And here is the addition text :
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28.09.2018
Ran by Cableman (23-10-2018 14:40:23)
Running from E:\Downloads (E Disc)
Windows 7 Ultimate Service Pack 1 (X64) (2014-11-04 22:03:17)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-472246324-4182351025-1742220698-500 - Administrator - Disabled)
Alienvape (S-1-5-21-472246324-4182351025-1742220698-1003 - Administrator - Enabled) => C:\Users\Alienvape
ASPNET (S-1-5-21-472246324-4182351025-1742220698-1002 - Limited - Enabled)
Cableman (S-1-5-21-472246324-4182351025-1742220698-1000 - Administrator - Enabled) => C:\Users\Cableman
Guest (S-1-5-21-472246324-4182351025-1742220698-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {EA21BCE8-A461-99C3-3A0D-4C964E75494E}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Bitdefender Antivirus Free Antimalware (Enabled - Up to date) {51405D0C-825B-964D-00BD-77E435F203F3}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-472246324-4182351025-1742220698-1000\...\uTorrent) (Version: 3.5.3.44358 - BitTorrent Inc.)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.008.20074 - Adobe Systems Incorporated)
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 29 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{308F2F8C-9D33-4B22-8A6C-D9C13DBEF8C6}) (Version: 7.0.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0CB84A7D-9697-4526-A819-60FB050E8F05}) (Version: 7.0.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{77F8C879-88CD-4145-945A-541C35285285}) (Version: 12.0.0.1039 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 1.0.1 - Bitdefender)
Bitdefender Antivirus Free (HKLM\...\{1FCCF41D-5F00-4FE2-9653-162D0486C8B4}) (Version: 1.0.5.14 - Bitdefender)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brother MFL-Pro Suite MFC-J475DW (HKLM-x32\...\{7B4C83B6-17C1-4BFD-B86D-4D7AD4498CBB}) (Version: 1.0.3.0 - Brother Industries, Ltd.)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{3A8008D5-C834-1CA9-68CB-E9F49F0AB120}) (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{884596CF-79B1-13A0-7334-563BB3A75F45}) (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{223D250A-AABB-A9AA-7D07-7FA086D7BF62}) (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{58714532-951F-0C3A-8860-2ED7411C6D85}) (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{1D89886C-1BC7-978A-7790-BDF741552029}) (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{C2E207A0-6375-140A-3170-50737EB32D29}) (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{FF8A9A91-1E72-EE4A-04DA-6E7F65CB626D}) (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{78B5E5BC-C2B2-3439-0750-C9FC7AAE173B}) (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{28B38E4C-1FCC-0AB9-F2CE-7079DF8CF8A5}) (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{6CD61388-4F40-E91A-17A1-E821F0BB92E1}) (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{F38E5A65-9C76-3757-9D69-672FACA088D4}) (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{994B3C1F-F48C-B29E-D88A-06322D70B45C}) (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{7C42C52E-DFF2-8BD6-5134-DCB5FBB8A5EE}) (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{3372CE65-1178-B53F-C228-254C7F7F118F}) (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{80C20F9B-C28F-E3ED-726C-86BFC24EEE3B}) (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{16FC5B97-5AC3-056E-1A1B-FF36B790575E}) (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{D955A619-B0BA-FB07-0590-675FA7A127CF}) (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{686AF1D4-4D23-8115-9968-FE32775067C8}) (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{168E9C24-F28F-D630-74BB-4F4D66CFC871}) (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{66F96B6D-33A7-938C-2910-CA9C76E00742}) (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{59546E97-8B2F-0F51-5191-BF19438164A8}) (Version: 2016.0718.1747.30147 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform)
ConvertXtoDVD 4.1.19.365 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.365 - )
Dreams Casino (HKLM-x32\...\{B8D65208-7D74-4510-ADCE-E328BF744980}) (Version: 18.07.0-RTG - RealTimeGaming Software)
DriverDR 6.5.0 (HKLM\...\DriverDR_is1) (Version: 6.5.0.0 - DriverDR.com)
Electrum-LTC (HKU\S-1-5-21-472246324-4182351025-1742220698-1000\...\Electrum-LTC) (Version: 2.6.4.2 - Electrum Technologies GmbH)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.67 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malwarebytes version 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mozilla Firefox 60.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 60.0.1 (x64 en-US)) (Version: 60.0.1 - Mozilla)
Mozilla Firefox 62.0.3 (x64 en-US) (HKLM\...\Mozilla Firefox 62.0.3 (x64 en-US)) (Version: 62.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 60.0.2 - Mozilla)
Mozilla Thunderbird 52.9.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.9.1 (x86 en-US)) (Version: 52.9.1 - Mozilla)
MultiBit HD 0.5.1 (HKLM\...\6925-4794-5772-4956) (Version: 0.5.1 - KeepKey,LLC)
Nuance PaperPort 12 (HKLM-x32\...\{869FCC6C-5669-4B0B-827E-2BBAACD88A87}) (Version: 12.1.0006 - Nuance Communications, Inc.)
Nuance PDF Viewer Plus (HKLM-x32\...\{28656860-4728-433C-8AD4-D1A930437BC8}) (Version: 5.30.3290 - Nuance Communications, Inc)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0000 - Nuance Communications, Inc.)
Plarium Play (HKLM-x32\...\{2E1A784A-C6F3-4BBA-B953-3EEEFC0EADE4}) (Version: 2.0.0.0 - Plarium) Hidden
Plarium Play (HKU\S-1-5-21-472246324-4182351025-1742220698-1000\...\{5482783f-c6d5-4834-9ef7-bed55f1750e1}) (Version: 2.0.0.0 - Plarium)
Quick JPEG Image Resize and Crop (HKLM-x32\...\{2FDB98BE-6E6D-4543-A5FD-C4ABB6214FC9}) (Version: 1.0.0 - zzornixnet)
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.10-r123135-release - Raptr, Inc)
RoboForm 7-9-31-1 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-31-1 - Siber Systems)
RogueKiller version 12.13.5.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.13.5.0 - Adlice Software)
Scansoft PDF Professional (HKLM-x32\...\{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}) (Version: - ) Hidden
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
SWvape 1.10 (HKLM-x32\...\SWvape) (Version: 1.10 - SnowWolf)
TuneUp Utilities 2012 (HKLM-x32\...\{32364CEA-7855-4A3C-B674-53D8E9B97936}) (Version: 12.0.2012.117 - TuneUp Software) Hidden
TuneUp Utilities 2012 (HKLM-x32\...\TuneUp Utilities 2012) (Version: 12.0.2012.117 - TuneUp Software)
TuneUp Utilities Language Pack (en-US) (HKLM-x32\...\{A95A76C9-6F65-477E-83A0-9F884B6DC21B}) (Version: 12.0.2012.117 - TuneUp Software) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0-2) (Version: 1.0.17.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
WinDirStat 1.1.2 (HKU\S-1-5-21-472246324-4182351025-1742220698-1000\...\WinDirStat) (Version: - )
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
Wisdom-soft ScreenHunter 6.0 Pro (HKLM-x32\...\Wisdom-soft ScreenHunter 6.0 Pro) (Version: - Wisdom Software Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\TuneUp Utilities 2012\SDShelEx-x64.dll [2011-10-12] (TuneUp Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {109A5B93-6535-4C9D-A4DA-88CDF83D241E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\Overseer.exe [2018-09-20] (AVAST Software)
Task: {152B9F39-8139-40DD-A58D-D27AF5DACF33} - System32\Tasks\{322D0C4F-6480-4025-A220-F0062D278362} => C:\Windows\system32\pcalua.exe -a C:\Users\Cableman\AppData\Local\Temp\jre-8u73-windows-au.exe -d "C:\Program Files (x86)\Common Files\Java\Java Update" -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {312BD938-A0D2-49C1-8F08-98BB9C922F0C} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2018-07-31] (Bitdefender)
Task: {3A2ADC24-413D-43FD-8E05-7E665859EADD} - System32\Tasks\{F795EA66-7CC9-4721-A632-F337E6C71C2E} => C:\Windows\system32\pcalua.exe -a C:\Users\Cableman\Downloads\install_easyshare.exe -d C:\Users\Cableman\Downloads
Task: {42B3AA22-C1A9-4279-9003-7D1ED44DAFAF} - System32\Tasks\EasyShare Registration Task => C:\Windows\system32\rundll32.exe C:\PROGRA~3\Kodak\EasyShareSetup\$REGIS~1\Registration_8.3.30.1.sxt _RegistrationOffer@16
Task: {44CD2235-AC3A-43DE-854F-99E8818FFE85} - System32\Tasks\Open URL by RoboForm => C:\Windows\system32\rundll32.exe url.dll,FileProtocolHandler "hxxps://
www.roboform.com/test-pass.html?aaa=KICMJLLMKMJLNMGMHMHMCNJMKMLMNMCNKLKLNMNLCNJMMLKMNLCNJMJLLMKLJLNMNLLMGMKLGMPMJNJICMIMCNGMCNMMOMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMEKMICNJJCKFMNMKMIMIMJNHICMEKMICNJJCKJNBJCMFLAJMIKJPIHJPNKLNIGJMJPNMKCJGJLIHJJNKJC (the data entry has 70 more characters).
Task: {4B72D81B-F319-4BFC-9694-17730164B605} - System32\Tasks\{F8033A37-DF19-4014-B889-46CCB2539EE0} => C:\Windows\system32\pcalua.exe -a "E:\Downloads (E Disc)\install_easyshare(1).exe" -d "E:\Downloads (E Disc)"
Task: {64954FCB-9E4D-4945-B25F-DB30E4695707} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-21] (Oracle Corporation)
Task: {65EE791C-C81A-492F-A1E4-2AEE37009A3E} - System32\Tasks\{BD660FDA-AFB1-4B27-8172-4C24A4C63963} => C:\Windows\system32\pcalua.exe -a D:\CH340SER.EXE -d D:\
Task: {6A788492-F89A-42F5-BB13-457B56D71F29} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [2018-10-18] (Adobe Systems Incorporated)
Task: {7D1E889D-BB66-409B-9BEA-3B34C407F108} - System32\Tasks\DriverDR Scheduled Scan => C:\Program Files\DriverDR.com\DriverDR\DriverDR.exe [2016-12-12] (DriverDR.com)
Task: {91C3AC90-3654-4096-ADA4-A26AE459A896} - System32\Tasks\AdobeAAMUpdater-1.0-Cableman-PC-Cableman => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-02-03] (Adobe Systems Incorporated)
Task: {9A67BB4B-90DA-477D-8F93-CC6437F77015} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {9F9EC7CA-5947-4698-AFB7-E39FDD15A238} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-28] (Google Inc.)
Task: {AE65B875-E28C-4E90-854F-75FF535C7284} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2016-07-18] (Advanced Micro Devices, Inc.)
Task: {B481C4E9-274C-4DEF-8EBB-0FDA8DD94524} - System32\Tasks\{533492E2-CD07-432B-A8E0-FACBCFBD7843} => C:\Windows\system32\pcalua.exe -a C:\Users\Cableman\AppData\Local\Temp\jre-8u77-windows-au.exe -d "C:\Program Files (x86)\Common Files\Java\Java Update" -c /installmethod=jau FAMILYUPGRADE=1 <==== ATTENTION
Task: {B4B19044-AC51-404E-AF6B-9F97D9F36921} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {C72DA0F5-4F9E-4E92-B14C-4C45F7F68884} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-05-19] (Piriform Ltd)
Task: {CEF6C372-4F49-4753-B256-FC506596628F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-28] (Google Inc.)
Task: {E60A1567-8E35-47C1-B421-D22C6C0CCA8F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {FEA6FB26-2A04-401D-8421-8DDAA5802B80} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2018-01-21] (Siber Systems)
Task: {FF1B02A6-A51A-448D-83C3-E1DFD26D22FC} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_171_pepper.exe [2018-05-15] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DriverDR Scheduled Scan.job => C:\Program Files\DriverDR.com\DriverDR\DriverDR.exe--scan C:\Program Files\DriverDR.com
Task: C:\Windows\Tasks\EasyShare Registration Task.job => rundll32.exe C:\PROGRA~3\Kodak\EasyShareSetup\$REGIS~1\Registration_8.3.30.1.sxt
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-08-22 22:18 - 2018-08-22 22:18 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-08-22 22:18 - 2018-08-22 22:18 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-02-16 15:50 - 2018-06-07 04:14 - 000278280 _____ () C:\Program Files\Bitdefender Antivirus Free\txmlutil.dll
2018-05-08 08:26 - 2018-05-08 08:26 - 000992704 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_02639_002\ashttpbr.mdl
2018-05-08 08:26 - 2018-05-08 08:26 - 000543344 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_02639_002\ashttpdsp.mdl
2018-05-08 08:26 - 2018-05-08 08:26 - 003228632 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_02639_002\ashttpph.mdl
2018-05-08 08:26 - 2018-05-08 08:26 - 001527808 _____ () C:\Program Files\Bitdefender Antivirus Free\Signatures\OTEngines\OTEngines_02639_002\ashttprbl.mdl
2012-09-13 00:38 - 2012-09-13 00:38 - 000264040 _____ () E:\program Files\LWS\Webcam Software\CameraHelperShell.exe
2018-10-16 17:38 - 2018-10-15 20:01 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.67\libglesv2.dll
2018-10-16 17:38 - 2018-10-15 20:01 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.67\libegl.dll
2018-10-09 14:35 - 2018-10-09 14:35 - 031308288 _____ () C:\Users\Cableman\AppData\Local\Google\Chrome\User Data\PepperFlash\31.0.0.122\pepflashplayer.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 002144104 _____ () E:\program Files\LWS\Webcam Software\QtCore4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 007955304 _____ () E:\program Files\LWS\Webcam Software\QtGui4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 000341352 _____ () E:\program Files\LWS\Webcam Software\QtXml4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 000028008 _____ () E:\program Files\LWS\Webcam Software\imageformats\QGif4.dll
2012-09-13 00:38 - 2012-09-13 00:38 - 000127336 _____ () E:\program Files\LWS\Webcam Software\imageformats\QJpeg4.dll
2012-09-13 00:39 - 2012-09-13 00:39 - 000336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Windows\system32\atieclxx.exe:BDU [1]
AlternateDataStreams: C:\Users\Cableman\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_0news-1751121550 [2302]
AlternateDataStreams: C:\Users\Cableman\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_1messages-431041656 [2302]
AlternateDataStreams: C:\Users\Cableman\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_2events-250898981 [2302]
AlternateDataStreams: C:\Users\Cableman\AppData\Roaming\Microsoft\Windows\Start Menu\Facebook.website:TASKICON_3friends-215113587 [2302]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2016-11-01 03:28 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-472246324-4182351025-1742220698-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Cableman\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\startupreg: uTorrent => "C:\Users\Cableman\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{C7382027-A9BF-4D07-AFA6-DDEFA1635802}C:\program files\multibit hd\multibit-hd.exe] => (Allow) C:\program files\multibit hd\multibit-hd.exe
FirewallRules: [UDP Query User{C1DAFF23-EFB9-4852-9915-B90F6C08BA69}C:\program files\multibit hd\multibit-hd.exe] => (Allow) C:\program files\multibit hd\multibit-hd.exe
FirewallRules: [{21D54765-7A5C-4E3E-932E-BCC9321E312E}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{B097CEAA-E65F-49B6-85C8-14D3E043372B}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{26DD1240-1DCA-42FC-8793-C174A17D21E4}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{E98B12FE-3D80-4A82-B470-8A820646A251}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{D62B1FDB-4A70-4182-B4E8-B282DAB11F21}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{6F0D7993-2FFE-4A3D-831D-53580720A851}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
FirewallRules: [{65EEB2D1-6FEA-4F74-81C9-6C2158A7F532}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [{30ED9D58-7207-41EB-80C3-FAFB0A273E93}] => (Allow) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{9C1323C5-36FC-45AE-AEE9-28A550A0A2CB}C:\program files\multibit hd\multibit-hd.exe] => (Allow) C:\program files\multibit hd\multibit-hd.exe
FirewallRules: [UDP Query User{771A8BF9-EEE3-4159-A240-AE96F503E6C5}C:\program files\multibit hd\multibit-hd.exe] => (Allow) C:\program files\multibit hd\multibit-hd.exe
FirewallRules: [{FA91D765-D533-49D5-AD9A-4C9A090E6771}] => (Allow) C:\Users\Cableman\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C78E8A1C-75DB-4D1D-AEE0-DBD404503420}] => (Allow) C:\Users\Cableman\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{48484C7B-449A-428F-B3FE-DB40F11FF40F}E:\program files\firefox.exe] => (Allow) E:\program files\firefox.exe
FirewallRules: [UDP Query User{CF038AFA-E209-468A-BA1A-4FD2608AEFA5}E:\program files\firefox.exe] => (Allow) E:\program files\firefox.exe
FirewallRules: [TCP Query User{598106F8-600A-4FC3-B4A3-13AAABAD17B0}E:\$recycle.bin\bitcoin info\all things bitcoin\ip reporter\ipreporter.exe] => (Allow) E:\$recycle.bin\bitcoin info\all things bitcoin\ip reporter\ipreporter.exe
FirewallRules: [UDP Query User{02B76AC4-612A-48E2-828A-16F697FD180D}E:\$recycle.bin\bitcoin info\all things bitcoin\ip reporter\ipreporter.exe] => (Allow) E:\$recycle.bin\bitcoin info\all things bitcoin\ip reporter\ipreporter.exe
FirewallRules: [{9869A8DB-C760-41F4-8E6E-E243F5AF85EA}] => (Allow) E:\program Files\firefox.exe
FirewallRules: [{76FB027D-7030-4E9B-9FBE-516C0699C0EE}] => (Allow) E:\program Files\firefox.exe
FirewallRules: [{4C1D1CDE-E28D-41C5-A754-5001BC608C45}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{A8A237AD-3182-4ACE-8256-44C5B69CE780}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{BF25AADD-7DCD-4AF8-9E7B-4FE25DF957EF}E:\$recycle.bin\bitcoin info\all things bitcoin\ip reporter\ipreporter.exe] => (Allow) E:\$recycle.bin\bitcoin info\all things bitcoin\ip reporter\ipreporter.exe
FirewallRules: [UDP Query User{09037A23-2BEE-4BC0-A3D9-FD3DEAB69505}E:\$recycle.bin\bitcoin info\all things bitcoin\ip reporter\ipreporter.exe] => (Allow) E:\$recycle.bin\bitcoin info\all things bitcoin\ip reporter\ipreporter.exe
FirewallRules: [{858FB30C-06F5-4EDF-BD9C-E33E074F9986}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{E74F2960-5F2C-433D-B4BE-038269151BDE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{60BFF013-84AC-4043-9D36-F3961C1AF70A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B312AB63-770A-4845-8843-1C324FD3BF72}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{AABAF341-4D39-40A8-A147-3311217D861C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{3B4E19EF-B062-492C-9F76-6EA0CDB447E9}H:\all things bitcoin\ip reporter\ipreporter.exe] => (Allow) H:\all things bitcoin\ip reporter\ipreporter.exe
FirewallRules: [UDP Query User{EF487A7B-7E4E-4209-8580-FA573663F125}H:\all things bitcoin\ip reporter\ipreporter.exe] => (Allow) H:\all things bitcoin\ip reporter\ipreporter.exe
FirewallRules: [{F8A94127-99C9-4621-8844-940BDFE3B5D1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
22-10-2018 06:57:52 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/23/2018 02:35:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program NOTEPAD.EXE version 6.1.7601.18917 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 67c
Start Time: 01d46aff0055a734
Termination Time: 65
Application Path: C:\Windows\system32\NOTEPAD.EXE
Report Id:
Error: (10/18/2018 02:06:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/18/2018 01:31:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/18/2018 01:29:56 PM) (Source: MBAMIService) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/17/2018 04:46:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamservice.exe, version: 3.2.0.704, time stamp: 0x5b9acf90
Faulting module name: ntdll.dll, version: 6.1.7601.23807, time stamp: 0x5915fdce
Exception code: 0xc0000005
Fault offset: 0x0000000000048f24
Faulting process id: 0x181c
Faulting application start time: 0x01d461b3378d7c74
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: c7db161a-d24d-11e8-811b-0023ae846f78
Error: (10/11/2018 01:55:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (10/10/2018 01:18:22 AM) (Source: MsiInstaller) (EventID: 11303) (User: Cableman-PC)
Description: Product: iTunes -- Error 1303. The installer has insufficient privileges to access this directory: E:\program Files\iTunes.Resources\de.lproj. The installation cannot continue. Log on as administrator or contact your system administrator.
Error: (10/10/2018 01:18:19 AM) (Source: MsiInstaller) (EventID: 11303) (User: Cableman-PC)
Description: Product: iTunes -- Error 1303. The installer has insufficient privileges to access this directory: E:\program Files\iTunes.Resources\de.lproj. The installation cannot continue. Log on as administrator or contact your system administrator.
System errors:
=============
Error: (10/22/2018 06:54:01 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
Error: (10/22/2018 06:53:59 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
Error: (10/22/2018 06:53:57 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
Error: (10/22/2018 06:53:54 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
Error: (10/22/2018 06:53:52 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
Error: (10/22/2018 06:53:50 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
Error: (10/22/2018 06:53:47 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
Error: (10/22/2018 06:53:45 AM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR1, has a bad block.
Windows Defender:
===================================
Date: 2016-05-05 03:12:44.749
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x8050800d
Error description:Some history items could not be displayed. Please wait a few minutes and try again. If that doesn't work, clear the history and then try again.
Signature version:1.219.648.0
Engine version:1.1.12706.0
Date: 2016-04-30 02:43:47.991
Description:
%1 engine has been terminated due to an unexpected error.
Failure Type:%5
Exception code:%6
Resource:%3
Date: 2016-03-30 06:08:38.359
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x8050800d
Error description:Some history items could not be displayed. Please wait a few minutes and try again. If that doesn't work, clear the history and then try again.
Signature version:1.217.23.0
Engine version:1.1.12603.0
CodeIntegrity:
===================================
Date: 2016-11-01 03:28:26.924
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-01 03:28:26.846
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-01 03:28:26.706
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-11-01 03:28:26.628
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-09-13 04:47:44.894
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-09-13 04:47:44.792
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-17 22:06:45.742
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-07-17 22:06:45.695
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Xeon(R) CPU E5420 @ 2.50GHz
Percentage of memory in use: 81%
Total physical RAM: 32765.66 MB
Available physical RAM: 6086.92 MB
Total Virtual: 65529.5 MB
Available Virtual: 37028.36 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:25.09 GB) NTFS
Drive e: (New Volume) (Fixed) (Total:232.83 GB) (Free:206.95 GB) NTFS
\\?\Volume{c9a29847-648d-11e4-a990-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 2C0BAB62)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 232.8 GB) (Disk ID: 23982539)
Partition 1: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================