top of page
Writer's picturelorsladedoti

GetData Recover My Files v4.6.8.1012 with crack: Pros and Cons of Using This Software



DDS (Ver_2012-11-20.01) - NTFS_x86Internet Explorer: 8.0.7601.17514Run by ndavis at 13:17:31 on 2014-01-06Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.2806.1229 [GMT -6:00].AV: Symantec Endpoint Protection *Enabled/Updated* 63DF5164-9100-186D-2187-8DC619EFD8BFSP: Windows Defender *Disabled/Updated* D68DDC3A-831F-4fae-9E44-DA132C1ACF46SP: Symantec Endpoint Protection *Enabled/Updated* D8BEB080-B73A-17E3-1B37-B6B462689202FW: Symantec Endpoint Protection *Enabled* 5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4.============== Running Processes ================.C:\Windows\system32\wininit.exeC:\Windows\system32\lsm.exeC:\Windows\system32\atiesrxx.exeC:\Windows\system32\atieclxx.exec:\Program Files\Symantec\Symantec Endpoint Encryption Clients\EAFRCliManager.exeC:\Program Files\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\snac.exeC:\Program Files\Cisco\Cisco AnyConnect VPN Client\vpnagent.exeC:\Windows\System32\spoolsv.exeC:\Program Files\ACT\Act for Windows\Act.Server.Host.exeC:\Program Files\Altiris\Altiris Agent\AeXNSAgent.exeC:\Program Files\Manufacturer\Endpoint Agent\edpa.exeC:\Windows\system32\eelogsvc.exeC:\Windows\system32\eelssrv.exeC:\Program Files\LogMeIn\x86\LMIGuardianSvc.exeC:\Program Files\LogMeIn\x86\RaMaint.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exeC:\Program Files\Microsoft SQL Server\MSSQL10_50.ACT7\MSSQL\Binn\sqlservr.exec:\Program Files\Symantec\Symantec Endpoint Encryption Clients\EACommunicatorSrv.exeC:\Program Files\lotus\notes\ntmulti.exeC:\Program Files\Common Files\Protexis\License Service\PsiService_2.exeC:\Program Files\Silver Bullet Technology\Ranger\Logging\SBTLogServiceWindows.exeC:\Program Files\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\ccSvcHst.exeC:\Program Files\Manufacturer\Endpoint Agent\verity\kvoop.exeC:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exeC:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exeC:\Program Files\Manufacturer\Endpoint Agent\verity\kvoop.exeC:\Program Files\Manufacturer\Endpoint Agent\wdp.exeC:\Program Files\LogMeIn\x86\LogMeIn.exeC:\Program Files\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\Smc.exeC:\Program Files\Altiris\Altiris Agent\AeXAgentUIHost.exeC:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exeC:\Program Files\Manufacturer\Endpoint Agent\cui.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Program Files\Symantec\Symantec Endpoint Protection\12.1.2015.2015.105\Bin\ccSvcHst.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\wbem\WmiApSrv.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\wbem\unsecapp.exeC:\Program Files\Symantec\Symantec Endpoint Encryption Clients\Client Console\EAFRCliStart.exeC:\Program Files\LogMeIn\x86\LogMeInSystray.exeC:\Windows\System32\igfxtray.exeC:\Windows\System32\hkcmd.exeC:\Windows\system32\igfxsrvc.exeC:\Windows\System32\igfxpers.exeC:\Windows\system32\SearchIndexer.exeC:\Program Files\ACT\Act for Windows\Act.Outlook.Service.exeC:\Windows\System32\rundll32.exeC:\Windows\System32\regsvr32.exeC:\Program Files\Ebix Inc\Common Files\SOFileManager.exeC:\Program Files\ACT\Act for Windows\Sage.ACT.Integration.exeC:\Windows\System32\mobsync.exeC:\Program Files\Malwarebytes' Anti-Malware\mbam.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\Macromed\Flash\FlashUtil32_11_9_900_170_ActiveX.exeC:\Program Files\Fonality\HUD3.5\HUD3.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exeC:\Windows\system32\conhost.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\svchost.exe -k RPCSSC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k netsvcsC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k NetworkServiceC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\svchost.exe -k imgsvcC:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted.============== Pseudo HJT Report ===============.mWinlogon: Userinit = c:\windows\system32\userinit.exeBHO: Adobe PDF Link Helper: 18DF081C-E8AD-4283-A596-FA578C2EBDC3 - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dllBHO: Symantec Vulnerability Protection: 6D53EC84-6AAE-4787-AEEE-F4628F01010C - c:\program files\symantec\symantec endpoint protection\12.1.2015.2015.105\bin\ips\IPSBHO.dllBHO: Groove GFS Browser Helper: 72853161-30C5-4D22-B7F9-0BBC1D38A37E - c:\program files\microsoft office\office14\GROOVEEX.DLLBHO: Office Document Cache Handler: B4F3A835-0E21-4959-BA22-42B3008E02FF - c:\program files\microsoft office\office14\URLREDIR.DLLBHO: Act.UI.InternetExplorer.Plugins.AttachFile.CAttachFile: D5233FCD-D258-4903-89B8-FB1568E7413D -BHO: Java Plug-In 2 SSV Helper: DBC80044-A445-435b-BC74-9C25C1C588A9 - c:\program files\java\jre6\bin\jp2ssv.dlluRun: [verypdf Update] regsvr32.exe c:\users\ndavis\appdata\local\verypdf\adp_data-2_5.dlluRun: [Entrust] regsvr32.exe /s "c:\users\ndavis\appdata\local\adobe\entrust\ackngpbeik.dll"uRun: [sOFileManager] "c:\program files\ebix inc\common files\SOFileManager.exe"mRun: [RunningApp] c:\program files\configuration\shared\Runningapp.vbsmRun: [EAFRCliStart] c:\program files\symantec\symantec endpoint encryption clients\client console\EAFRCliStart.exe /pmRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"mRun: [bCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServicesmRun: [igfxTray] c:\windows\system32\igfxtray.exemRun: [HotKeysCmds] c:\windows\system32\hkcmd.exemRun: [Persistence] c:\windows\system32\igfxpers.exemRun: [NvSvc] RUNDLL32.EXE c:\windows\system32\nvsvc.dll,nvsvcStartmRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartupmRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInitmRun: [sEE_CHECK] c:\program files\configuration\see_7.0.8\SEE_CHECK.exemRun: [Act.Outlook.Service] "c:\program files\act\act for windows\Act.Outlook.Service.exe"mRun: [Act! Preloader] "c:\program files\act\act for windows\ActSage.exe" -preloadmRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"mRun: [scheduleePaper] c:\program files\configuration\epaper\CheckSchedule.vbsdRun: [sODMTimer] c:\program files\e-z data\sodm\SODMTimer.exedRun: [Entrust] regsvr32.exe /s "c:\users\ndavis\appdata\local\adobe\entrust\ackngpbeik.dll"StartupFolder: c:\progra2\micros1\windows\startm1\programs\startup\sageac1.lnk - c:\program files\act\act for windows\Sage.ACT.Integration.exeuPolicies-Explorer: NoDriveTypeAutoRun = dword:145uPolicies-System: DisableRegedit = dword:0mPolicies-Explorer: UseDefaultTile = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:0mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: dontdisplaylastusername = dword:1mPolicies-System: legalnoticecaption = Ameriprise Domain Usage PolicymPolicies-System: legalnoticetext = You are attempting to log on to the Ameriprise domain. Any unauthorisedusage of domain resources will result in proper legal action. If you are nota member of this domain, log off and contact the Domain Admin.mPolicies-System: DisableRegedit = dword:0mPolicies-System: DisableRegedit = dword:0IE: 2670000A-7350-4f3c-8081-5663EE0C6C49 - 48E73304-E1D6-4330-914C-F5F514E3486C - c:\program files\microsoft office\office14\ONBttnIE.dllIE: 6F431AC3-364A-478b-BBDB-89C7CE1B18F6 - 6F431AC3-364A-478b-BBDB-89C7CE1B18F6 -IE: 789FE86F-6FC4-46A1-9849-EDE0DB0C95CA - FFFDC614-B694-4AE6-AB38-5D6374584B52 - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dllTrusted Zone: annuitynetworks.comTrusted Zone: betasys.comTrusted Zone: finetre.comTrusted Zone: ilx.netTrusted Zone: streetevents.comTrusted Zone: thomson.comTrusted Zone: thomsonone.comTrusted Zone: thomsononeadvisor.comDPF: 55963676-2F5E-4BAF-AC28-CF26AA587566 - vpnweb.cabTCP: NameServer = 10.149.22.13 192.168.0.2 192.168.1.2TCP: Interfaces\1B1256F3-8D89-47CD-8F7C-44FC626963CD : DHCPNameServer = 10.149.22.13 192.168.0.2 192.168.1.2Filter: text/xml - 807573E5-5146-11D5-A672-00B0D022E945 - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLLNotify: igfxcui - igfxdev.dllNotify: PCANotify - PCANotify.dllAppInit_DLLs= AMINIT32.DLLSSODL: WebCheck - SEH: Groove GFS Stub Execution Hook - B5A7F190-DDA6-4420-B3BA-52453494E6CD - c:\program files\microsoft office\office14\GROOVEEX.DLLmASetup: DLP - c:\progra1\configuration\dlp\DLP1.EXEmASetup: SEE_New - c:\progra1\configuration\see161external\SEE2.EXEmASetup: ThomsonRel3.2 - c:\progra1\configuration\thomson\Thomson1.EXEmASetup: ThomsonRel3.4 - c:\progra1\configuration\thomson\Thomson1.EXEmASetup: D56711CE-CDBB-4676-8A49-2ACD02C698D6 - cscript.exe "c:\program files\pdfcamp\PDFcampCUCheck.vbs".============= SERVICES / DRIVERS ===============.R0 EAFSPROT;EAFSPROT;c:\windows\system32\drivers\eafsprot.sys [2010-5-12 20240]R0 EPHDXLAT;PC Guardian Encryption Filter;c:\windows\system32\drivers\ephdxlat.sys [2011-2-17 96248]R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\sep\0c0107df\07df.105\x86\SymDS.sys [2012-11-3 368288]R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\sep\0c0107df\07df.105\x86\SymEFA.sys [2012-11-3 927904]R1 BHDrvx86;BHDrvx86;c:\programdata\symantec\symantec endpoint protection\12.1.2015.2015.105\data\definitions\bashdefs\20131203.011\BHDrvx86.sys [2013-12-2 1098968]R1 ccSettings_29AC8EDB-F22A-46D3-9D66-4244585EAD0A;Symantec Endpoint Protection 12.1.2015.2015.105 Settings Manager;c:\windows\system32\drivers\sep\0c0107df\07df.105\x86\ccSetx86.sys [2012-11-3 134304]R1 IDSVix86;IDSVix86;c:\programdata\symantec\symantec endpoint protection\12.1.2015.2015.105\data\definitions\ipsdefs\20140103.011\IDSvix86.sys [2014-1-3 394456]R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\sep\0c0107df\07df.105\x86\Ironx86.sys [2012-11-3 175264]R1 SYMNETS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\sep\0c0107df\07df.105\x86\symnets.sys [2012-11-3 338592]R2 ActService;ACT! Service Host;c:\program files\act\act for windows\Act.Server.Host.exe [2012-12-6 27136]R2 ActSmartTaskService;ACT! Smart Task Service Host;c:\program files\act\act for windows\Act.Server.Host.exe [2012-12-6 27136]R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2011-1-26 176128]R2 EAFRCliManager;EAFRCliManager;c:\program files\symantec\symantec endpoint encryption clients\EAFRCliManager.exe [2012-2-10 289400]R2 EDPA;EDPA;c:\program files\manufacturer\endpoint agent\edpa.exe [2011-3-14 255672]R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2011-3-1 375120]R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2010-9-17 13624]R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2011-5-9 47640]R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-8-28 418376]R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-8-28 701512]R2 MSSQL$ACT7;SQL Server (ACT7);c:\program files\microsoft sql server\mssql10_50.act7\mssql\binn\sqlservr.exe [2010-5-5 42884448]R2 SBT Log;SBT Log;c:\program files\silver bullet technology\ranger\logging\SBTLogServiceWindows.exe [2010-4-29 53248]R2 SepMasterService;Symantec Endpoint Protection;c:\program files\symantec\symantec endpoint protection\12.1.2015.2015.105\bin\ccSvcHst.exe [2012-11-3 143928]R2 vpnagent;Cisco AnyConnect VPN Agent;c:\program files\cisco\cisco anyconnect vpn client\vpnagent.exe [2010-5-5 583360]R2 WDP;WDP;c:\program files\manufacturer\endpoint agent\wdp.exe [2011-3-14 232120]R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2013-12-2 108120]R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-8-28 22856]R3 tdifd111;tdifd111;c:\windows\system32\drivers\tdifd111.sys [2012-4-3 45624]R3 vfsmfd;vfsmfd;c:\windows\system32\drivers\vfsmfd.sys [2012-4-3 48824]R3 vrtam;vrtam;c:\windows\system32\drivers\vrtam.sys [2012-4-3 19256]R3 VST_DPV;VST_DPV;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]R3 VSTHWBS2;VSTHWBS2;c:\windows\system32\drivers\VSTBS23.SYS [2009-7-13 266752]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 Sage ACT! Scheduler;Sage ACT! Scheduler;c:\program files\act\act for windows\Act.Scheduler.exe [2012-12-6 81920]S3 AltirisAgentProvider;AltirisAgentProvider;c:\program files\altiris\altiris agent\agents\wmiprovideragent\AltirisAgentProvider.exe [2011-4-29 408408]S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]S3 SFsCtrx111;SFsCtrx111;c:\windows\system32\drivers\SFsCtrx111.sys [2012-4-3 48824]S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]S3 SyDvCtrl;SyDvCtrl;c:\program files\symantec\symantec endpoint protection\12.1.2015.2015.105\bin\SyDvCtrl32.sys [2012-11-3 28136]S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-7-3 52224]S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-4-29 1343400]S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2010-5-5 44896]S4 RsFx0150;RsFx0150 Driver;c:\windows\system32\drivers\RsFx0150.sys [2010-4-3 240608]S4 SQLAgent$ACT7;SQL Server Agent (ACT7);c:\program files\microsoft sql server\mssql10_50.act7\mssql\binn\SQLAGENT.EXE [2010-5-5 367456].=============== Created Last 30 ================.2014-01-06 19:04:23 -------- d-----w- c:\users\ndavis\appdata\local\VirtualStore2013-12-26 17:54:52 472808 ----a-w- c:\windows\system32\deployJava1.dll2013-12-23 14:21:56 -------- d-----w- c:\programdata\GroupPolicy2013-12-20 18:44:07 -------- d-----w- c:\windows\pss2013-12-11 11:10:31 140288 ----a-w- c:\windows\system32\cryptsvc.dll2013-12-11 11:10:31 1168384 ----a-w- c:\windows\system32\crypt32.dll2013-12-11 11:10:31 103936 ----a-w- c:\windows\system32\cryptnet.dll2013-12-11 11:08:13 305152 ----a-w- c:\windows\system32\gdi32.dll.==================== Find3M ====================.2013-12-12 17:48:59 86888 ----a-w- c:\windows\system32\LMIRfsClientNP.dll2013-12-12 17:48:59 53064 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll2013-12-12 17:48:58 85832 ----a-w- c:\windows\system32\LMIinit.dll2013-12-12 17:48:58 31560 ----a-w- c:\windows\system32\LMIport.dll2013-12-10 22:51:07 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl2013-12-10 22:51:07 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe2013-10-27 18:18:31 86888 ----a-w- c:\windows\system32\LMIRfsClientNP.dll.000.bak2013-10-27 18:18:30 85832 ----a-w- c:\windows\system32\LMIinit.dll.000.bak2013-10-12 02:04:18 981504 ----a-w- c:\windows\system32\wininet.dll2013-10-12 01:15:03 1638912 ----a-w- c:\windows\system32\mshtml.tlb2013-10-10 19:35:10 9584 ----a-w- c:\windows\system32\ractrlkeyhook.dll2012-04-24 16:11:00 117043 ----a-w- c:\program files\AltirisCleanUp.EXE.=================== ROOTKIT ====================.Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, Windows 6.1.7601 Disk: ST3160815AS rev.3.ADA -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0.device: opened successfullyuser: MBR read successfully.Disk trace:called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ataport.SYS halmacpi.dll intelide.sys PCIIDEX.SYS atapi.sys1 ntkrnlpa!IofCallDriver[0x82C46BBA] -> \Device\Harddisk0\DR0[0x86190238]3 CLASSPNP[0x8ADC259E] -> ntkrnlpa!IofCallDriver[0x82C46BBA] -> \Device\Ide\IdeDeviceP0T0L0-0[0x853F4590]kernel: MBR read successfully_asm JMP 0x70; user != kernel MBR !!!.============= FINISH: 13:19:55.72 ===============




Symantec Endpoint Protection Manager 12.1 License Crack

2ff7e9595c


1 view0 comments

Recent Posts

See All

Comments


bottom of page