppDataLocalTemp_MEI42442win32ts.pyd

 

==================== Alternate Information Streams (Whitelisted) =========

 

(If an entry is included within the fixlist, solely the ADS shall be eliminated.)

 

AlternateDataStreams: C:Windowssystem32Driversisiigddb.sys:changelist [284]

 

==================== Protected Mode (Whitelisted) ===================

 

(If an entry is included within the fixlist, it is going to be faraway from the registry. The “AlternateShell” shall be restored.)

 

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkAmmyyAdmin => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => “”=”Service”

 

==================== Affiliation (Whitelisted) ===============

 

(If an entry is included within the fixlist, the registry merchandise shall be restored to default or eliminated.)

 

 

==================== Web Explorer trusted/restricted ===============

 

(If an entry is included within the fixlist, it is going to be faraway from the registry.)

 

 

==================== Hosts content material: ===============================

 

(If wanted Hosts: directive might be included within the fixlist to reset Hosts.)

 

2016-07-16 10:23 – 2016-07-16 10:21 – 000000824 _____ C:Windowssystem32Driversetchosts

 

 

==================== Different Areas ============================

 

(Presently there is no such thing as a automated repair for this part.)

 

HKUS-1-5-21-4017227460-457275624-4033542720-500Control PanelDesktopWallpaper -> C:WindowswebwallpaperWindowsimg0.jpg

DNS Servers: 192.168.10.251 – 127.0.0.1

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

 

==================== MSCONFIG/TASK MANAGER disabled objects ==

 

 

==================== FirewallRules (Whitelisted) ===============

 

(If an entry is included within the fixlist, it is going to be faraway from the registry. The file won’t be moved except listed individually.)

 

FirewallRules: [ComPlusRemoteAdministration-DCOM-In] => (Permit) %systemrootpercentsystem32dllhost.exe

FirewallRules: [SLBM-MUX-IN-TCP] => (Permit) %SystemRootpercentsystem32MuxSvcHost.exe

FirewallRules: [{F46E6A2D-C711-4775-93CA-34A842FCE997}] => (Permit) C:Program Information (x86)TeamViewerTeamViewer.exe

FirewallRules: [{65EE5DC5-F9AC-45EF-B8FD-2F165920382B}] => (Permit) C:Program Information (x86)TeamViewerTeamViewer.exe

FirewallRules: [{C2722FEE-2A17-4EA3-BAA3-A5C0404D263C}] => (Permit) C:Program Information (x86)TeamViewerTeamViewer_Service.exe

FirewallRules: [{644229C8-1D06-4243-9854-0A67B2A475C0}] => (Permit) C:Program Information (x86)TeamViewerTeamViewer_Service.exe

FirewallRules: [NTFRS-NTFRSSvc-In-TCP] => (Permit) %SystemRootpercentsystem32NTFRS.exe

FirewallRules: [DfsMgmt-In-TCP] => (Block) %systemrootpercentsystem32dfsfrsHost.exe

FirewallRules: [DfSMgmt-DCOM-In-TCP] => (Block) %systemrootpercentsystem32svchost.exe

FirewallRules: [DfsMgmt-WMI-In-TCP] => (Block) %systemrootpercentsystem32svchost.exe

FirewallRules: [ADWS-TCP-In] => (Permit) %systemrootpercentADWSMicrosoft.ActiveDirectory.WebServices.exe

FirewallRules: [ADWS-TCP-Out] => (Permit) %systemrootpercentADWSMicrosoft.ActiveDirectory.WebServices.exe

FirewallRules: [DFSR-DFSRSvc-In-TCP] => (Permit) %SystemRootpercentsystem32dfsrs.exe

FirewallRules: [DNSSrv-DNS-TCP-In] => (Permit) %systemrootpercentSystem32dns.exe

FirewallRules: [DNSSrv-DNS-UDP-In] => (Permit) %systemrootpercentSystem32dns.exe

FirewallRules: [DNSSrv-RPC-TCP-In] => (Permit) %systemrootpercentSystem32dns.exe

FirewallRules: [DNSSrv-TCP-Out] => (Permit) %systemrootpercentSystem32dns.exe

FirewallRules: [DNSSrv-UDP-Out] => (Permit) %systemrootpercentSystem32dns.exe

FirewallRules: [{8D8B9A56-8FCA-4D13-90AE-5390F2D5E3A0}] => (Permit) C:Program Information (x86)MaxSyncUpmsusvc.exe

FirewallRules: [{4D1CFD0A-D38A-4EC4-BA0B-4E0893895392}] => (Permit) C:Program Information (x86)MaxSyncUpMaxSyncUp.exe

FirewallRules: [WindowsServerBackup-wbengine-In-TCP-NoScope] => (Permit) %systemrootpercentsystem32wbengine.exe

FirewallRules: [{B7D2464F-B8C2-4DE6-98A4-7094D6C3105D}] => (Permit) C:Program Information (x86)Frequent FilesAcronisAgentagent.exe

FirewallRules: [{052C6012-5549-4658-BC9A-175ADFF90265}] => (Permit) C:Program Information (x86)Frequent FilesAcronisAgentagent.exe

FirewallRules: [{20F721CC-A55A-4471-B42A-EAE0EBEB68C1}] => (Permit) C:Program Information (x86)Frequent FilesAcronisAgentagent.exe

FirewallRules: [{D078C96B-B461-49AF-820E-DE3E84D363A6}] => (Permit) C:Program Information (x86)Frequent FilesAcronisAgentagent.exe

FirewallRules: [{92C4E946-6C93-42AB-A17C-750D45C6B9D5}] => (Permit) C:Program Information (x86)AcronisBackupAndRecoverymms.exe

FirewallRules: [{EC788553-9539-4155-A5D8-7F97023F6C16}] => (Permit) C:Program Information (x86)AcronisBackupAndRecoverymms.exe

FirewallRules: [{EDB09A11-A6EC-4A50-84B4-75F861BF6FD8}] => (Permit) C:Program Information (x86)AcronisBackupAndRecoverymms.exe

FirewallRules: [{5F8828A2-B25C-40A9-8A7D-8AE26499D674}] => (Permit) C:Program Information (x86)AcronisBackupAndRecoverymms.exe

FirewallRules: [{54D495F2-E070-410A-A35C-B2E8337CC633}] => (Permit) C:Program Information (x86)GoogleChromeApplicationchrome.exe

 

==================== Restore Factors =========================

 

ATTENTION: System Restore is disabled

Test “winmgmt” service or restore WMI.

 

 

==================== Defective System Supervisor Units =============

 

 

==================== Occasion log errors: =========================

 

Software errors:

==================

Error: (12/26/2017 08:00:10 PM) (Supply: VSS) (EventID: 8194) (Consumer: )

Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.

.

A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.

 

 

Operación:

   Recopilando datos del escritor

 

Contexto:

   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}

   Nombre del escritor: System Author

   Id. de instancia del escritor: {70cac2ee-ea7e-4c7e-b206-7bcf82e5f715}

 

Error: (12/25/2017 08:00:12 PM) (Supply: VSS) (EventID: 8194) (Consumer: )

Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.

.

A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.

 

 

Operación:

   Recopilando datos del escritor

 

Contexto:

   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}

   Nombre del escritor: System Author

   Id. de instancia del escritor: {70cac2ee-ea7e-4c7e-b206-7bcf82e5f715}

 

Error: (12/24/2017 08:00:11 PM) (Supply: VSS) (EventID: 8194) (Consumer: )

Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.

.

A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.

 

 

Operación:

   Recopilando datos del escritor

 

Contexto:

   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}

   Nombre del escritor: System Author

   Id. de instancia del escritor: {70cac2ee-ea7e-4c7e-b206-7bcf82e5f715}

 

Error: (12/23/2017 08:00:11 PM) (Supply: VSS) (EventID: 8194) (Consumer: )

Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.

.

A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.

 

 

Operación:

   Recopilando datos del escritor

 

Contexto:

   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}

   Nombre del escritor: System Author

   Id. de instancia del escritor: {70cac2ee-ea7e-4c7e-b206-7bcf82e5f715}

 

Error: (12/22/2017 08:00:11 PM) (Supply: VSS) (EventID: 8194) (Consumer: )

Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.

.

A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.

 

 

Operación:

   Recopilando datos del escritor

 

Contexto:

   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}

   Nombre del escritor: System Author

   Id. de instancia del escritor: {70cac2ee-ea7e-4c7e-b206-7bcf82e5f715}

 

Error: (12/21/2017 08:01:02 PM) (Supply: VSS) (EventID: 8194) (Consumer: )

Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.

.

A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.

 

 

Operación:

   Recopilando datos del escritor

 

Contexto:

   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}

   Nombre del escritor: System Author

   Id. de instancia del escritor: {70cac2ee-ea7e-4c7e-b206-7bcf82e5f715}

 

Error: (12/20/2017 08:00:09 PM) (Supply: VSS) (EventID: 8194) (Consumer: )

Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.

.

A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.

 

 

Operación:

   Recopilando datos del escritor

 

Contexto:

   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}

   Nombre del escritor: System Author

   Id. de instancia del escritor: {70cac2ee-ea7e-4c7e-b206-7bcf82e5f715}

 

Error: (12/19/2017 08:00:09 PM) (Supply: VSS) (EventID: 8194) (Consumer: )

Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.

.

A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.

 

 

Operación:

   Recopilando datos del escritor

 

Contexto:

   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}

   Nombre del escritor: System Author

   Id. de instancia del escritor: {70cac2ee-ea7e-4c7e-b206-7bcf82e5f715}

 

Error: (12/18/2017 08:00:08 PM) (Supply: VSS) (EventID: 8194) (Consumer: )

Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.

.

A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.

 

 

Operación:

   Recopilando datos del escritor

 

Contexto:

   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}

   Nombre del escritor: System Author

   Id. de instancia del escritor: {70cac2ee-ea7e-4c7e-b206-7bcf82e5f715}

 

Error: (12/17/2017 08:01:06 PM) (Supply: VSS) (EventID: 8194) (Consumer: )

Description: Error del Servicio de instantáneas de volumen: error inesperado al consultar la interfaz IVssWriterCallback. HR = 0x80070005, Acceso denegado.

.

A menudo ocurre por una configuración de seguridad incorrecta en el proceso de escritura o de solicitud.

 

 

Operación:

   Recopilando datos del escritor

 

Contexto:

   Id. de clase del escritor: {e8132975-6f93-4464-a53e-1050253ae220}

   Nombre del escritor: System Author

   Id. de instancia del escritor: {70cac2ee-ea7e-4c7e-b206-7bcf82e5f715}

 

 

System errors:

=============

Error: (12/27/2017 11:43:44 AM) (Supply: NETLOGON) (EventID: 5774) (Consumer: )

Description: Error en el registro dinámico del registro DNS ‘_kpasswd._udp.community.fundasamin.org.ar. 600 IN SRV 0 100 464 ALFA.community.fundasamin.org.ar.’ en el siguiente servidor DNS:

 

 

 

Dirección IP del servidor DNS: 74.124.210.242

 

Código de respuesta devuelto (RCODE): 5

 

Código de estado devuelto: 9017

 

 

 

Para que los equipos y usuarios puedan localizar este controlador de dominio, este registro deberá

registrarse en DNS.

 

 

 

ACCIÓN DEL USUARIO

See also  iPad Interactive Whiteboard

 

 

Decide la causa del error, solucione el problema e inicie el registro de los

registros DNS mediante el controlador de dominio. Para determinar la causa del

error, ejecute DCDiag.exe. Para obtener más información acerca de DCDiag.exe, consulte el Centro de ayuda

y soporte técnico. Para iniciar el registro de los registros DNS mediante este controlador de 

dominio, ejecute ‘nltest.exe /dsregdns’ desde el símbolo del sistema en el controlador de dominio

o reinicie el servicio de Web Logon. 

  También puede agregar manualmente este registro a DNS, pero

no se recomienda.

 

 

 

DATOS ADICIONALES

 

Valor del error: Clave DNS incorrecta.

 

Error: (12/27/2017 11:43:42 AM) (Supply: NETLOGON) (EventID: 5774) (Consumer: )

Description: Error en el registro dinámico del registro DNS ‘_kpasswd._tcp.community.fundasamin.org.ar. 600 IN SRV 0 100 464 ALFA.community.fundasamin.org.ar.’ en el siguiente servidor DNS:

 

 

 

Dirección IP del servidor DNS: 74.124.210.242

 

Código de respuesta devuelto (RCODE): 5

 

Código de estado devuelto: 9017

 

 

 

Para que los equipos y usuarios puedan localizar este controlador de dominio, este registro deberá

registrarse en DNS.

 

 

 

ACCIÓN DEL USUARIO

 

 

Decide la causa del error, solucione el problema e inicie el registro de los

registros DNS mediante el controlador de dominio. Para determinar la causa del

error, ejecute DCDiag.exe. Para obtener más información acerca de DCDiag.exe, consulte el Centro de ayuda

y soporte técnico. Para iniciar el registro de los registros DNS mediante este controlador de 

dominio, ejecute ‘nltest.exe /dsregdns’ desde el símbolo del sistema en el controlador de dominio

o reinicie el servicio de Web Logon. 

  También puede agregar manualmente este registro a DNS, pero

no se recomienda.

 

 

 

DATOS ADICIONALES

 

Valor del error: Clave DNS incorrecta.

 

Error: (12/27/2017 11:43:39 AM) (Supply: NETLOGON) (EventID: 5774) (Consumer: )

Description: Error en el registro dinámico del registro DNS ‘_kerberos._udp.community.fundasamin.org.ar. 600 IN SRV 0 100 88 ALFA.community.fundasamin.org.ar.’ en el siguiente servidor DNS:

 

 

 

Dirección IP del servidor DNS: 74.124.210.242

 

Código de respuesta devuelto (RCODE): 5

 

Código de estado devuelto: 9017

 

 

 

Para que los equipos y usuarios puedan localizar este controlador de dominio, este registro deberá

registrarse en DNS.

 

 

 

ACCIÓN DEL USUARIO

 

 

Decide la causa del error, solucione el problema e inicie el registro de los

registros DNS mediante el controlador de dominio. Para determinar la causa del

error, ejecute DCDiag.exe. Para obtener más información acerca de DCDiag.exe, consulte el Centro de ayuda

y soporte técnico. Para iniciar el registro de los registros DNS mediante este controlador de 

dominio, ejecute ‘nltest.exe /dsregdns’ desde el símbolo del sistema en el controlador de dominio

o reinicie el servicio de Web Logon. 

  También puede agregar manualmente este registro a DNS, pero

no se recomienda.

 

 

 

DATOS ADICIONALES

 

Valor del error: Clave DNS incorrecta.

 

Error: (12/27/2017 11:43:37 AM) (Supply: NETLOGON) (EventID: 5774) (Consumer: )

Description: Error en el registro dinámico del registro DNS ‘_kerberos._tcp.Default-First-Web site-Identify._sites.community.fundasamin.org.ar. 600 IN SRV 0 100 88 ALFA.community.fundasamin.org.ar.’ en el siguiente servidor DNS:

 

 

 

Dirección IP del servidor DNS: 74.124.210.242

 

Código de respuesta devuelto (RCODE): 5

 

Código de estado devuelto: 9017

 

 

 

Para que los equipos y usuarios puedan localizar este controlador de dominio, este registro deberá

registrarse en DNS.

 

 

 

ACCIÓN DEL USUARIO

 

 

Decide la causa del error, solucione el problema e inicie el registro de los

registros DNS mediante el controlador de dominio. Para determinar la causa del

error, ejecute DCDiag.exe. Para obtener más información acerca de DCDiag.exe, consulte el Centro de ayuda

y soporte técnico. Para iniciar el registro de los registros DNS mediante este controlador de 

dominio, ejecute ‘nltest.exe /dsregdns’ desde el símbolo del sistema en el controlador de dominio

o reinicie el servicio de Web Logon. 

  También puede agregar manualmente este registro a DNS, pero

no se recomienda.

 

 

 

DATOS ADICIONALES

 

Valor del error: Clave DNS incorrecta.

 

Error: (12/27/2017 11:43:34 AM) (Supply: NETLOGON) (EventID: 5774) (Consumer: )

Description: Error en el registro dinámico del registro DNS ‘_kerberos._tcp.community.fundasamin.org.ar. 600 IN SRV 0 100 88 ALFA.community.fundasamin.org.ar.’ en el siguiente servidor DNS:

 

 

 

Dirección IP del servidor DNS: 74.124.210.242

 

Código de respuesta devuelto (RCODE): 5

 

Código de estado devuelto: 9017

 

 

 

Para que los equipos y usuarios puedan localizar este controlador de dominio, este registro deberá

registrarse en DNS.

 

 

 

ACCIÓN DEL USUARIO

 

 

Decide la causa del error, solucione el problema e inicie el registro de los

registros DNS mediante el controlador de dominio. Para determinar la causa del

error, ejecute DCDiag.exe. Para obtener más información acerca de DCDiag.exe, consulte el Centro de ayuda

y soporte técnico. Para iniciar el registro de los registros DNS mediante este controlador de 

dominio, ejecute ‘nltest.exe /dsregdns’ desde el símbolo del sistema en el controlador de dominio

o reinicie el servicio de Web Logon. 

  También puede agregar manualmente este registro a DNS, pero

no se recomienda.

 

 

 

DATOS ADICIONALES

 

Valor del error: Clave DNS incorrecta.

 

Error: (12/27/2017 11:43:32 AM) (Supply: NETLOGON) (EventID: 5774) (Consumer: )

Description: Error en el registro dinámico del registro DNS ‘_kerberos._tcp.Default-First-Web site-Identify._sites.dc._msdcs.community.fundasamin.org.ar. 600 IN SRV 0 100 88 ALFA.community.fundasamin.org.ar.’ en el siguiente servidor DNS:

 

 

 

Dirección IP del servidor DNS: 74.124.210.242

 

Código de respuesta devuelto (RCODE): 5

 

Código de estado devuelto: 9017

 

 

 

Para que los equipos y usuarios puedan localizar este controlador de dominio, este registro deberá

registrarse en DNS.

 

 

 

ACCIÓN DEL USUARIO

 

 

Decide la causa del error, solucione el problema e inicie el registro de los

registros DNS mediante el controlador de dominio. Para determinar la causa del

error, ejecute DCDiag.exe. Para obtener más información acerca de DCDiag.exe, consulte el Centro de ayuda

y soporte técnico. Para iniciar el registro de los registros DNS mediante este controlador de 

dominio, ejecute ‘nltest.exe /dsregdns’ desde el símbolo del sistema en el controlador de dominio

o reinicie el servicio de Web Logon. 

  También puede agregar manualmente este registro a DNS, pero

no se recomienda.

 

 

 

DATOS ADICIONALES

 

Valor del error: Clave DNS incorrecta.

 

Error: (12/27/2017 11:43:29 AM) (Supply: NETLOGON) (EventID: 5774) (Consumer: )

Description: Error en el registro dinámico del registro DNS ‘_kerberos._tcp.dc._msdcs.community.fundasamin.org.ar. 600 IN SRV 0 100 88 ALFA.community.fundasamin.org.ar.’ en el siguiente servidor DNS:

 

 

 

Dirección IP del servidor DNS: 74.124.210.242

 

Código de respuesta devuelto (RCODE): 5

 

Código de estado devuelto: 9017

 

 

 

Para que los equipos y usuarios puedan localizar este controlador de dominio, este registro deberá

registrarse en DNS.

 

 

 

ACCIÓN DEL USUARIO

 

 

Decide la causa del error, solucione el problema e inicie el registro de los

registros DNS mediante el controlador de dominio. Para determinar la causa del

error, ejecute DCDiag.exe. Para obtener más información acerca de DCDiag.exe, consulte el Centro de ayuda

y soporte técnico. Para iniciar el registro de los registros DNS mediante este controlador de 

dominio, ejecute ‘nltest.exe /dsregdns’ desde el símbolo del sistema en el controlador de dominio

o reinicie el servicio de Web Logon. 

  También puede agregar manualmente este registro a DNS, pero

no se recomienda.

 

 

 

DATOS ADICIONALES

 

Valor del error: Clave DNS incorrecta.

 

Error: (12/27/2017 11:43:27 AM) (Supply: NETLOGON) (EventID: 5774) (Consumer: )

Description: Error en el registro dinámico del registro DNS ‘_gc._tcp.Default-First-Web site-Identify._sites.community.fundasamin.org.ar. 600 IN SRV 0 100 3268 ALFA.community.fundasamin.org.ar.’ en el siguiente servidor DNS:

 

 

 

Dirección IP del servidor DNS: 74.124.210.242

 

Código de respuesta devuelto (RCODE): 5

 

Código de estado devuelto: 9017

 

 

 

Para que los equipos y usuarios puedan localizar este controlador de dominio, este registro deberá

registrarse en DNS.

 

 

 

ACCIÓN DEL USUARIO

 

 

Decide la causa del error, solucione el problema e inicie el registro de los

registros DNS mediante el controlador de dominio. Para determinar la causa del

error, ejecute DCDiag.exe. Para obtener más información acerca de DCDiag.exe, consulte el Centro de ayuda

y soporte técnico. Para iniciar el registro de los registros DNS mediante este controlador de 

dominio, ejecute ‘nltest.exe /dsregdns’ desde el símbolo del sistema en el controlador de dominio

o reinicie el servicio de Web Logon. 

  También puede agregar manualmente este registro a DNS, pero

no se recomienda.

 

 

 

DATOS ADICIONALES

 

Valor del error: Clave DNS incorrecta.

 

Error: (12/27/2017 11:43:24 AM) (Supply: NETLOGON) (EventID: 5774) (Consumer: )

Description: Error en el registro dinámico del registro DNS ‘_gc._tcp.community.fundasamin.org.ar. 600 IN SRV 0 100 3268 ALFA.community.fundasamin.org.ar.’ en el siguiente servidor DNS:

 

 

 

Dirección IP del servidor DNS: 74.124.210.242

 

Código de respuesta devuelto (RCODE): 5

 

Código de estado devuelto: 9017

 

 

 

Para que los equipos y usuarios puedan localizar este controlador de dominio, este registro deberá

registrarse en DNS.

 

 

 

ACCIÓN DEL USUARIO

 

 

Decide la causa del error, solucione el problema e inicie el registro de los

registros DNS mediante el controlador de dominio. Para determinar la causa del

error, ejecute DCDiag.exe. Para obtener más información acerca de DCDiag.exe, consulte el Centro de ayuda

y soporte técnico. Para iniciar el registro de los registros DNS mediante este controlador de 

dominio, ejecute ‘nltest.exe /dsregdns’ desde el símbolo del sistema en el controlador de dominio

o reinicie el servicio de Web Logon. 

  También puede agregar manualmente este registro a DNS, pero

no se recomienda.

 

 

 

DATOS ADICIONALES

 

Valor del error: Clave DNS incorrecta.

 

Error: (12/27/2017 11:43:22 AM) (Supply: NETLOGON) (EventID: 5774) (Consumer: )

Description: Error en el registro dinámico del registro DNS ‘_ldap._tcp.Default-First-Web site-Identify._sites.dc._msdcs.community.fundasamin.org.ar. 600 IN SRV 0 100 389 ALFA.community.fundasamin.org.ar.’ en el siguiente servidor DNS:

 

 

 

Dirección IP del servidor DNS: 74.124.210.242

 

Código de respuesta devuelto (RCODE): 5

 

Código de estado devuelto: 9017

 

 

 

Para que los equipos y usuarios puedan localizar este controlador de dominio, este registro deberá

registrarse en DNS.

 

 

 

ACCIÓN DEL USUARIO

 

 

Decide la causa del error, solucione el problema e inicie el registro de los

registros DNS mediante el controlador de dominio. Para determinar la causa del

error, ejecute DCDiag.exe. Para obtener más información acerca de DCDiag.exe, consulte el Centro de ayuda

y soporte técnico. Para iniciar el registro de los registros DNS mediante este controlador de 

dominio, ejecute ‘nltest.exe /dsregdns’ desde el símbolo del sistema en el controlador de dominio

o reinicie el servicio de Web Logon. 

  También puede agregar manualmente este registro a DNS, pero

no se recomienda.

 

 

 

DATOS ADICIONALES

 

Valor del error: Clave DNS incorrecta.

 

 

CodeIntegrity:

===================================

  Date: 2017-12-19 11:18:54.472

  Description: Code Integrity decided {that a} course of (DeviceHarddiskVolume3WindowsSystem32svchost.exe) tried to load DeviceHarddiskVolume3Program FilesEmsisoft Anti-Malwarea2hooks64.dll that didn’t meet the Home windows signing degree necessities.

 

  Date: 2017-12-17 03:15:30.427

  Description: Code Integrity decided {that a} course of (DeviceHarddiskVolume3WindowsSystem32svchost.exe) tried to load DeviceHarddiskVolume3Program FilesEmsisoft Anti-Malwarea2hooks64.dll that didn’t meet the Home windows signing degree necessities.

 

  Date: 2017-12-17 03:10:21.462

  Description: Code Integrity decided {that a} course of (DeviceHarddiskVolume3WindowsSystem32svchost.exe) tried to load DeviceHarddiskVolume3Program FilesEmsisoft Anti-Malwarea2hooks64.dll that didn’t meet the Home windows signing degree necessities.

 

  Date: 2017-12-16 22:43:16.269

  Description: Code Integrity decided {that a} course of (DeviceHarddiskVolume3WindowsSystem32svchost.exe) tried to load DeviceHarddiskVolume3Program FilesEmsisoft Anti-Malwarea2hooks64.dll that didn’t meet the Home windows signing degree necessities.

 

  Date: 2017-12-16 22:43:09.647

  Description: Code Integrity decided {that a} course of (DeviceHarddiskVolume3Program Information (x86)GoogleChromeApplicationchrome.exe) tried to load DeviceHarddiskVolume3Program FilesMalwarebytesAnti-Malwarembae64.dll that didn’t meet the Microsoft signing degree necessities.

 

  Date: 2017-12-16 19:19:30.402

  Description: Code Integrity decided {that a} course of (DeviceHarddiskVolume3WindowsSystem32svchost.exe) tried to load DeviceHarddiskVolume3Program FilesEmsisoft Anti-Malwarea2hooks64.dll that didn’t meet the Home windows signing degree necessities.

 

 

==================== Reminiscence data =========================== 

 

Processor: Intel® Xeon® CPU E5-2609 v4 @ 1.70GHz

Share of reminiscence in use: 35%

Whole bodily RAM: 16118.62 MB

Accessible bodily RAM: 10429.66 MB

Whole Digital: 23243.31 MB

Accessible Digital: 11418.54 MB

 

==================== Drives ================================

 

Drive c: () (Fastened) (Whole:1862.76 GB) (Free:421.85 GB) NTFS

Drive f: () (Fastened) (Whole:1862.98 GB) (Free:1702.61 GB) NTFS

 

==================== MBR & Partition Desk ==================

 

========================================================

Disk: 0 (Dimension: 1863 GB) (Disk ID: 00000000)

 

Partition: GPT.

 

========================================================

Disk: 1 (Dimension: 1863 GB) (Disk ID: 16F2A91F)

 

Partition: GPT.

 

==================== Finish of Addition.txt ============================

Leave a Reply

Your email address will not be published.