API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 8th, 2015
209
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 20.40 KB | None | 0 0
raw download clone embed print report
  1.  
  2. ZA-Scan V1.0.0.4 Updated 04-May-2015
  3. Tool run by HE-SERIES on 08/07/2015 at 22:12:14,41.
  4. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
  5. Running in: Normal Mode Internet Access Detected
  6. Launched: C:\Users\HE-SERIES\Downloads\ZA-Scan.exe [Z-Analyse Scan]
  7.  
  8. ==== Running Processes ======================
  9.  
  10. C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
  11. C:\Program Files\AVAST Software\Avast\AvastSvc.exe
  12. C:\Program Files\AVAST Software\Avast\afwServ.exe
  13. C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
  14. C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
  15. C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
  16. C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
  17. C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
  18. C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
  19. C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
  20. C:\Program Files (x86)\Steam\Steam.exe
  21. C:\Program Files (x86)\Internet Download Manager\IDMan.exe
  22. C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
  23. C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
  24. C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
  25. C:\Program Files\AVAST Software\Avast\AvastUI.exe
  26. C:\Program Files (x86)\Common Files\Steam\SteamService.exe
  27. C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
  28. C:\Program Files (x86)\PostgreSQL\9.1\bin\pg_ctl.exe
  29. C:\Program Files (x86)\PostgreSQL\9.1\bin\postgres.exe
  30. C:\Program Files (x86)\PostgreSQL\9.1\bin\postgres.exe
  31. C:\Program Files (x86)\PostgreSQL\9.1\bin\postgres.exe
  32. C:\Program Files (x86)\PostgreSQL\9.1\bin\postgres.exe
  33. C:\Program Files (x86)\PostgreSQL\9.1\bin\postgres.exe
  34. C:\Program Files (x86)\PostgreSQL\9.1\bin\postgres.exe
  35. C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe
  36. C:\Program Files (x86)\Deluge\deluge.exe
  37. C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
  38. C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\DiskDefrag.exe
  39. C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASCService.exe
  40. C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\Monitor.exe
  41. C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASCTray.exe
  42. C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ascavsvc.exe
  43. C:\Users\HE-SERIES\Downloads\ZA-Scan.exe
  44. C:\Windows\SysWOW64\cmd.exe
  45. C:\Windows\SysWOW64\cmd.exe
  46. C:\Windows\SysWOW64\cmd.exe
  47. C:\Users\HE-SER~1\AppData\Local\Temp\ZAScan.exe
  48.  
  49. ==== Startup Registry Enabled ======================
  50.  
  51. [HKEY_USERS\S-1-5-21-1265006527-657244115-245952074-1000\Software\Microsoft\Windows\CurrentVersion\Run]
  52. "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"
  53. "DAEMON Tools Ultra Agent"="C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe -autorun"
  54. "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
  55. "IDMan"="C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot"
  56. "Hide.me"="C:\Program Files (x86)\HideMe.ru VPN\Start.exe"
  57. "Advanced SystemCare Ultimate"="C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASCTray.exe /Auto"
  58.  
  59. [HKEY_USERS\S-1-5-21-1265006527-657244115-245952074-1001\Software\Microsoft\Windows\CurrentVersion\Run]
  60. "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
  61.  
  62. [HKEY_USERS\S-1-5-21-1265006527-657244115-245952074-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce]
  63. "mctadmin"="C:\Windows\System32\mctadmin.exe"
  64.  
  65. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  66. "FireStormStartUpAutoRun"="C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe"
  67. "LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start"
  68. "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
  69. "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
  70. "Lightshot"="C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe"
  71.  
  72. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  73. "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"
  74. "DAEMON Tools Ultra Agent"="C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe -autorun"
  75. "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
  76. "IDMan"="C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot"
  77. "Hide.me"="C:\Program Files (x86)\HideMe.ru VPN\Start.exe"
  78. "Advanced SystemCare Ultimate"="C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASCTray.exe /Auto"
  79.  
  80. ==== Startup Registry Enabled x64 ======================
  81.  
  82. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  83. "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
  84. "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
  85. "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
  86.  
  87. ==== Startup Registry Disabled x64 ======================
  88.  
  89. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
  90.  
  91. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MyComGames]
  92. "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
  93. "item"="MyComGames"
  94. "hkey"="HKCU"
  95. "command"="\"C:\\Users\\HE-SERIES\\AppData\\Local\\MyComGames\\MyComGames.exe\" -autostart"
  96.  
  97. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
  98. "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
  99. "item"="SunJavaUpdateSched"
  100. "hkey"="HKLM"
  101.  
  102.  
  103. ==== Task Scheduler Jobs ======================
  104.  
  105. C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09/06/2015 17:06]
  106. C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09/06/2015 17:06]
  107. C:\Windows\tasks\update-S-1-5-21-1265006527-657244115-245952074-1000.job --a------ C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [28/11/2014 13:29]
  108. C:\Windows\tasks\update-sys.job --a------ C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [28/11/2014 13:29]
  109.  
  110. ==== Other Scheduled Tasks ======================
  111.  
  112. "C:\Windows\SysNative\tasks\ASCU8_PerformanceMonitor" [C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\Monitor.exe]
  113. "C:\Windows\SysNative\tasks\ASCU8_SkipUac_HE-SERIES" [C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASC.exe /SkipUac]
  114. "C:\Windows\SysNative\tasks\Driver Booster Scan" [C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe]
  115. "C:\Windows\SysNative\tasks\Driver Booster SkipUAC (HE-SERIES)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe]
  116. "C:\Windows\SysNative\tasks\Driver Booster Update" [C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe]
  117. "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
  118. "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
  119. "C:\Windows\SysNative\tasks\Uninstaller_SkipUac_HE-SERIES" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe]
  120. "C:\Windows\SysNative\tasks\update-S-1-5-21-1265006527-657244115-245952074-1000" [C:\Program Files (x86)\Skillbrains\Updater\Updater.exe]
  121. "C:\Windows\SysNative\tasks\update-sys" [C:\Program Files (x86)\Skillbrains\Updater\Updater.exe]
  122. "C:\Windows\SysNative\tasks\{257BC4AA-1713-4299-9769-03438FA35F9C}" [C:\Users\HE-SERIES\Desktop\cleanup_tool.exe]
  123. "C:\Windows\SysNative\tasks\{50310373-D2E7-451F-9CB3-BC7EC899D784}" [C:\Users\HE-SERIES\Downloads\setup.exe]
  124. "C:\Windows\SysNative\tasks\{B2D4C5DC-674E-4A6F-AB9A-9F1D6D62CF21}" [C:\Users\HE-SERIES\Desktop\cleanup_tool.exe]
  125. "C:\Windows\SysNative\tasks\{BB054385-C4E3-4AE5-A21C-104AC0917CE5}" [C:\Users\HE-SERIES\Desktop\cleanup_tool.exe]
  126. "C:\Windows\SysNative\tasks\{C494BC80-4FA0-4CB1-A789-741F9C6562E8}" [C:\Users\HE-SERIES\Desktop\cleanup_tool.exe]
  127. "C:\Windows\SysNative\tasks\ASUS\ASUS SIX Engine" [C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe]
  128.  
  129. ==== Firefox Extensions Registry ======================
  130.  
  131. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
  132. "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [04/07/2015 21:11]
  133. [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
  134. "mozilla_cc@internetdownloadmanager.com"="C:\Users\HE-SERIES\AppData\Roaming\IDM\idmmzcc5" [06/07/2015 13:23]
  135.  
  136. ==== Firefox Extensions ======================
  137.  
  138. ProfilePath: C:\Users\HE-SER~1\AppData\Roaming\Mozilla\Firefox\Profiles\b705q8kd.default
  139. - iMacros for Firefox - C:\Users\HE-SERIES\AppData\Roaming\Mozilla\Firefox\Profiles\b705q8kd.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
  140. - Advanced SystemCare Surfing Protection - C:\Users\HE-SERIES\AppData\Roaming\Mozilla\Firefox\Profiles\b705q8kd.default\extensions\iobitascsurfingprotection@iobit.com
  141. - Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\iobitascsurfingprotection@iobit.com
  142. - iMacros for Firefox - %ProfilePath%\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
  143. - Skip adf.ly skip - %ProfilePath%\extensions\jid1-nSEySa4aWGanbw@jetpack.xpi
  144.  
  145. AppDir: C:\Program Files (x86)\Mozilla Firefox
  146. - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
  147. - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
  148. - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
  149.  
  150. ==== Firefox Plugins ======================
  151.  
  152. Profilepath: C:\Users\HE-SERIES\AppData\Roaming\Mozilla\Firefox\Profiles\b705q8kd.default
  153. A523A2E4302AEB68B53F691A5C0DDE06 - C:\Users\HE-SERIES\AppData\Local\MyComGames\npmycomdetector.dll - My.com Games Detector
  154.  
  155.  
  156. ==== Chromium Look ======================
  157.  
  158. Google Chrome Version: 43.0.2357.132
  159.  
  160. HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
  161. gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[04/07/2015 21:11]
  162.  
  163. Google Slides - HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
  164. Google Docs - HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
  165. Google Drive - HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
  166. YouTube - HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
  167. Google Search - HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
  168. Tampermonkey - HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo
  169. Google Sheets - HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
  170. AdBlock - HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
  171. Hola Better Internet - HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio
  172. Avast Online Security - HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
  173. Chrome Hotword Shared Module - HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
  174. Google Wallet - HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
  175. Gmail - HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
  176.  
  177. ==== Chromium Startpages ======================
  178.  
  179. C:\Users\HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Preferences
  180. l_permissions":["background"],"permissions":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate","*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/chromenow/v1/*","https://*.googleapis.com/gcm/*","https://*.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.124\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true,"active_permissions":{"api":["notifications"],"manifest_permissions":[]},"app_launcher_ordinal":"yn","commands":{},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13078354069243656","lastpingday":"13080812398550926","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"pt_BR","default_locale":"en","description":"E-mail rápido e pesquisável com menos spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"C0F4C03E0AC9B34B2754454764562740FBF64622F826B0C4EC2FDF710FC167D6"},"default_search_provider":{"keyword":"A6DE7EEF2FA5501C4B7DD0E1C6EDE9585862CA5B7976D2F4CFE1A3785E429EE1","name":"19CD746090D41A0FDAF39F3E0246ABBFDDEEBE65334636FF2FBB834ABD94C946","search_url":"E1DDA63B5594CBE23D9A833C684928B8BC262AF89A4696FE284B31B5B3F02C98"},"default_search_provider_data":{"template_url_data":"475D7B8DDC50489328857E5B179E6C292751537599140D95181253C84058DC82"},"extensions":{"settings":{"aapocclcgogkmnckokdopfmhonfmgoek":"951D0E303D4F81E10887FA3FD0A95028BD99BEACB9CE08096653D5AB12DDEACB","ahfgeienlihckogmohjhadlkjgocpleb":"ADA2B22D97348016B17373D0EFA0067AE209CBBEC713B32633798E80441212CF","aohghmighlieiainnegkcijnfilokake":"F0EC1384C4CFF83355FE5EB273158479228F3ADBA9FE4767E09D67AB26989558","apdfllckaahabafndbhieahigkjlhalf":"E57EBDAD2028D62B7FC797C49DDBF60EBD10F1DFF0CE3798BFC20C1A4DE98A4C","bepbmhgboaologfdajaanbcjmnhjmhfn":"A5E238A7CDF958B9061551EDD8C2AB893856177EA4FC93DDA1AD29914CC2A295","blpcfgokakmgnkcojhhkbfbldkacnbeo":"4D8575F076CAEB778BFDD2288BC551D614F857AC02AAFDCCE0659BA080448953","coobgpohoikkiipiblmjeljniedjpjpf":"96673E800BA34546B7528508D369F35D093F515FB8D0EDFD5E9B2C445A45C578","dhdgffkkebhmkfjojejmpbldmpobfkfo":"2C80890D5CF177F3A683306C49CBE40AF5687A67646F5150EB46E29B959BF98A","eemcgdkfndhakfknompkggombfjjjeno":"56E9B48B4C644EF53E2CFA09CD9714746CC0C696FC81E1B1A54CC263109DA234","ennkphjdgehloodpbhlhldgbnhmacadg":"B7D16CE713A35B79F44F13E222AF7F40743FAA9075CC6C1F5A4ADA115A28D297","felcaaldnbdncclmgdcncolpebgiejap":"6D989DE023062C4E3E638EE31C6A459BDCCAFD4931EF91C76C07270728E76922","gfdkimpbcpahaombhbimeihdjnejgicl":"B8B2A5BC3664DD9B0A17C7662B1136F5A41604B5D21F2861A6310AACCB02191A","gighmmpiobklfepjocnamgkkbiglidom":"F4E012779AEC9B3CEEE0F98CE33C8609EFE5BD6C8356641E621B143A0F8B3AD6","gkojfkhlekighikafcpjkiklfbnlmeio":"018021097E4773A56A9C19F82E77A7FE93F64E6C8FFE12D130A494BDE2CDA303","gomekmidlodglbbmalcneegieacbdmki":"7E1CB57B4E24BB25A5109FC283F3A0BDEFC7DDE8A5F4E6C7D6D7855B009C61AB","kmendfapggjehodndflmmgagdbamhnfd":"E1369CDBD92D972BD5F12030AF2779A5E5F89623CEBE7920E2C29FA3EB0D9EC4","lccekmodgklaepjeofjdjpbminllajkg":"5C8F65D2EEC4EE3CFCA00D4CEA82DB4E4A1B517DC376BF01EE9BDC21959BCBBE","mfehgcgbbipciphmccgaenjidiccnmng":"549924532E51389403943D0CAE6ABE3D57CC6C0E127DE55454E06797FA1A91DE","mfffpogegjflfpflabcdkioaeobkgjik":"2E1DE85BC73E57DD61DA95BB7C22DC3861A2901C2F447AE2C3C4741A8FF89796","mgndgikekgjfcpckkfioiadnlibdjbkf":"4FCCB4F20085A2C6286774F783090C6BF4DEE9DE9DE03331095B801EE10AFC30","mhjfbmdgcfjbbpaeojofohoefgiehjai":"E1478A2DFF8E33921BDE71102EBE83BB9E81D523865EA1B5263AC08AD9036DBE","nbpagnldghgfoolbancepceaanlmhfmd":"766921A72CACD62144DDE987125A5ED29A73455CB790A50BABC6B9618984C598","neajdppkdcdipfabeoofebfddakdcjhd":"F794F8E35B17D5F218CA9C762CBB3AFCBE66670395C8C26E66538DCA2F5EB2F8","nkeimhogjdpnpccoofpliimaahmaaome":"D5C71B624BB4FED4693BA82182B0D626C01C19F5B4E7F39C36603046E716CDED","nmmhkkegccagdldgiimedpiccmgmieda":"B86896240111923792556231A1FDF50C72629F60EDFBD898ABF2DDBE3B20F369","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"9B4E0D0BED2EF146F12FA82B9B41CC8787DD7A496A775E1EA1209C3AEB76F69F","pjkljhegncpnkpknbcohdijeoejaedia":"83DE67ABFC8C6FF2F5B9F625B0DFA74B3C39162571057045D873E8A3461D28AC"}},"google":{"services":{"last_username":"893A77CB9334028999F2602DCD8F455D1BF330BCA42B0CF467853BCE6A2CCEB5","username":"E0449580A46CCC5C85A4D16B71CBC72F71756BB93664373705022013B2B11F0E"}},"homepage":"7DB292E5A046EC2FC22C85D412B3B72C3588686018F2551752789E44A369DA91","homepage_is_newtabpage":"175768EC06A27DB8F2063F71D50FF8B6BA512348F0DF1C4CADE03FC2B2D5D747","pinned_tabs":"4615B13E8072568ED6BD674AB0BC8410386E21E9130F4E70DCB350040F2B0DBD","prefs":{"preference_reset_time":"21C949C21805EB6AB0667D605431B21D1F807ECAAE81D0C6725E46D3780CE636"},"profile":{"reset_prompt_memento":"4AE6393806C134D8FA6A6B1135E979B488B7AEF5649B8DD7161C4824DA621451"},"safebrowsing":{"incidents_sent":"893FE3DC7256D412DAD2257BF01D5002B66F4818B6B09FB8C7DE5E8A66389D3B"},"search_provider_overrides":"C2A26FBE319CEDB1C935126998DF75C8518F75A51C086A94BFBE5CA3582B3284","session":{"restore_on_startup":"4F0DF57859D7621E61A8408A53550C25087A2834FD180648D567586B44F40724","startup_urls":"9CE6736669F204C56EA5507092244D91203FB4B9EEBBC31BBFCC2C05056B81BB"},"software_reporter":{"prompt_reason":"F777A7321026E62BC819C2177A3E129C2F48509E7D9BC93C948BA4FEA5E25510","prompt_seed":"271D665927229C958D392F09852C42943AACF308F5082B8718580D1F0034463F","prompt_version":"387FC532AA13FC9780A5E211D67279F4EC085D28CD36DDBAA0E7D939D39538BF"},"sync":{"remaining_rollback_tries":"5C5848267C0F7641FD0EFA9E419DC1AF9589A20367948928D221EBE8B91D8E1A"}},"super_mac":"3FC18815F203EC58CEF3F840DEDC27C703FDA4E85A5F3CEC3D999B6E4D158C3A"}}
  181.  
  182.  
  183. ==== IE Start and Search Settings ======================
  184.  
  185. [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
  186. "Start Page"="http://www.msn.com/?ocid=iehp"
  187. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
  188. "Tabs"="res://ieframe.dll/tabswelcome.htm"
  189. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
  190. "Tabs"="res://ieframe.dll/tabswelcome.htm"
  191. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
  192. "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
  193. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found
  194.  
  195. ==== HijackThis Entries ======================
  196.  
  197. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
  198. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  199. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  200. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  201. R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8888;https=127.0.0.1:8888;
  202. R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
  203. O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
  204. O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
  205. O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
  206. O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
  207. O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
  208. O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
  209. O17 - HKLM\System\CCS\Services\Tcpip\..\{0DF6C163-4640-4CEA-B2C3-ABD7A33E2D53}: NameServer = 4.2.2.1,4.2.2.2
  210. O17 - HKLM\System\CS1\Services\Tcpip\..\{0DF6C163-4640-4CEA-B2C3-ABD7A33E2D53}: NameServer = 4.2.2.1,4.2.2.2
  211. O17 - HKLM\System\CS2\Services\Tcpip\..\{0DF6C163-4640-4CEA-B2C3-ABD7A33E2D53}: NameServer = 4.2.2.1,4.2.2.2
  212.  
  213. ==== EOF on 08/07/2015 at 22:13:20,26 ======================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!