Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13.05.2018
Ran by Brian (12-05-2018 21:26:58)
Running from C:\Users\Brian\Desktop
Microsoft Windows 7 Ultimate Service Pack 1 (X86) (2010-08-23 08:42:40)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2999710313-2874845586-1671460366-500 - Administrator - Disabled)
Brian (S-1-5-21-2999710313-2874845586-1671460366-1000 - Administrator - Enabled) => C:\Users\Brian
Guest (S-1-5-21-2999710313-2874845586-1671460366-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2999710313-2874845586-1671460366-1002 - Limited - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2.4GHz Wireless N Client Installation Program (HKLM\...\{ECB9E368-1F6B-4253-B6CD-4833FB87225E}) (Version: 2.01.0012 - )
A360 Desktop (HKLM\...\{B65CD59E-A771-4354-AA4B-C3E01B496BCD}) (Version: 8.2.3.1800 - Autodesk)
ACA & MEP 2018 Object Enabler (HKLM\...\{28B89EEF-1004-0000-5002-CF3F3A09B77D}) (Version: 8.0.40.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-1001-0000-3002-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
AutoCAD 2014 - English (HKLM\...\{5783F2D7-D001-0000-0002-0060B0CE6BBA}) (Version: 19.1.108.0 - Autodesk) Hidden
AutoCAD 2014 - English (HKLM\...\{5783F2D7-D001-0409-2002-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2014 Language Pack - English (HKLM\...\{5783F2D7-D001-0409-1002-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
AutoCAD 2018 - English (HKLM\...\{28B89EEF-1001-0409-2002-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 (HKLM\...\{28B89EEF-1001-0000-0002-CF3F3A09B77D}) (Version: 22.0.72.0 - Autodesk) Hidden
AutoCAD 2018 Language Pack - English (HKLM\...\{28B89EEF-1001-0409-1002-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2018 (HKLM\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager (HKLM\...\{C070121A-C8C5-4D52-9A7D-D240631BD433}) (Version: 1.1.0 - Autodesk)
Autodesk App Manager 2016-2018 (HKLM\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
Autodesk AutoCAD 2014 - English (HKLM\...\AutoCAD 2014 - English) (Version: 19.1.18.0 - Autodesk)
Autodesk AutoCAD 2014 - English SP1 (HKLM\...\AutoCAD 2014 - English SP1) (Version: 1 - Autodesk)
Autodesk AutoCAD 2018 - English (HKLM\...\AutoCAD 2018 - English) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD 2018.0.2 (HKLM\...\{b501e2dd-1001-0000-0002-2d66c6a9c722}) (Version: 22.0.72.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk)
Autodesk Content Service (HKLM\...\{62F029AB-85F2-0000-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.1.3.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM\...\{62F029AB-85F2-0001-866A-9FC0DD99DDBC}) (Version: 3.1.3.0 - Autodesk) Hidden
Autodesk Desktop App (HKLM\...\Autodesk Desktop App) (Version: 7.0.9.191 - Autodesk)
Autodesk DWG TrueView 2015 - English (HKLM\...\DWG TrueView 2015 - English) (Version: 20.0.51.0 - Autodesk)
Autodesk Featured Apps (HKLM\...\{F732FEDA-7713-4428-934B-EF83B8DD65D0}) (Version: 1.1.0 - Autodesk)
Autodesk Featured Apps 2016-2018 (HKLM\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk)
Autodesk License Service (x86) - 5.1.5 (HKLM\...\{36AC22AD-5E3A-436E-ABF0-911257790BC6}) (Version: 5.1.5.0 - Autodesk)
Autodesk Material Library 2014 (HKLM\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library 2018 (HKLM\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Autodesk ReCap (HKLM\...\{31ABA3F2-0000-1033-0002-111D43815377}) (Version: 1.0.43.13 - Autodesk) Hidden
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.13 - Autodesk)
Autodesk ReCap Language Pack-English (HKLM\...\{31ABA3F2-0010-1033-0002-111D43815377}) (Version: 1.0.43.13 - Autodesk) Hidden
Backup and Sync from Google (HKLM\...\{316376FE-CAC0-44AE-BD59-EBDBDEF1592F}) (Version: 3.41.9267.0638 - Google, Inc.)
Bridge Designer 2016 (2nd Edition) (remove only) (HKLM\...\Bridge Designer 2016 (2nd Edition)) (Version: - )
Brother MFL-Pro Suite MFC-J280W (HKLM\...\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}) (Version: 1.0.19.0 - Brother Industries, Ltd.)
Cities XL (HKLM\...\Cities XL) (Version: 1.0.0 - Monte Cristo Games)
CorsixTH 0.61 (HKLM\...\CorsixTH) (Version: 0.61 - CorsixTH Team)
DWG TrueView 2015 - English (HKLM\...\{5783F2D7-E028-0409-0000-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
Emergency 3 (HKLM\...\{F9787326-0394-4467-A2EE-817C34F6C751}) (Version: 1.03.001 - )
FARO LS 1.1.501.0 (HKLM\...\{8F196892-666A-4A40-8587-6AE38F78A5C2}) (Version: 5.1.0.30630 - FARO Scanner Production)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Git version 2.13.3 (HKLM\...\Git_is1) (Version: 2.13.3 - The Git Development Community)
Google Chrome (HKLM\...\Google Chrome) (Version: 66.0.3359.139 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP ENVY 5660 series Basic Device Software (HKLM\...\{A6FB5EF8-1518-41F4-9408-81E2D5C36A67}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
HP ENVY 5660 series Help (HKLM\...\{607F50D9-40BD-4F17-A584-152F563293B4}) (Version: 34.0.0 - Hewlett Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
Hydrogen (Advanced drum machine for GNU/Linux) (HKLM\...\ON) (Version: 0.9.7-beta2 - Hydrogen Developers)
Java 8 Update 171 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 - Oracle Corporation)
Lightworks (HKLM\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 14.0.0.0 - EditShare)
LMMS 1.1.3 (HKLM\...\LMMS) (Version: 1.1.3 - LMMS Developers)
Logger Pro 3.12 A20160921-0947_853e1db (HKLM\...\{55C9FFC1-E9A2-4E49-72B1-3831B5AD4AB8}) (Version: 5.182.945 - Vernier Software & Technology)
Malwarebytes version 3.4.5.2467 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.5.2467 - Malwarebytes)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.11.25325 (HKLM\...\{404c9c27-8377-4fd1-b607-7ca635db4e49}) (Version: 14.11.25325.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 59.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 59.0.3 (x86 en-US)) (Version: 59.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.3.6691 - Mozilla)
MS Access 97 SP2 (HKLM\...\MS Access 97 SP2) (Version: - )
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NETGEAR WN311T Wireless PCI Adapter (HKLM\...\{F7321BC6-51AD-4299-9CE9-462DBC141C93}) (Version: - )
Network Addon Mod (HKU\S-1-5-21-2999710313-2874845586-1671460366-1000\...\Network Addon Mod) (Version: 35 - The NAM Team)
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
OpenRCT2 Launcher version 0.0.7 (HKLM\...\{D71D87CE-20E7-4DB6-A0D8-E6DE57051B35}_is1) (Version: 0.0.7 - OpenRCT2)
OpenTTD 1.8.0 (HKLM\...\OpenTTD) (Version: 1.8.0 - OpenTTD)
Origin (HKLM\...\Origin) (Version: 9.1.10.2728 - Electronic Arts, Inc.)
paint.net (HKLM\...\{E8FA8815-3817-4128-A814-E2EAC456ADEF}) (Version: 4.0.21 - dotPDN LLC)
Photo Story 3 for Windows (HKLM\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.11 - Microsoft Corporation)
Product Improvement Study for HP ENVY 5660 series (HKLM\...\{18B597E2-8F59-4969-B932-91DB7EB0C27D}) (Version: 34.2.117.50647 - Hewlett-Packard Co.)
RCT3 Soaked (HKLM\...\{EA926717-CE5A-4CB4-AB21-9E6E9565A458}) (Version: 1.00.000 - )
RNX-N250PC2 Driver (HKLM\...\{871F397C-447E-43B2-B01A-3E656F3D61B6}) (Version: 1.00.0000 - )
RogueKiller version 12.12.16.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.12.16.0 - Adlice Software)
Roller Coaster Tycoon 2 (HKLM\...\Roller Coaster Tycoon 2) (Version: - )
RollerCoaster Tycoon 2 (HKLM\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: - )
RollerCoaster Tycoon 2: Time Twister (HKLM\...\{BA1E1AFD-D1F2-4C52-88C3-186FC5E61604}) (Version: 1.00.000 - )
RollerCoaster Tycoon 2: Wacky Worlds (HKLM\...\{B1AD83A0-DC92-41E3-B111-E9472349768C}) (Version: - )
RollerCoaster Tycoon Deluxe (HKLM\...\{924EAD66-F854-4605-8493-696DD59A113B}) (Version: 1.00.000 - )
RollerCoaster Tycoon® 3 (HKLM\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SimCity 2000 Special Edition (HKLM\...\SimCity 2000 Special Edition_is1) (Version: - GOG.com)
SimCity 3000 (HKLM\...\SimCity 3000) (Version: - )
SimCity 4 Deluxe (HKLM\...\{A7A34FC9-DF24-4A36-00AD-D4EFE94CC116}) (Version: - )
SimCity™ (HKLM\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 1.0.0.0 - Electronic Arts)
SimSafari (HKLM\...\SimSafariUninstall) (Version: - )
SketchUp Import for AutoCAD 2014 (HKLM\...\{644E9589-F73A-49A4-AC61-A953B9DE5669}) (Version: 1.1.0 - Autodesk)
SmartMusic (HKLM\...\{42B1BDFC-9AF7-42C4-BC3C-EAED79D4DBEB}) (Version: 1.1.2204 - MakeMusic, Inc.)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Theme Hospital (HKLM\...\Theme Hospital_is1) (Version: - GOG.com)
Traffic Simulator Configuration Tool (HKU\S-1-5-21-2999710313-2874845586-1671460366-1000\...\Traffic Simulator Configuration Tool) (Version: - )
Tycoon City - New York (HKLM\...\{A5101403-2C42-40E0-8D9E-5E49E7C3B89E}) (Version: 1.00.000 - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zoo Tycoon: Complete Collection (HKLM\...\Zoo Tycoon 1.0) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2999710313-2874845586-1671460366-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2015 - English\dwgviewr.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2999710313-2874845586-1671460366-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2015 - English\en-US\dwgviewrficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2999710313-2874845586-1671460366-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2999710313-2874845586-1671460366-1000_Classes\CLSID\{6d05bf60-3eaf-4a97-87c5-10cce505435b}\localserver32 -> C:\Users\Brian\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.NonElevated.exe => No File
CustomCLSID: HKU\S-1-5-21-2999710313-2874845586-1671460366-1000_Classes\CLSID\{7DE1BE5C-CEBA-4F1D-ACBC-9CE11EE9A2A1}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2999710313-2874845586-1671460366-1000_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2999710313-2874845586-1671460366-1000_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2999710313-2874845586-1671460366-1000_Classes\CLSID\{BD0DEB94-63DB-4392-9420-6EEE05094B1F}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2014\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2999710313-2874845586-1671460366-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2014\en-US\acadficn.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-12] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2018-04-12] (Google)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-02] (Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-02] (Autodesk)
ContextMenuHandlers1: [ANotepad++] -> {00F3C2EC-A6EE-11DE-A03A-EF8F55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2014-05-12] ()
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-12] (Google)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-27] (Malwarebytes)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => c:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu32.dll [2018-04-12] (Google)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-27] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-06-09] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {11F243B2-2411-4E64-8EFD-30BFE038CC7E} - System32\Tasks\{3E78A3A7-EFBB-48DD-B3AF-19FD801C1792} => C:\Program Files\Google\Chrome\Application\chrome.exe
Task: {37DE0088-61A2-4AA6-90BC-A7FD0BCEA41C} - System32\Tasks\HPCustPartic.exe_{762481A1-212E-47A4-9AC2-1E733D0C91D4} => C:\Program Files\HP\HP ENVY 5660 series\Bin\HPCustPartic.exe [2014-08-22] (Hewlett-Packard Development Company, LP)
Task: {80CBADC1-3A90-4393-9F3C-372EEBE38E32} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {91EA052A-7798-4876-8384-50B209A35B80} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {94B7CA64-83EC-4F6A-853C-A8984FC3189E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {9B34FC60-D62F-4D64-A93F-222AF7DDBEDB} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {A66CB07D-5764-4FF3-AA9A-28E1B76C34D6} - System32\Tasks\HP AR Program Upload - 06ff241776ee4cceb938b15f1421550aaa4d4d390a554ccda27d2eeab85f184d => C:\Program Files\HP\HP ENVY 5660 series\bin\HPRewards.exe [2014-08-22] (Hewlett-Packard Development Company, LP)
Task: {ADF623AC-AF47-4DE2-9E3A-91494FE56E36} - System32\Tasks\HPCustParticipation HP ENVY 5660 series => C:\Program Files\HP\HP ENVY 5660 series\Bin\HPCustPartic.exe [2014-08-22] (Hewlett-Packard Development Company, LP)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Brian\Documents\SimCity 4\Plugins\Network Addon Mod\Traffic Simulator Configuration Tool.lnk -> C:\Program Files\Traffic Simulator Configuration Tool\TSCT.bat ()
Shortcut: C:\Users\Brian\Desktop\Games\Games\SimCity 4\Mods and Tools\Traffic Simulator Configuration Tool.lnk -> C:\Program Files\Traffic Simulator Configuration Tool\TSCT.bat ()
Shortcut: C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxis\SimCity 4\Traffic Simulator Configuration Tool.lnk -> C:\Program Files\Traffic Simulator Configuration Tool\TSCT.bat ()
==================== Loaded Modules (Whitelisted) ==============
2013-09-05 01:14 - 2013-09-05 01:14 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:45 - 2010-10-20 16:45 - 008801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`27hfm [0]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-2999710313-2874845586-1671460366-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:04 - 2009-06-10 14:39 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2999710313-2874845586-1671460366-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: a2AntiMalware => 2
MSCONFIG\Services: Apple Mobile Device => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: PDFProFiltSrvPP => 2
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: WinNetSvc2 => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^2.4GHz Wireless N Client Utility.lnk => C:\Windows\pss\2.4GHz Wireless N Client Utility.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Brian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Monitor Ink Alerts - HP ENVY 5660 series.lnk => C:\Windows\pss\Monitor Ink Alerts - HP ENVY 5660 series.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AE43EAC771ADEE2FEEB86AD6759833F2448FAA11._service_run => "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=service /prefetch:8
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Brian\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: Autodesk Desktop App => "C:\Program Files\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BrMfcWnd => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: ControlCenter3 => C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: HP Software Update => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IndexSearch => "C:\Program Files\Nuance\PaperPort\IndexSearch.exe"
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: Malwarebytes Anti-Exploit => C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe
MSCONFIG\startupreg: NvBackend => "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Nvtmru => "C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\steam.exe" -silent
MSCONFIG\startupreg: WN311T.exe => C:\Program Files\NETGEAR\WN311T\WN311T.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{85E83454-DF00-4F46-AE17-5680C8A78605}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{2145A948-81E9-4B58-85F1-730CFEC49A01}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{018FB3CC-5708-4B35-A0F9-50D6148899F1}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{10669CC4-ED71-4164-B1E2-185722CE0AE5}] => (Allow) C:\Program Files\Steam\bin\cef\cef.win7\steamwebhelper.exe
==================== Restore Points =========================
29-04-2018 17:06:40 Windows Update
02-05-2018 21:57:37 Windows Update
03-05-2018 23:54:23 Microsoft Hotfix
06-05-2018 15:32:30 Windows Update
09-05-2018 03:30:28 Windows Update
10-05-2018 19:47:51 Revo Uninstaller's restore point - Akamai NetSession Interface
10-05-2018 19:52:15 Revo Uninstaller's restore point - Caesium version 1.7.0
11-05-2018 21:01:37 Windows Update
11-05-2018 21:40:51 Restore Point #1
==================== Faulty Device Manager Devices =============
Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/12/2018 05:20:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 66.0.3359.139, time stamp: 0x5ae13fc6
Faulting module name: USER32.dll, version: 6.1.7601.23594, time stamp: 0x58249e2b
Exception code: 0xc0000005
Fault offset: 0x0001636c
Faulting process id: 0x1038
Faulting application start time: 0x01d3e9eb8cb941f0
Faulting application path: C:\Program Files\Google\Chrome\Application\chrome.exe
Faulting module path: C:\Windows\system32\USER32.dll
Report Id: d6336810-55de-11e8-a331-001d60e9db68
Error: (05/12/2018 05:20:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 66.0.3359.139, time stamp: 0x5ae13fc6
Faulting module name: ntdll.dll, version: 6.1.7601.24117, time stamp: 0x5add1df9
Exception code: 0xc0000005
Fault offset: 0x000529df
Faulting process id: 0x1688
Faulting application start time: 0x01d3e9eb8ccc4cf0
Faulting application path: C:\Program Files\Google\Chrome\Application\chrome.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: d632cbd0-55de-11e8-a331-001d60e9db68
Error: (05/12/2018 05:20:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: software_reporter_tool.exe, version: 29.154.200.0, time stamp: 0x5ae90712
Faulting module name: software_reporter_tool.exe, version: 29.154.200.0, time stamp: 0x5ae90712
Exception code: 0xc0000005
Fault offset: 0x00105e3b
Faulting process id: 0x1554
Faulting application start time: 0x01d3e9eb95d5b750
Faulting application path: C:\Users\Brian\AppData\Local\Google\Chrome\User Data\SwReporter\29.154.200\software_reporter_tool.exe
Faulting module path: C:\Users\Brian\AppData\Local\Google\Chrome\User Data\SwReporter\29.154.200\software_reporter_tool.exe
Report Id: d63319f0-55de-11e8-a331-001d60e9db68
Error: (05/12/2018 05:20:20 AM) (Source: Wininit) (EventID: 1015) (User: )
Description: A critical system process, C:\Windows\system32\lsass.exe, failed with status code c0000005. The machine must now be restarted.
Error: (05/12/2018 05:20:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: firefox.exe, version: 59.0.3.6691, time stamp: 0x5ae39f1a
Faulting module name: user32.dll, version: 6.1.7601.23594, time stamp: 0x58249e2b
Exception code: 0xc0000005
Fault offset: 0x0001636c
Faulting process id: 0xe30
Faulting application start time: 0x01d3e9ea72356f80
Faulting application path: C:\Program Files\Mozilla Firefox\firefox.exe
Faulting module path: C:\Windows\system32\user32.dll
Report Id: d58d8b20-55de-11e8-a331-001d60e9db68
Error: (05/12/2018 05:20:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: lsass.exe, version: 6.1.7601.24117, time stamp: 0x5add1847
Faulting module name: ntdll.dll, version: 6.1.7601.24117, time stamp: 0x5add1df9
Exception code: 0xc0000005
Fault offset: 0x000315f8
Faulting process id: 0x1f8
Faulting application start time: 0x01d3e9ea317032a0
Faulting application path: C:\Windows\system32\lsass.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: d58ca0c0-55de-11e8-a331-001d60e9db68
Error: (05/11/2018 11:42:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: software_reporter_tool.exe, version: 29.154.200.0, time stamp: 0x5ae90712
Faulting module name: ntdll.dll, version: 6.1.7601.24117, time stamp: 0x5add1df9
Exception code: 0x80000003
Fault offset: 0x000c3b65
Faulting process id: 0xf10
Faulting application start time: 0x01d3e9bc4f3dbd30
Faulting application path: C:\Users\Brian\AppData\Local\Google\Chrome\User Data\SwReporter\29.154.200\software_reporter_tool.exe
Faulting module path: C:\Windows\SYSTEM32\ntdll.dll
Report Id: 943a5a10-55af-11e8-81d3-001d60e9db68
Error: (05/11/2018 11:41:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chrome.exe, version: 66.0.3359.139, time stamp: 0x5ae13fc6
Faulting module name: KERNELBASE.dll, version: 6.1.7601.24117, time stamp: 0x5add1e31
Exception code: 0xc0000409
Fault offset: 0x00020706
Faulting process id: 0xa3c
Faulting application start time: 0x01d3e9bc482758d0
Faulting application path: C:\Program Files\Google\Chrome\Application\chrome.exe
Faulting module path: C:\Windows\system32\KERNELBASE.dll
Report Id: 8e46ea10-55af-11e8-81d3-001d60e9db68
System errors:
=============
Error: (05/12/2018 07:14:25 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.
Reported by component: Processor Core
Error Source: 3
Error Type: 256
Processor ID: 1
The details view of this entry contains further information.
Error: (05/12/2018 07:14:25 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.
Reported by component: Processor Core
Error Source: 3
Error Type: 256
Processor ID: 1
The details view of this entry contains further information.
Error: (05/12/2018 07:14:25 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.
Reported by component: Processor Core
Error Source: 3
Error Type: 10
Processor ID: 1
The details view of this entry contains further information.
Error: (05/12/2018 07:14:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The atksgt service failed to start due to the following error:
The system cannot find the file specified.
Error: (05/12/2018 05:15:32 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.
Error: (05/12/2018 02:37:14 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.
Reported by component: Processor Core
Error Source: 3
Error Type: 256
Processor ID: 1
The details view of this entry contains further information.
Error: (05/12/2018 02:37:14 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.
Reported by component: Processor Core
Error Source: 3
Error Type: 9
Processor ID: 1
The details view of this entry contains further information.
Error: (05/12/2018 02:37:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The atksgt service failed to start due to the following error:
The system cannot find the file specified.
Windows Defender:
===================================
Date: 2016-11-23 03:53:06.437
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{CDB51533-EEB1-46AB-80C3-76C8F4A6551F}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan
Date: 2016-09-04 02:59:14.724
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{2C6C7A14-A9C1-4418-8B92-07D66C67A9EF}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan
Date: 2016-06-04 03:14:24.942
Description:
Windows Defender scan has been stopped before completion.
Scan ID:{61092E3C-8DAC-40A6-95FE-AEE30C73187F}
Scan Type:AntiSpyware
Scan Parameters:Quick Scan
Date: 2016-02-15 19:13:18.986
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/Mizenota&threatid=223449
Name:SoftwareBundler:Win32/Mizenota
ID:223449
Severity:High
Category:Software Bundler
Path Found:containerfile:C:\Users\Brian\Downloads\EuroTruckSimulator2CDKeyGenera Downloader.rar;file:C:\Users\Brian\Downloads\EuroTruckSimulator2CDKeyGenera Downloader.rar->CMT;filelocalcopy:C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{663C7ACA-8F97-4219-99EE-B5416090D454}-EuroTruckSimulator2CDKeyGenera Downloader.rar;filelocalcopy:C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{F142CAEC-2021-4A61-9756-0CE8402BCA64}-EuroTruckSimulator2CDKeyGenera Downloader.rar;webfile:C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{663C7ACA-8F97-4219-99EE-B5416090D454}-EuroTruckSimulator2CDKeyGenera Downloader.rar|
http://mymediadownloadsthirtytwo.co...yb21wdGRvd25sb2FkZXIuY29tJTJGbG9nby5wbmcmcHJl
Detection Type:Concrete
Detection Source
ownloads and attachments
Status:Unknown
Process Name:C:\Program Files\Google\Chrome\Application\chrome.exe
Date: 2016-02-15 19:12:43.723
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/Mizenota&threatid=223449
Name:SoftwareBundler:Win32/Mizenota
ID:223449
Severity:High
Category:Software Bundler
Path Found:containerfile:C:\Users\Brian\Downloads\EuroTruckSimulator2CDKeyGenera Downloader.rar;file:C:\Users\Brian\Downloads\EuroTruckSimulator2CDKeyGenera Downloader.rar->CMT;filelocalcopy:C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{F142CAEC-2021-4A61-9756-0CE8402BCA64}-EuroTruckSimulator2CDKeyGenera Downloader.rar;webfile:C:\ProgramData\Microsoft\Windows Defender\LocalCopy\{F142CAEC-2021-4A61-9756-0CE8402BCA64}-EuroTruckSimulator2CDKeyGenera Downloader.rar|
http://mymediadownloadsthirtytwo.co...JGcHJvbXB0ZG93bmxvYWRlci5jb20lMkYlM0ZjYW5jZWw
Detection Type:Concrete
Detection Source
ownloads and attachments
Status:Unknown
Process Name:C:\Program Files\Google\Chrome\Application\chrome.exe
Date: 2014-02-07 12:27:25.253
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified.
Signature version:0.0.0.0
Engine version:0.0.0.0
CodeIntegrity:
===================================
Date: 2016-07-25 16:22:14.208
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Emsisoft Anti-Malware\a2hooks32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-25 01:23:19.251
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Emsisoft Anti-Malware\a2hooks32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-25 01:10:09.306
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Emsisoft Anti-Malware\a2hooks32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-24 21:23:12.036
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Emsisoft Anti-Malware\a2hooks32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-24 15:21:33.606
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Emsisoft Anti-Malware\a2hooks32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-24 15:02:29.721
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Emsisoft Anti-Malware\a2hooks32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-24 13:17:26.948
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Emsisoft Anti-Malware\a2hooks32.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-07-24 05:33:00.907
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Emsisoft Anti-Malware\a2hooks32.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+
Percentage of memory in use: 34%
Total physical RAM: 3071.3 MB
Available physical RAM: 2003.6 MB
Total Virtual: 7675.66 MB
Available Virtual: 6138.11 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:372.61 GB) (Free:74.41 GB) NTFS ==>[drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 372.6 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=372.6 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
