API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 8th, 2013
318
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 44.23 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-06-2013
  2. Ran by Nath (administrator) on 08-06-2013 17:37:40
  3. Running from C:\Users\Nath\Desktop
  4. Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
  5. Internet Explorer Version 9
  6. Boot Mode: Normal
  7.  
  8. ==================== Processes (Whitelisted) =================
  9.  
  10. (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
  11. (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
  12. (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
  13. (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
  14. (Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
  15. (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
  16. (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
  17. (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
  18. (Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
  19. (Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
  20. (Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
  21. (Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
  22. () c:\xampp\mysql\bin\mysqld.exe
  23. (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
  24. (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
  25. (Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
  26. (Intel Corporation) C:\Windows\System32\igfxpers.exe
  27. (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
  28. () C:\Program Files (x86)\puush\puush.exe
  29. (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
  30. (Valve Corporation) F:\Steam\Steam.exe
  31. (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
  32. (Spotify Ltd) C:\Users\Nath\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
  33. (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
  34. (Dropbox, Inc.) C:\Users\Nath\AppData\Roaming\Dropbox\bin\Dropbox.exe
  35. () C:\Program Files (x86)\OpenVPN\bin\openvpn-gui-1.0.3.exe
  36. (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
  37. (Apache Software Foundation) C:\xampp\apache\bin\httpd.exe
  38. (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
  39. (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
  40. (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
  41. (Apple Inc.) C:\Program Files\iTunesHelper.exe
  42. (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
  43. (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
  44. (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
  45. (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
  46. (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
  47. (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
  48. (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware.exe
  49. (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-unity-helper.exe
  50. (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\x64\vmware-vmx.exe
  51. (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vprintproxy.exe
  52. (Opera Software) C:\Program Files (x86)\Opera\opera.exe
  53. (Microsoft Corporation) C:\Windows\splwow64.exe
  54. (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
  55. (TeamViewer GmbH) c:\program files (x86)\teamviewer\version8\TeamViewer_Desktop.exe
  56. (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
  57. (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\RIMDeviceManager\RIMDeviceManager.exe
  58.  
  59. ==================== Registry (Whitelisted) ==================
  60.  
  61. HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11776104 2011-02-11] (Realtek Semiconductor)
  62. HKLM\...\Run: [EKIJ5000StatusMonitor] C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [2922496 2011-06-16] (Eastman Kodak Company)
  63. HKLM\...\Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [444904 2012-09-20] (Adobe Systems Incorporated)
  64. HKCU\...\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun [1475584 2010-11-20] (Microsoft Corporation)
  65. HKCU\...\Run: [puush] C:\Program Files (x86)\puush\puush.exe [567368 2013-05-15] ()
  66. HKCU\...\Run: [AdobeBridge] [x]
  67. HKCU\...\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [3477312 2012-01-19] (DT Soft Ltd)
  68. HKCU\...\Run: [Google Update] "C:\Users\Nath\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2012-03-04] (Google Inc.)
  69. HKCU\...\Run: [Steam] "F:\Steam\steam.exe" -silent [x]
  70. HKCU\...\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun [18678376 2013-04-19] (Skype Technologies S.A.)
  71. HKCU\...\Run: [Spotify Web Helper] "C:\Users\Nath\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [1105408 2013-05-11] (Spotify Ltd)
  72. HKCU\...\Policies\system: [disableregistrytools] 0
  73. HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-01-28] (Apple Inc.)
  74. HKLM-x32\...\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
  75. HKLM-x32\...\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin [1073352 2012-06-25] (Adobe Systems Incorporated)
  76. HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [90448 2011-11-02] (Research In Motion Limited)
  77. HKLM-x32\...\Run: [vmware-tray.exe] "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe" [104088 2012-08-15] (VMware, Inc.)
  78. HKLM-x32\...\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2012-10-25] (Apple Inc.)
  79. HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [926896 2012-09-23] (Adobe Systems Incorporated)
  80. HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files\iTunesHelper.exe" [152392 2013-02-20] (Apple Inc.)
  81. HKLM-x32\...\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe" [356968 2012-12-20] (Kaspersky Lab ZAO)
  82. HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
  83. HKLM-x32\...\Run: [EKIJ5000StatusMonitor] C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe [2922496 2011-06-16] (Eastman Kodak Company)
  84. HKLM-x32\...\Run: [Conime] %windir%\system32\conime.exe [x]
  85. AppInit_DLLs: C:\Windows\System32\nvinitx.dll,C:\Windows\system32\nvinitx.dll [245872 2013-02-26] (NVIDIA Corporation)
  86. Startup: C:\ProgramData\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
  87. ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (No File)
  88. Startup: C:\Users\Nath\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
  89. ShortcutTarget: Dropbox.lnk -> C:\Users\Nath\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
  90. Startup: C:\Users\Nath\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Open VPN.lnk
  91. ShortcutTarget: Open VPN.lnk -> C:\Program Files (x86)\OpenVPN\bin\openvpn-gui-1.0.3.exe ()
  92. Startup: C:\Users\Nath\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\thunderbird - Shortcut.lnk
  93. ShortcutTarget: thunderbird - Shortcut.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
  94. SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - %Systemroot%\system32\webcheck.dll (Microsoft Corporation)
  95.  
  96. ==================== Internet (Whitelisted) ====================
  97.  
  98. HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/
  99. HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
  100. HKCU SearchScopes: DefaultScope {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms}
  101. SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms}
  102. BHO: GBHO.BHO - {45d30484-7ded-43d9-957a-d2fd1f046511} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
  103. BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
  104. BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
  105. BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
  106. BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
  107. BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
  108. BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
  109. BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
  110. BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
  111. BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
  112. BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
  113. BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
  114. BHO-x32: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\PROGRA~2\KASPER~1\KASPER~1.0\KASPER~2\spIEBho.dll (Kaspersky Lab)
  115. BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
  116. BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
  117. BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
  118. BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
  119. BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
  120. BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
  121. BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
  122. BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
  123. BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
  124. Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
  125. Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
  126. Toolbar: HKLM-x32 - Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\PROGRA~2\KASPER~1\KASPER~1.0\KASPER~2\spIEBho.dll (Kaspersky Lab)
  127. Toolbar: HKCU - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
  128. Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
  129. DPF: HKLM {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
  130. Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
  131. Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
  132. Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
  133.  
  134. FireFox:
  135. ========
  136. FF ProfilePath: C:\Users\Nath\AppData\Roaming\Mozilla\Firefox\Profiles\pu266e2r.default
  137. FF Homepage: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1330257265&rver=6.0.5286.0&wp=MBI&wreply=https:%2F%2Flive.xbox.com:443%2Fxweb%2Flive%2Fpassport%2FsetCookies.ashx%3Frru%3Dhttps%253a%252f%252flive.xbox.com%252fen-US%252fAccount%252fSignin%253freturnUrl%253dhttp%25253a%25252f%25252fwww.xbox.com%25252fen-US%25252f&lc=1033&id=66262&cbcxt=0
  138. FF NetworkProxy: "backup.ftp", "54.245.104.20"
  139. FF NetworkProxy: "backup.ftp_port", 80
  140. FF NetworkProxy: "backup.socks", "54.245.104.20"
  141. FF NetworkProxy: "backup.socks_port", 80
  142. FF NetworkProxy: "backup.ssl", "54.245.104.20"
  143. FF NetworkProxy: "backup.ssl_port", 80
  144. FF NetworkProxy: "ftp", "199.180.115.139"
  145. FF NetworkProxy: "ftp_port", 8080
  146. FF NetworkProxy: "gopher", ""
  147. FF NetworkProxy: "gopher_port", 0
  148. FF NetworkProxy: "http", "199.180.115.139"
  149. FF NetworkProxy: "http_port", 8080
  150. FF NetworkProxy: "share_proxy_settings", true
  151. FF NetworkProxy: "socks", "199.180.115.139"
  152. FF NetworkProxy: "socks_port", 8080
  153. FF NetworkProxy: "ssl", "199.180.115.139"
  154. FF NetworkProxy: "ssl_port", 8080
  155. FF NetworkProxy: "type", 0
  156. FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll ()
  157. FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
  158. FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
  159. FF Plugin: @microsoft.com/GENUINE - disabled No File
  160. FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
  161. FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
  162. FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
  163. FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
  164. FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files\Mozilla Plugins\npitunes.dll ()
  165. FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
  166. FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
  167. FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
  168. FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
  169. FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
  170. FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
  171. FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
  172. FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
  173. FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 - C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
  174. FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
  175. FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
  176. FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
  177. FF Extension: iMacros for Firefox - C:\Users\Nath\AppData\Roaming\Mozilla\Firefox\Profiles\pu266e2r.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
  178. FF Extension: support - C:\Users\Nath\AppData\Roaming\Mozilla\Firefox\Profiles\pu266e2r.default\Extensions\support@platinumhideip.com.xpi
  179.  
  180. Chrome:
  181. =======
  182. CHR HomePage: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1330257848&rver=6.0.5286.0&wp=MBI&wreply=https:%2F%2Flive.xbox.com:443%2Fxweb%2Flive%2Fpassport%2FsetCookies.ashx%3Frru%3Dhttps%253a%252f%252flive.xbox.com%252fen-GB%252fAccount%252fSignin%253freturnUrl%253dhttp%25253a%25252f%25252fwww.xbox.com%25252fen-GB%25252f&lc=2057&id=66262&cbcxt=0
  183. CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
  184. CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
  185. CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
  186. CHR Plugin: (Native Client) - C:\Users\Nath\AppData\Local\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll ()
  187. CHR Plugin: (Chrome PDF Viewer) - C:\Users\Nath\AppData\Local\Google\Chrome\Application\27.0.1453.94\pdf.dll ()
  188. CHR Plugin: (Shockwave Flash) - C:\Users\Nath\AppData\Local\Google\Chrome\Application\27.0.1453.94\gcswf32.dll No File
  189. CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll No File
  190. CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Nath\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\12.0.0.477_0\plugin/npUrlAdvisor.dll No File
  191. CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Nath\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\12.0.0.477_0\plugin/npVKPlugin.dll No File
  192. CHR Plugin: (Kaspersky Anti-Virus) - C:\Users\Nath\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\12.0.0.374_0\plugin/npABPlugin.dll No File
  193. CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
  194. CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
  195. CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
  196. CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
  197. CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
  198. CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
  199. CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll (Apple Inc.)
  200. CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll (Apple Inc.)
  201. CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
  202. CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
  203. CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
  204. CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
  205. CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
  206. CHR Plugin: (Java(TM) Platform SE 7 U3) - C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll No File
  207. CHR Plugin: (Java Deployment Toolkit 7.0.30.255) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
  208. CHR Plugin: (iTunes Application Detector) - C:\Program Files\Mozilla Plugins\npitunes.dll ()
  209. CHR Plugin: (Unity Player) - C:\Users\Nath\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
  210. CHR Plugin: (Google Update) - C:\Users\Nath\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
  211. CHR Extension: (YouTube) - C:\Users\Nath\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
  212. CHR Extension: (Google Search) - C:\Users\Nath\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
  213. CHR Extension: (Kaspersky URL Advisor) - C:\Users\Nath\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.2.558_0
  214. CHR Extension: (Safe Money) - C:\Users\Nath\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.2.558_0
  215. CHR Extension: (Virtual Keyboard) - C:\Users\Nath\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.2.558_0
  216. CHR Extension: (Gmail) - C:\Users\Nath\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
  217. CHR Extension: (Anti-Banner) - C:\Users\Nath\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.2.558_0
  218.  
  219. ==================== Services (Whitelisted) =================
  220.  
  221. R2 Apache2.2; C:\xampp\apache\bin\httpd.exe [18432 2011-09-10] (Apache Software Foundation)
  222. S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
  223. R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356968 2012-12-20] (Kaspersky Lab ZAO)
  224. R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [819040 2012-12-21] (Infowatch)
  225. R2 HPSLPSVC; C:\Users\Nath\AppData\Local\Temp\7zS5365\hpslpsvc64.dll [1039360 2012-08-27] (Hewlett-Packard Co.)
  226. R2 mysql; c:\xampp\mysql\bin\my.ini [5396 2012-03-20] ()
  227. S3 OpenVPNService; C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe [14848 2011-12-15] ()
  228. S4 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.)
  229. S2 VMwareHostd; C:\ProgramData\VMware\hostd\config.xml [32681 2012-09-02] ()
  230. S2 XAMPP; C:\xampp\service.exe [60928 2007-12-21] ()
  231. S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [x]
  232. S2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [x]
  233. S3 rpcapd; "%ProgramFiles(x86)%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles(x86)%\WinPcap\rpcapd.ini" [x]
  234.  
  235. ==================== Drivers (Whitelisted) ====================
  236.  
  237. R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
  238. R3 bbcap; C:\Windows\System32\DRIVERS\bbcap.sys [4608 2013-03-17] (Windows (R) Codename Longhorn DDK provider)
  239. R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch)
  240. R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch)
  241. R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-01-23] (DT Soft Ltd)
  242. S3 etdrv; C:\Windows\etdrv.sys [25640 2013-02-17] (Windows (R) Server 2003 DDK provider)
  243. S3 gdrv; C:\Windows\gdrv.sys [25640 2013-02-17] (Windows (R) Server 2003 DDK provider)
  244. S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2013-02-17] ()
  245. R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [458584 2012-06-19] (Kaspersky Lab ZAO)
  246. R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [613720 2012-11-02] (Kaspersky Lab)
  247. R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO)
  248. R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29016 2012-09-03] (Kaspersky Lab)
  249. R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29528 2012-09-03] (Kaspersky Lab)
  250. R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54104 2012-10-18] (Kaspersky Lab)
  251. R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178008 2012-08-13] (Kaspersky Lab)
  252. R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-07-20] (ManyCam LLC)
  253. R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [29696 2012-07-20] (ManyCam LLC)
  254. S3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd)
  255. R3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [74752 2011-07-25] (Research In Motion Limited)
  256. R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44032 2011-07-20] (Research in Motion Ltd)
  257. S3 RTL85n64; C:\Windows\System32\DRIVERS\RTL85n64.sys [378368 2009-06-10] (Realtek)
  258. R0 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2012-01-12] ()
  259. R2 VMparport; C:\Windows\system32\drivers\VMparport.sys [31384 2012-08-15] (VMware, Inc.)
  260. R0 vsock; C:\Windows\System32\drivers\vsock.sys [70256 2012-07-06] (VMware, Inc.)
  261. U3 a8gu9bug; C:\Windows\System32\Drivers\a8gu9bug.sys [0 ] (Advanced Micro Devices)
  262. S3 ALSysIO; \??\C:\Users\Nath\AppData\Local\Temp\ALSysIO64.sys [x]
  263. S3 CV2K1; system32\DRIVERS\cv2k1.sys [x]
  264. S2 hcmon; \??\C:\Windows\system32\drivers\hcmon.sys [x]
  265. S3 NPF; system32\drivers\npf.sys [x]
  266. S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
  267. S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
  268. S3 VGPU; System32\drivers\rdvgkmd.sys [x]
  269.  
  270. ==================== NetSvcs (Whitelisted) ===================
  271.  
  272.  
  273. ==================== One Month Created Files and Folders ========
  274.  
  275. 2013-06-08 17:37 - 2013-06-08 17:37 - 00355651 ____A (Farbar) C:\Users\Nath\Desktop\FSS.exe
  276. 2013-06-08 17:37 - 2013-06-08 17:37 - 00000000 ____D C:\FRST
  277. 2013-06-08 17:36 - 2013-06-08 17:36 - 01919210 ____A (Farbar) C:\Users\Nath\Desktop\FRST64.exe
  278. 2013-06-08 13:51 - 2013-06-08 13:51 - 00005256 ____A C:\Users\Nath\Desktop\wscsvc.reg
  279. 2013-06-08 13:48 - 2013-06-08 13:48 - 00003364 ____A C:\Users\Nath\Desktop\firewall.reg
  280. 2013-06-07 17:36 - 2011-12-28 23:28 - 00000048 ____A C:\Users\Nath\Desktop\start_services.bat
  281. 2013-06-07 17:31 - 2011-12-29 00:42 - 00003364 ____A C:\Users\Nath\Desktop\mpssvc.reg
  282. 2013-06-07 17:31 - 2011-12-29 00:42 - 00001495 ____A C:\Users\Nath\Desktop\bfe.reg
  283. 2013-06-07 17:29 - 2013-06-07 17:29 - 00014086 ____A C:\Users\Nath\Desktop\Seven.zip
  284. 2013-06-07 17:25 - 2013-06-07 17:25 - 00000295 ____A C:\Users\Nath\Desktop\repair.bat
  285. 2013-06-07 17:08 - 2013-06-07 17:08 - 00010896 ____A C:\Users\Nath\Desktop\cc_20130607_170857.reg
  286. 2013-06-07 17:05 - 2013-06-07 17:05 - 00018296 ____A C:\Users\Nath\Desktop\cc_20130607_170542.reg
  287. 2013-06-07 16:48 - 2013-06-07 16:48 - 00006846 ____A C:\Users\Nath\Desktop\FirewallServiceFix.reg
  288. 2013-06-06 15:27 - 2013-06-06 23:48 - 00000000 ____D C:\Users\Nath\Desktop\dad
  289. 2013-05-30 20:09 - 2013-06-04 17:57 - 00000000 ____D C:\Users\Nath\Documents\Telltale Games
  290. 2013-05-27 16:07 - 2013-05-27 21:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
  291. 2013-05-26 22:40 - 2013-05-26 22:45 - 49442872 ____A C:\Users\Nath\Desktop\DM670051.WMA
  292. 2013-05-26 00:48 - 2013-05-26 00:48 - 00000092 ____A C:\Users\Nath\Desktop\xbox.txt
  293. 2013-05-25 18:23 - 2013-06-01 19:06 - 00001331 ____A C:\Users\Nath\Desktop\Codes.txt
  294. 2013-05-25 01:58 - 2013-05-25 01:58 - 00000000 ____D C:\Users\Nath\AppData\Local\Zachtronics Industries
  295. 2013-05-22 20:44 - 2013-05-22 20:44 - 00009425 ____A C:\Users\Nath\Desktop\nationaldex.sql
  296. 2013-05-19 22:58 - 2013-06-08 13:20 - 00000000 ____D C:\Users\Nath\AppData\Roaming\Bitcoin
  297. 2013-05-19 22:57 - 2013-05-19 22:57 - 00000000 ____D C:\Program Files (x86)\Bitcoin
  298. 2013-05-18 20:23 - 2013-05-18 20:24 - 00282652 ____A C:\Windows\msxml4-KB973688-enu.LOG
  299. 2013-05-18 13:36 - 2013-05-18 13:36 - 00286968 ____A C:\Windows\msxml4-KB954430-enu.LOG
  300. 2013-05-18 13:36 - 2013-05-18 13:36 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
  301. 2013-05-17 21:22 - 2013-05-17 21:23 - 00003020 ____A C:\Windows\SysWOW64\TEST.log
  302. 2013-05-17 21:22 - 2013-05-17 21:22 - 00000000 ____D C:\Users\Nath\AppData\Local\HP
  303. 2013-05-17 21:21 - 2013-05-17 22:19 - 00000000 ____D C:\Program Files (x86)\Yahoo!
  304. 2013-05-17 21:21 - 2013-05-17 21:21 - 00000000 ____D C:\Users\Nath\AppData\Roaming\Yahoo!
  305. 2013-05-17 21:20 - 2013-05-18 07:10 - 00000000 ____D C:\ProgramData\HP Product Assistant
  306. 2013-05-17 21:19 - 2013-05-17 21:20 - 00221390 ____A C:\Windows\hpoins19.dat
  307. 2013-05-17 21:19 - 2009-10-20 05:30 - 00013898 ____A C:\Windows\hpomdl19.dat
  308. 2013-05-17 20:04 - 2013-05-17 20:04 - 00000000 ____D C:\Users\Nath\Documents\Fax
  309. 2013-05-17 19:37 - 2013-05-17 19:38 - 00000000 ____D C:\Users\Nath\AppData\Roaming\yjYsj
  310. 2013-05-17 19:37 - 2013-05-17 19:37 - 00262144 ____A C:\Windows\System32\config\elam
  311. 2013-05-17 18:46 - 2013-05-17 18:46 - 00343552 ____A (Insidious Products © 2011-2013) C:\Users\Nath\Desktop\Insidious Miner Builder.exe
  312. 2013-05-16 13:42 - 2013-04-05 07:52 - 02242048 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
  313. 2013-05-16 13:42 - 2013-04-05 07:52 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
  314. 2013-05-16 13:42 - 2013-04-05 07:52 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
  315. 2013-05-16 13:42 - 2013-04-05 07:50 - 19231232 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
  316. 2013-05-16 13:42 - 2013-04-05 07:50 - 15404032 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
  317. 2013-05-16 13:42 - 2013-04-05 07:50 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
  318. 2013-05-16 13:42 - 2013-04-05 07:50 - 02647552 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
  319. 2013-05-16 13:42 - 2013-04-05 07:50 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
  320. 2013-05-16 13:42 - 2013-04-05 07:50 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
  321. 2013-05-16 13:42 - 2013-04-05 07:50 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
  322. 2013-05-16 13:42 - 2013-04-05 07:50 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
  323. 2013-05-16 13:42 - 2013-04-05 07:50 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
  324. 2013-05-16 13:42 - 2013-04-05 07:50 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
  325. 2013-05-16 13:42 - 2013-04-05 07:50 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
  326. 2013-05-16 13:42 - 2013-04-05 06:28 - 01767424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
  327. 2013-05-16 13:42 - 2013-04-05 06:28 - 01130496 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
  328. 2013-05-16 13:42 - 2013-04-05 06:26 - 14323712 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
  329. 2013-05-16 13:42 - 2013-04-05 06:26 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
  330. 2013-05-16 13:42 - 2013-04-05 06:26 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
  331. 2013-05-16 13:42 - 2013-04-05 06:26 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
  332. 2013-05-16 13:42 - 2013-04-05 06:26 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
  333. 2013-05-16 13:42 - 2013-04-05 06:26 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
  334. 2013-05-16 13:42 - 2013-04-05 06:26 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
  335. 2013-05-16 13:42 - 2013-04-05 06:26 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
  336. 2013-05-16 13:42 - 2013-04-05 06:26 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
  337. 2013-05-16 13:42 - 2013-04-05 06:26 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
  338. 2013-05-16 13:42 - 2013-04-05 06:26 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
  339. 2013-05-16 13:42 - 2013-04-05 05:43 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
  340. 2013-05-16 13:42 - 2013-04-05 05:29 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
  341. 2013-05-16 13:42 - 2013-04-05 04:51 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
  342. 2013-05-16 13:42 - 2013-04-05 04:38 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
  343. 2013-05-15 18:34 - 2013-05-16 13:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
  344. 2013-05-15 14:54 - 2013-04-10 07:01 - 00983400 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
  345. 2013-05-15 14:54 - 2013-04-10 07:01 - 00265064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
  346. 2013-05-15 14:54 - 2013-04-10 04:30 - 03153920 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
  347. 2013-05-15 14:54 - 2013-03-19 06:53 - 00230400 ____A (Microsoft Corporation) C:\Windows\System32\wwansvc.dll
  348. 2013-05-15 14:54 - 2013-03-19 06:53 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\wwanprotdim.dll
  349. 2013-05-15 14:54 - 2013-02-27 07:02 - 00111448 ____A (Microsoft Corporation) C:\Windows\System32\consent.exe
  350. 2013-05-15 14:54 - 2013-02-27 06:52 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
  351. 2013-05-15 14:54 - 2013-02-27 06:52 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\shdocvw.dll
  352. 2013-05-15 14:54 - 2013-02-27 06:48 - 01930752 ____A (Microsoft Corporation) C:\Windows\System32\authui.dll
  353. 2013-05-15 14:54 - 2013-02-27 06:47 - 00070144 ____A (Microsoft Corporation) C:\Windows\System32\appinfo.dll
  354. 2013-05-15 14:54 - 2013-02-27 05:55 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
  355. 2013-05-15 14:54 - 2013-02-27 05:55 - 00180224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
  356. 2013-05-15 14:54 - 2013-02-27 05:49 - 01796096 ____A (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
  357. 2013-05-15 14:54 - 2011-02-03 12:25 - 00144384 ____A (Microsoft Corporation) C:\Windows\System32\cdd.dll
  358. 2013-05-13 17:15 - 2013-05-13 17:15 - 00000000 ____D C:\Windows\en-gb
  359. 2013-05-13 17:13 - 2013-05-13 17:13 - 00000020 ____A C:\Windows\`÷
  360. 2013-05-13 17:12 - 2013-05-13 17:13 - 00000000 ____D C:\Program Files (x86)\Windows Live
  361. 2013-05-13 17:11 - 2013-05-26 16:08 - 00000000 ____D C:\Users\Nath\AppData\Local\Windows Live
  362. 2013-05-09 16:56 - 2013-05-09 16:56 - 00000000 ____D C:\Users\Nath\Desktop\New folder
  363. 2013-05-09 14:32 - 2013-05-09 14:33 - 18982275 ____A C:\Users\Nath\Desktop\Tekkit_Server_v1.0.5.zip
  364.  
  365. ==================== One Month Modified Files and Folders =======
  366.  
  367. 2013-06-08 17:37 - 2013-06-08 17:37 - 00355651 ____A (Farbar) C:\Users\Nath\Desktop\FSS.exe
  368. 2013-06-08 17:37 - 2013-06-08 17:37 - 00000000 ____D C:\FRST
  369. 2013-06-08 17:36 - 2013-06-08 17:36 - 01919210 ____A (Farbar) C:\Users\Nath\Desktop\FRST64.exe
  370. 2013-06-08 17:32 - 2012-01-31 13:50 - 00000000 ____D C:\Users\Nath\AppData\Roaming\Skype
  371. 2013-06-08 17:31 - 2012-03-04 20:58 - 00000904 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3816251970-4049245327-4062177994-1000UA.job
  372. 2013-06-08 17:15 - 2013-04-03 17:56 - 00000000 ____D C:\ProgramData\Kaspersky Lab
  373. 2013-06-08 17:07 - 2013-03-04 17:26 - 00000830 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
  374. 2013-06-08 15:38 - 2009-07-14 06:13 - 00791328 ____A C:\Windows\System32\PerfStringBackup.INI
  375. 2013-06-08 14:00 - 2009-07-14 05:45 - 00021296 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  376. 2013-06-08 14:00 - 2009-07-14 05:45 - 00021296 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  377. 2013-06-08 13:57 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\System32\FxsTmp
  378. 2013-06-08 13:55 - 2012-01-07 20:27 - 00000000 ____D C:\Users\Nath\AppData\Roaming\VMware
  379. 2013-06-08 13:54 - 2012-01-07 20:27 - 00000000 ____D C:\Users\Nath\AppData\Local\VMware
  380. 2013-06-08 13:53 - 2013-03-18 11:23 - 00000031 ____A C:\Windows\System32\bbcap.err
  381. 2013-06-08 13:53 - 2013-01-02 13:30 - 00032354 ____A C:\Windows\setupact.log
  382. 2013-06-08 13:53 - 2012-01-29 13:45 - 00000000 ____D C:\ProgramData\Kodak
  383. 2013-06-08 13:53 - 2012-01-11 22:08 - 00000000 ____D C:\Users\Nath\AppData\Roaming\Dropbox
  384. 2013-06-08 13:53 - 2012-01-08 22:10 - 00000000 ____D C:\ProgramData\NVIDIA
  385. 2013-06-08 13:53 - 2012-01-07 20:24 - 00000000 ____D C:\ProgramData\VMware
  386. 2013-06-08 13:53 - 2009-07-14 06:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
  387. 2013-06-08 13:52 - 2012-05-27 00:21 - 01293508 ____A C:\Windows\WindowsUpdate.log
  388. 2013-06-08 13:51 - 2013-06-08 13:51 - 00005256 ____A C:\Users\Nath\Desktop\wscsvc.reg
  389. 2013-06-08 13:48 - 2013-06-08 13:48 - 00003364 ____A C:\Users\Nath\Desktop\firewall.reg
  390. 2013-06-08 13:20 - 2013-05-19 22:58 - 00000000 ____D C:\Users\Nath\AppData\Roaming\Bitcoin
  391. 2013-06-08 13:12 - 2013-03-24 00:22 - 00000000 ____D C:\ProgramData\boost_interprocess
  392. 2013-06-08 13:07 - 2012-01-07 21:39 - 00000000 ____D C:\Users\Nath\AppData\Local\Adobe
  393. 2013-06-07 17:47 - 2012-06-14 19:32 - 00000438 ____A C:\Windows\System32\Drivers\etc\hosts.ics
  394. 2013-06-07 17:36 - 2012-01-07 22:32 - 00000000 ____D C:\Program Files (x86)\Opera
  395. 2013-06-07 17:29 - 2013-06-07 17:29 - 00014086 ____A C:\Users\Nath\Desktop\Seven.zip
  396. 2013-06-07 17:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\System32\NDF
  397. 2013-06-07 17:25 - 2013-06-07 17:25 - 00000295 ____A C:\Users\Nath\Desktop\repair.bat
  398. 2013-06-07 17:08 - 2013-06-07 17:08 - 00010896 ____A C:\Users\Nath\Desktop\cc_20130607_170857.reg
  399. 2013-06-07 17:05 - 2013-06-07 17:05 - 00018296 ____A C:\Users\Nath\Desktop\cc_20130607_170542.reg
  400. 2013-06-07 17:04 - 2013-01-02 00:20 - 00000000 ____D C:\Program Files\CCleaner
  401. 2013-06-07 16:48 - 2013-06-07 16:48 - 00006846 ____A C:\Users\Nath\Desktop\FirewallServiceFix.reg
  402. 2013-06-07 16:14 - 2012-01-08 16:01 - 00000000 ____D C:\Users\Nath\AppData\Roaming\Spotify
  403. 2013-06-07 16:14 - 2012-01-08 16:01 - 00000000 ____D C:\Users\Nath\AppData\Local\Spotify
  404. 2013-06-06 23:48 - 2013-06-06 15:27 - 00000000 ____D C:\Users\Nath\Desktop\dad
  405. 2013-06-05 18:31 - 2012-03-04 20:58 - 00000852 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3816251970-4049245327-4062177994-1000Core.job
  406. 2013-06-04 17:57 - 2013-05-30 20:09 - 00000000 ____D C:\Users\Nath\Documents\Telltale Games
  407. 2013-06-02 15:13 - 2012-12-07 23:28 - 00000000 ____D C:\Users\Nath\AppData\Roaming\uTorrent
  408. 2013-06-02 01:07 - 2012-01-22 01:31 - 00000000 ____D C:\Users\Nath\AppData\Roaming\FileZilla
  409. 2013-06-01 19:06 - 2013-05-25 18:23 - 00001331 ____A C:\Users\Nath\Desktop\Codes.txt
  410. 2013-05-31 17:47 - 2013-03-03 19:05 - 00000000 ____D C:\Users\Nath\AppData\Roaming\.technic
  411. 2013-05-30 23:24 - 2013-01-17 13:10 - 00000000 ____D C:\Users\Nath\AppData\Roaming\vlc
  412. 2013-05-30 21:24 - 2013-03-03 19:02 - 02476224 ____A () C:\Users\Nath\Desktop\TechnicLauncher.exe
  413. 2013-05-30 20:09 - 2013-01-14 14:59 - 00061396 ____A C:\Windows\DirectX.log
  414. 2013-05-29 15:06 - 2012-01-07 23:26 - 00000000 ____D C:\Users\Nath\AppData\Roaming\abgx360
  415. 2013-05-27 21:06 - 2013-05-27 16:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
  416. 2013-05-27 21:06 - 2012-01-08 15:24 - 00000000 ____D C:\Program Files (x86)\JDownloader
  417. 2013-05-26 23:51 - 2012-01-20 19:02 - 00007613 ____A C:\Users\Nath\AppData\Local\Resmon.ResmonCfg
  418. 2013-05-26 22:45 - 2013-05-26 22:40 - 49442872 ____A C:\Users\Nath\Desktop\DM670051.WMA
  419. 2013-05-26 16:08 - 2013-05-13 17:11 - 00000000 ____D C:\Users\Nath\AppData\Local\Windows Live
  420. 2013-05-26 00:48 - 2013-05-26 00:48 - 00000092 ____A C:\Users\Nath\Desktop\xbox.txt
  421. 2013-05-25 01:58 - 2013-05-25 01:58 - 00000000 ____D C:\Users\Nath\AppData\Local\Zachtronics Industries
  422. 2013-05-24 22:50 - 2012-10-31 18:17 - 00000000 ___RD C:\Program Files (x86)\Skype
  423. 2013-05-24 22:50 - 2012-01-31 13:50 - 00000000 ____D C:\ProgramData\Skype
  424. 2013-05-22 20:44 - 2013-05-22 20:44 - 00009425 ____A C:\Users\Nath\Desktop\nationaldex.sql
  425. 2013-05-21 19:52 - 2012-10-02 15:18 - 00000000 ____D C:\Users\Nath\AppData\Local\Eclipse
  426. 2013-05-21 19:52 - 2012-10-02 14:58 - 00000000 ____D C:\Program Files\Eclipse
  427. 2013-05-19 22:57 - 2013-05-19 22:57 - 00000000 ____D C:\Program Files (x86)\Bitcoin
  428. 2013-05-19 16:58 - 2013-04-06 17:55 - 00000000 ____D C:\Users\Nath\AppData\Roaming\Litecoin
  429. 2013-05-18 20:24 - 2013-05-18 20:23 - 00282652 ____A C:\Windows\msxml4-KB973688-enu.LOG
  430. 2013-05-18 18:07 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
  431. 2013-05-18 13:36 - 2013-05-18 13:36 - 00286968 ____A C:\Windows\msxml4-KB954430-enu.LOG
  432. 2013-05-18 13:36 - 2013-05-18 13:36 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
  433. 2013-05-18 07:10 - 2013-05-17 21:20 - 00000000 ____D C:\ProgramData\HP Product Assistant
  434. 2013-05-18 07:10 - 2012-11-13 15:43 - 00000000 ____D C:\ProgramData\HP
  435. 2013-05-18 07:10 - 2012-06-16 10:58 - 00000000 ____D C:\Users\Nath\AppData\Roaming\puush
  436. 2013-05-18 07:10 - 2012-04-09 20:46 - 00000000 ____D C:\Windows\SysWOW64\spool
  437. 2013-05-18 07:10 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
  438. 2013-05-17 22:21 - 2013-01-02 13:29 - 00018558 ____A C:\Windows\PFRO.log
  439. 2013-05-17 22:20 - 2012-11-13 15:58 - 00014924 ____A C:\ProgramData\hpzinstall.log
  440. 2013-05-17 22:19 - 2013-05-17 21:21 - 00000000 ____D C:\Program Files (x86)\Yahoo!
  441. 2013-05-17 22:11 - 2012-01-07 19:39 - 00111448 ____A C:\Users\Nath\AppData\Local\GDIPFONTCACHEV1.DAT
  442. 2013-05-17 22:11 - 2012-01-07 19:07 - 00000000 ____D C:\users\Nath
  443. 2013-05-17 21:27 - 2009-07-14 05:45 - 05044624 ____A C:\Windows\System32\FNTCACHE.DAT
  444. 2013-05-17 21:23 - 2013-05-17 21:22 - 00003020 ____A C:\Windows\SysWOW64\TEST.log
  445. 2013-05-17 21:22 - 2013-05-17 21:22 - 00000000 ____D C:\Users\Nath\AppData\Local\HP
  446. 2013-05-17 21:21 - 2013-05-17 21:21 - 00000000 ____D C:\Users\Nath\AppData\Roaming\Yahoo!
  447. 2013-05-17 21:20 - 2013-05-17 21:19 - 00221390 ____A C:\Windows\hpoins19.dat
  448. 2013-05-17 20:04 - 2013-05-17 20:04 - 00000000 ____D C:\Users\Nath\Documents\Fax
  449. 2013-05-17 19:38 - 2013-05-17 19:37 - 00000000 ____D C:\Users\Nath\AppData\Roaming\yjYsj
  450. 2013-05-17 19:37 - 2013-05-17 19:37 - 00262144 ____A C:\Windows\System32\config\elam
  451. 2013-05-17 18:46 - 2013-05-17 18:46 - 00343552 ____A (Insidious Products © 2011-2013) C:\Users\Nath\Desktop\Insidious Miner Builder.exe
  452. 2013-05-16 13:45 - 2012-03-14 14:16 - 00000039 ____A C:\Windows\vbaddin.ini
  453. 2013-05-16 13:45 - 2012-01-07 20:23 - 00000000 ____D C:\ProgramData\Microsoft Help
  454. 2013-05-16 13:44 - 2012-01-08 22:05 - 75016696 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
  455. 2013-05-16 13:38 - 2013-05-15 18:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
  456. 2013-05-15 16:07 - 2012-11-22 16:33 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
  457. 2013-05-15 16:07 - 2012-10-11 23:56 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
  458. 2013-05-15 15:07 - 2012-06-16 10:58 - 00000000 ____D C:\Program Files (x86)\puush
  459. 2013-05-13 17:15 - 2013-05-13 17:15 - 00000000 ____D C:\Windows\en-gb
  460. 2013-05-13 17:13 - 2013-05-13 17:13 - 00000020 ____A C:\Windows\`÷
  461. 2013-05-13 17:13 - 2013-05-13 17:12 - 00000000 ____D C:\Program Files (x86)\Windows Live
  462. 2013-05-13 17:13 - 2012-01-07 20:26 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
  463. 2013-05-13 17:13 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
  464. 2013-05-13 15:29 - 2012-10-01 23:37 - 00000000 ____D C:\Users\Nath\Documents\Outlook Files
  465. 2013-05-12 12:01 - 2012-12-07 23:29 - 00000000 ____D C:\Program Files (x86)\uTorrent
  466. 2013-05-09 16:56 - 2013-05-09 16:56 - 00000000 ____D C:\Users\Nath\Desktop\New folder
  467. 2013-05-09 16:35 - 2013-04-24 22:31 - 00000000 ____D C:\Users\Nath\Desktop\Tekkit Lite Backup
  468. 2013-05-09 14:33 - 2013-05-09 14:32 - 18982275 ____A C:\Users\Nath\Desktop\Tekkit_Server_v1.0.5.zip
  469.  
  470. Files to move or delete:
  471. ====================
  472. C:\ProgramData\ntuser.dat
  473.  
  474. ==================== Bamital & volsnap Check =================
  475.  
  476. C:\Windows\System32\winlogon.exe => MD5 is legit
  477. C:\Windows\System32\wininit.exe => MD5 is legit
  478. C:\Windows\SysWOW64\wininit.exe => MD5 is legit
  479. C:\Windows\explorer.exe => MD5 is legit
  480. C:\Windows\SysWOW64\explorer.exe => MD5 is legit
  481. C:\Windows\System32\svchost.exe => MD5 is legit
  482. C:\Windows\SysWOW64\svchost.exe => MD5 is legit
  483. C:\Windows\System32\services.exe => MD5 is legit
  484. C:\Windows\System32\User32.dll => MD5 is legit
  485. C:\Windows\SysWOW64\User32.dll => MD5 is legit
  486. C:\Windows\System32\userinit.exe => MD5 is legit
  487. C:\Windows\SysWOW64\userinit.exe => MD5 is legit
  488. C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
  489.  
  490.  
  491. LastRegBack: 2013-06-05 12:16
  492.  
  493. ==================== End Of Log ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!