API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 9th, 2015
356
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 20.17 KB | None | 0 0
raw download clone embed print report
  1.  
  2. ZA-Scan V1.0.0.4 Updated 04-May-2015
  3. Tool run by HE-SERIES on 08/07/2015 at 22:35:13,71.
  4. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64
  5. Running in: Normal Mode Internet Access Detected
  6. Launched: C:\Users\HE-SERIES\Desktop\ZA-Scan.exe [Z-Analyse Scan]
  7.  
  8. ==== Running Processes ======================
  9.  
  10. C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
  11. C:\Program Files\AVAST Software\Avast\AvastSvc.exe
  12. C:\Program Files\AVAST Software\Avast\afwServ.exe
  13. C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
  14. C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
  15. C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
  16. C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
  17. C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
  18. C:\Program Files (x86)\DAEMON Tools Ultra\DiscSoftBusService.exe
  19. C:\Program Files (x86)\PostgreSQL\9.1\bin\pg_ctl.exe
  20. C:\Program Files (x86)\PostgreSQL\9.1\bin\postgres.exe
  21. C:\Program Files (x86)\PostgreSQL\9.1\bin\postgres.exe
  22. C:\Program Files (x86)\PostgreSQL\9.1\bin\postgres.exe
  23. C:\Program Files (x86)\PostgreSQL\9.1\bin\postgres.exe
  24. C:\Program Files (x86)\PostgreSQL\9.1\bin\postgres.exe
  25. C:\Program Files (x86)\PostgreSQL\9.1\bin\postgres.exe
  26. C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASCService.exe
  27. C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ascavsvc.exe
  28. C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\Monitor.exe
  29. C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
  30. C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
  31. C:\Program Files (x86)\Skype\Phone\Skype.exe
  32. C:\Program Files (x86)\Internet Download Manager\IDMan.exe
  33. C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASCTray.exe
  34. C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
  35. C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
  36. C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
  37. C:\Program Files\AVAST Software\Avast\AvastUI.exe
  38. C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe
  39. C:\Users\HE-SERIES\Desktop\ZA-Scan.exe
  40. C:\Windows\SysWOW64\cmd.exe
  41. C:\Windows\SysWOW64\cmd.exe
  42. C:\Windows\SysWOW64\cmd.exe
  43. C:\Users\HE-SER~1\AppData\Local\Temp\ZAScan.exe
  44.  
  45. ==== Startup Registry Enabled ======================
  46.  
  47. [HKEY_USERS\S-1-5-21-1265006527-657244115-245952074-1000\Software\Microsoft\Windows\CurrentVersion\Run]
  48. "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"
  49. "DAEMON Tools Ultra Agent"="C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe -autorun"
  50. "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
  51. "IDMan"="C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot"
  52. "Hide.me"="C:\Program Files (x86)\HideMe.ru VPN\Start.exe"
  53. "Advanced SystemCare Ultimate"="C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASCTray.exe /Auto"
  54.  
  55. [HKEY_USERS\S-1-5-21-1265006527-657244115-245952074-1001\Software\Microsoft\Windows\CurrentVersion\Run]
  56. "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
  57.  
  58. [HKEY_USERS\S-1-5-21-1265006527-657244115-245952074-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce]
  59. "mctadmin"="C:\Windows\System32\mctadmin.exe"
  60.  
  61. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  62. "FireStormStartUpAutoRun"="C:\Program Files (x86)\ZotacFireStorm\FireStorm.exe"
  63. "LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start"
  64. "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
  65. "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
  66. "Lightshot"="C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe"
  67.  
  68. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  69. "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent"
  70. "DAEMON Tools Ultra Agent"="C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe -autorun"
  71. "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
  72. "IDMan"="C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot"
  73. "Hide.me"="C:\Program Files (x86)\HideMe.ru VPN\Start.exe"
  74. "Advanced SystemCare Ultimate"="C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASCTray.exe /Auto"
  75.  
  76. ==== Startup Registry Enabled x64 ======================
  77.  
  78. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  79. "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
  80. "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
  81. "ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
  82.  
  83. ==== Startup Registry Disabled x64 ======================
  84.  
  85. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
  86.  
  87. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MyComGames]
  88. "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
  89. "item"="MyComGames"
  90. "hkey"="HKCU"
  91. "command"="\"C:\\Users\\HE-SERIES\\AppData\\Local\\MyComGames\\MyComGames.exe\" -autostart"
  92.  
  93. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
  94. "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
  95. "item"="SunJavaUpdateSched"
  96. "hkey"="HKLM"
  97.  
  98.  
  99. ==== Task Scheduler Jobs ======================
  100.  
  101. C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09/06/2015 17:06]
  102. C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09/06/2015 17:06]
  103. C:\Windows\tasks\update-S-1-5-21-1265006527-657244115-245952074-1000.job --a------ C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [28/11/2014 13:29]
  104. C:\Windows\tasks\update-sys.job --a------ C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [28/11/2014 13:29]
  105.  
  106. ==== Other Scheduled Tasks ======================
  107.  
  108. "C:\Windows\SysNative\tasks\ASCU8_PerformanceMonitor" [C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\Monitor.exe]
  109. "C:\Windows\SysNative\tasks\ASCU8_SkipUac_HE-SERIES" [C:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASC.exe /SkipUac]
  110. "C:\Windows\SysNative\tasks\Driver Booster Scan" [C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe]
  111. "C:\Windows\SysNative\tasks\Driver Booster SkipUAC (HE-SERIES)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe]
  112. "C:\Windows\SysNative\tasks\Driver Booster Update" [C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe]
  113. "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
  114. "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
  115. "C:\Windows\SysNative\tasks\Uninstaller_SkipUac_HE-SERIES" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe]
  116. "C:\Windows\SysNative\tasks\update-S-1-5-21-1265006527-657244115-245952074-1000" [C:\Program Files (x86)\Skillbrains\Updater\Updater.exe]
  117. "C:\Windows\SysNative\tasks\update-sys" [C:\Program Files (x86)\Skillbrains\Updater\Updater.exe]
  118. "C:\Windows\SysNative\tasks\{257BC4AA-1713-4299-9769-03438FA35F9C}" [C:\Users\HE-SERIES\Desktop\cleanup_tool.exe]
  119. "C:\Windows\SysNative\tasks\{50310373-D2E7-451F-9CB3-BC7EC899D784}" [C:\Users\HE-SERIES\Downloads\setup.exe]
  120. "C:\Windows\SysNative\tasks\{B2D4C5DC-674E-4A6F-AB9A-9F1D6D62CF21}" [C:\Users\HE-SERIES\Desktop\cleanup_tool.exe]
  121. "C:\Windows\SysNative\tasks\{BB054385-C4E3-4AE5-A21C-104AC0917CE5}" [C:\Users\HE-SERIES\Desktop\cleanup_tool.exe]
  122. "C:\Windows\SysNative\tasks\{C494BC80-4FA0-4CB1-A789-741F9C6562E8}" [C:\Users\HE-SERIES\Desktop\cleanup_tool.exe]
  123. "C:\Windows\SysNative\tasks\ASUS\ASUS SIX Engine" [C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe]
  124.  
  125. ==== Firefox Extensions Registry ======================
  126.  
  127. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
  128. "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [04/07/2015 21:11]
  129. [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
  130. "mozilla_cc@internetdownloadmanager.com"="C:\Users\HE-SERIES\AppData\Roaming\IDM\idmmzcc5" [08/07/2015 22:34]
  131.  
  132. ==== Firefox Extensions ======================
  133.  
  134. ProfilePath: C:\Users\HE-SER~1\AppData\Roaming\Mozilla\Firefox\Profiles\b705q8kd.default
  135. - iMacros for Firefox - C:\Users\HE-SERIES\AppData\Roaming\Mozilla\Firefox\Profiles\b705q8kd.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
  136. - Advanced SystemCare Surfing Protection - C:\Users\HE-SERIES\AppData\Roaming\Mozilla\Firefox\Profiles\b705q8kd.default\extensions\iobitascsurfingprotection@iobit.com
  137. - Advanced SystemCare Surfing Protection - %ProfilePath%\extensions\iobitascsurfingprotection@iobit.com
  138. - iMacros for Firefox - %ProfilePath%\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
  139. - Skip adf.ly skip - %ProfilePath%\extensions\jid1-nSEySa4aWGanbw@jetpack.xpi
  140.  
  141. AppDir: C:\Program Files (x86)\Mozilla Firefox
  142. - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}
  143. - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}
  144. - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
  145.  
  146. ==== Firefox Plugins ======================
  147.  
  148. Profilepath: C:\Users\HE-SERIES\AppData\Roaming\Mozilla\Firefox\Profiles\b705q8kd.default
  149. A523A2E4302AEB68B53F691A5C0DDE06 - C:\Users\HE-SERIES\AppData\Local\MyComGames\npmycomdetector.dll - My.com Games Detector
  150.  
  151.  
  152. ==== Chromium Look ======================
  153.  
  154. Google Chrome Version: 43.0.2357.132
  155.  
  156. HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
  157. gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[04/07/2015 21:11]
  158.  
  159. Google Slides - HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
  160. Google Docs - HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
  161. Google Drive - HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
  162. YouTube - HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
  163. Google Search - HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
  164. Tampermonkey - HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo
  165. Google Sheets - HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
  166. AdBlock - HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
  167. Hola Better Internet - HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio
  168. Avast Online Security - HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
  169. Chrome Hotword Shared Module - HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
  170. Google Wallet - HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
  171. Gmail - HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
  172.  
  173. ==== Chromium Startpages ======================
  174.  
  175. C:\Users\HE-SERIES\AppData\Local\Google\Chrome\User Data\Default\Preferences
  176. l_permissions":["background"],"permissions":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate","*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/chromenow/v1/*","https://*.googleapis.com/gcm/*","https://*.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.124\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true,"active_permissions":{"api":["notifications"],"manifest_permissions":[]},"app_launcher_ordinal":"yn","commands":{},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13078354069243656","lastpingday":"13080812398550926","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"pt_BR","default_locale":"en","description":"E-mail rápido e pesquisável com menos spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"C0F4C03E0AC9B34B2754454764562740FBF64622F826B0C4EC2FDF710FC167D6"},"default_search_provider":{"keyword":"A6DE7EEF2FA5501C4B7DD0E1C6EDE9585862CA5B7976D2F4CFE1A3785E429EE1","name":"19CD746090D41A0FDAF39F3E0246ABBFDDEEBE65334636FF2FBB834ABD94C946","search_url":"E1DDA63B5594CBE23D9A833C684928B8BC262AF89A4696FE284B31B5B3F02C98"},"default_search_provider_data":{"template_url_data":"475D7B8DDC50489328857E5B179E6C292751537599140D95181253C84058DC82"},"extensions":{"settings":{"aapocclcgogkmnckokdopfmhonfmgoek":"951D0E303D4F81E10887FA3FD0A95028BD99BEACB9CE08096653D5AB12DDEACB","ahfgeienlihckogmohjhadlkjgocpleb":"ADA2B22D97348016B17373D0EFA0067AE209CBBEC713B32633798E80441212CF","aohghmighlieiainnegkcijnfilokake":"F0EC1384C4CFF83355FE5EB273158479228F3ADBA9FE4767E09D67AB26989558","apdfllckaahabafndbhieahigkjlhalf":"E57EBDAD2028D62B7FC797C49DDBF60EBD10F1DFF0CE3798BFC20C1A4DE98A4C","bepbmhgboaologfdajaanbcjmnhjmhfn":"A5E238A7CDF958B9061551EDD8C2AB893856177EA4FC93DDA1AD29914CC2A295","blpcfgokakmgnkcojhhkbfbldkacnbeo":"4D8575F076CAEB778BFDD2288BC551D614F857AC02AAFDCCE0659BA080448953","coobgpohoikkiipiblmjeljniedjpjpf":"96673E800BA34546B7528508D369F35D093F515FB8D0EDFD5E9B2C445A45C578","dhdgffkkebhmkfjojejmpbldmpobfkfo":"2C80890D5CF177F3A683306C49CBE40AF5687A67646F5150EB46E29B959BF98A","eemcgdkfndhakfknompkggombfjjjeno":"56E9B48B4C644EF53E2CFA09CD9714746CC0C696FC81E1B1A54CC263109DA234","ennkphjdgehloodpbhlhldgbnhmacadg":"B7D16CE713A35B79F44F13E222AF7F40743FAA9075CC6C1F5A4ADA115A28D297","felcaaldnbdncclmgdcncolpebgiejap":"6D989DE023062C4E3E638EE31C6A459BDCCAFD4931EF91C76C07270728E76922","gfdkimpbcpahaombhbimeihdjnejgicl":"B8B2A5BC3664DD9B0A17C7662B1136F5A41604B5D21F2861A6310AACCB02191A","gighmmpiobklfepjocnamgkkbiglidom":"630115FF5BFDF01867682F50B9C04D65B7B4AC973C3D2429B3543712AADD418D","gkojfkhlekighikafcpjkiklfbnlmeio":"86979B1E8CE764AE69D75106583D18A468A1628ABE3FF343AC9C25F00B8D16F1","gomekmidlodglbbmalcneegieacbdmki":"7E1CB57B4E24BB25A5109FC283F3A0BDEFC7DDE8A5F4E6C7D6D7855B009C61AB","kmendfapggjehodndflmmgagdbamhnfd":"E1369CDBD92D972BD5F12030AF2779A5E5F89623CEBE7920E2C29FA3EB0D9EC4","lccekmodgklaepjeofjdjpbminllajkg":"5C8F65D2EEC4EE3CFCA00D4CEA82DB4E4A1B517DC376BF01EE9BDC21959BCBBE","mfehgcgbbipciphmccgaenjidiccnmng":"549924532E51389403943D0CAE6ABE3D57CC6C0E127DE55454E06797FA1A91DE","mfffpogegjflfpflabcdkioaeobkgjik":"2E1DE85BC73E57DD61DA95BB7C22DC3861A2901C2F447AE2C3C4741A8FF89796","mgndgikekgjfcpckkfioiadnlibdjbkf":"4FCCB4F20085A2C6286774F783090C6BF4DEE9DE9DE03331095B801EE10AFC30","mhjfbmdgcfjbbpaeojofohoefgiehjai":"E1478A2DFF8E33921BDE71102EBE83BB9E81D523865EA1B5263AC08AD9036DBE","nbpagnldghgfoolbancepceaanlmhfmd":"766921A72CACD62144DDE987125A5ED29A73455CB790A50BABC6B9618984C598","neajdppkdcdipfabeoofebfddakdcjhd":"F794F8E35B17D5F218CA9C762CBB3AFCBE66670395C8C26E66538DCA2F5EB2F8","nkeimhogjdpnpccoofpliimaahmaaome":"D5C71B624BB4FED4693BA82182B0D626C01C19F5B4E7F39C36603046E716CDED","nmmhkkegccagdldgiimedpiccmgmieda":"B86896240111923792556231A1FDF50C72629F60EDFBD898ABF2DDBE3B20F369","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"9B4E0D0BED2EF146F12FA82B9B41CC8787DD7A496A775E1EA1209C3AEB76F69F","pjkljhegncpnkpknbcohdijeoejaedia":"83DE67ABFC8C6FF2F5B9F625B0DFA74B3C39162571057045D873E8A3461D28AC"}},"google":{"services":{"last_username":"893A77CB9334028999F2602DCD8F455D1BF330BCA42B0CF467853BCE6A2CCEB5","username":"E0449580A46CCC5C85A4D16B71CBC72F71756BB93664373705022013B2B11F0E"}},"homepage":"7DB292E5A046EC2FC22C85D412B3B72C3588686018F2551752789E44A369DA91","homepage_is_newtabpage":"175768EC06A27DB8F2063F71D50FF8B6BA512348F0DF1C4CADE03FC2B2D5D747","pinned_tabs":"4615B13E8072568ED6BD674AB0BC8410386E21E9130F4E70DCB350040F2B0DBD","prefs":{"preference_reset_time":"21C949C21805EB6AB0667D605431B21D1F807ECAAE81D0C6725E46D3780CE636"},"profile":{"reset_prompt_memento":"4AE6393806C134D8FA6A6B1135E979B488B7AEF5649B8DD7161C4824DA621451"},"safebrowsing":{"incidents_sent":"893FE3DC7256D412DAD2257BF01D5002B66F4818B6B09FB8C7DE5E8A66389D3B"},"search_provider_overrides":"C2A26FBE319CEDB1C935126998DF75C8518F75A51C086A94BFBE5CA3582B3284","session":{"restore_on_startup":"4F0DF57859D7621E61A8408A53550C25087A2834FD180648D567586B44F40724","startup_urls":"9CE6736669F204C56EA5507092244D91203FB4B9EEBBC31BBFCC2C05056B81BB"},"software_reporter":{"prompt_reason":"F777A7321026E62BC819C2177A3E129C2F48509E7D9BC93C948BA4FEA5E25510","prompt_seed":"271D665927229C958D392F09852C42943AACF308F5082B8718580D1F0034463F","prompt_version":"387FC532AA13FC9780A5E211D67279F4EC085D28CD36DDBAA0E7D939D39538BF"},"sync":{"remaining_rollback_tries":"5C5848267C0F7641FD0EFA9E419DC1AF9589A20367948928D221EBE8B91D8E1A"}},"super_mac":"21BC30A5CA8DA961C8F02F895A3D52F13E7988637EE22FF022E87F1EDC1E61F8"}}
  177.  
  178.  
  179. ==== IE Start and Search Settings ======================
  180.  
  181. [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
  182. "Start Page"="http://www.msn.com/?ocid=iehp"
  183. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
  184. "Tabs"="res://ieframe.dll/tabswelcome.htm"
  185. [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
  186. "Tabs"="res://ieframe.dll/tabswelcome.htm"
  187. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
  188. "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
  189. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found
  190.  
  191. ==== HijackThis Entries ======================
  192.  
  193. R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
  194. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  195. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  196. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  197. R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8888;https=127.0.0.1:8888;
  198. R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
  199. O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
  200. O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
  201. O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
  202. O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
  203. O2 - BHO: Advanced SystemCare Surfing Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\PROGRA~2\IObit\SURFIN~1\BROWER~1\ASCPLU~1.DLL
  204. O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
  205. O17 - HKLM\System\CCS\Services\Tcpip\..\{0DF6C163-4640-4CEA-B2C3-ABD7A33E2D53}: NameServer = 4.2.2.1,4.2.2.2
  206. O17 - HKLM\System\CS1\Services\Tcpip\..\{0DF6C163-4640-4CEA-B2C3-ABD7A33E2D53}: NameServer = 4.2.2.1,4.2.2.2
  207. O17 - HKLM\System\CS2\Services\Tcpip\..\{0DF6C163-4640-4CEA-B2C3-ABD7A33E2D53}: NameServer = 4.2.2.1,4.2.2.2
  208.  
  209. ==== EOF on 08/07/2015 at 22:38:41,38 ======================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!