Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
- Ran by DEEP NET (administrator) on DEEPNET-PC (22-09-2015 13:47:12)
- Running from C:\Users\DEEP NET\Downloads\Programs
- Loaded Profiles: DEEP NET (Available Profiles: DEEP NET)
- Platform: Windows 7 Ultimate (X64) Language: English (United States)
- Internet Explorer Version 8 (Default browser: Chrome)
- Boot Mode: Normal
- Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
- ==================== Processes (Whitelisted) =================
- (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
- (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
- (Microsoft Corporation) C:\Windows\System32\wlanext.exe
- (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe
- (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
- (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
- (Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
- (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
- (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
- (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
- (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
- (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avpui.exe
- (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
- (Intel Corporation) C:\Windows\System32\igfxHK.exe
- (Intel Corporation) C:\Windows\System32\igfxTray.exe
- (Intel Corporation) C:\Windows\System32\igfxEM.exe
- (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
- (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
- (BitTorrent Inc.) C:\Users\DEEP NET\AppData\Roaming\BitTorrent\BitTorrent.exe
- (PowerISO Computing, Inc.) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
- (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
- (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
- (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
- (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\plugin-nm-server.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- (Farbar) C:\Users\DEEP NET\Downloads\Programs\FRST64_2.exe
- ==================== Registry (Whitelisted) ===========================
- (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
- HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [307200 2011-06-15] (PowerISO Computing, Inc.)
- HKU\S-1-5-21-1527722138-3059096507-1149149749-1000\...\Run: [Hide.me] => C:\Program Files (x86)\inCloak VPN\Start.exe
- HKU\S-1-5-21-1527722138-3059096507-1149149749-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3898960 2015-05-03] (Tonec Inc.)
- HKU\S-1-5-21-1527722138-3059096507-1149149749-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53288576 2015-06-30] (Skype Technologies S.A.)
- HKU\S-1-5-21-1527722138-3059096507-1149149749-1000\...\Run: [BitTorrent] => C:\Users\DEEP NET\AppData\Roaming\BitTorrent\BitTorrent.exe [1906536 2015-09-18] (BitTorrent Inc.)
- HKU\S-1-5-21-1527722138-3059096507-1149149749-1000\...\Run: [Mino] => C:\Users\DEEP NET\AppData\Roaming [0 2015-09-06] ()
- ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2014-04-21] (Tonec Inc.)
- ==================== Internet (Whitelisted) ====================
- (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
- Tcpip\Parameters: [DhcpNameServer] 192.168.254.251
- Tcpip\..\Interfaces\{B83601EE-675B-4351-A68B-BA0307ADFD1A}: [DhcpNameServer] 192.168.254.251
- Internet Explorer:
- ==================
- HKU\S-1-5-21-1527722138-3059096507-1149149749-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-in/?ocid=iehp
- BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-02-21] (Internet Download Manager, Tonec Inc.)
- BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\x64\IEExt\ie_plugin.dll [2015-04-13] (Kaspersky Lab ZAO)
- BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
- BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\x64\IEExt\ie_plugin.dll [2015-04-13] (Kaspersky Lab ZAO)
- BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\x64\IEExt\ie_plugin.dll [2015-04-13] (Kaspersky Lab ZAO)
- BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-02-21] (Internet Download Manager, Tonec Inc.)
- BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2015-04-13] (Kaspersky Lab ZAO)
- BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
- BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2015-04-13] (Kaspersky Lab ZAO)
- BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2015-04-13] (Kaspersky Lab ZAO)
- Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
- Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
- Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
- Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
- Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
- Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
- FireFox:
- ========
- FF ProfilePath: C:\Users\DEEP NET\AppData\Roaming\Mozilla\Firefox\Profiles\dk4n09ws.default
- FF NetworkProxy: "socks", "95.25.205.177"
- FF NetworkProxy: "socks_port", 9886
- FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-09-25] (VideoLAN)
- FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
- FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
- FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
- FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
- FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
- FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com [2015-04-14] ()
- FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-04-14] ()
- FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
- FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
- FF user.js: detected! => C:\Users\DEEP NET\AppData\Roaming\Mozilla\Firefox\Profiles\dk4n09ws.default\user.js [2015-04-24]
- FF Extension: XSS Me - C:\Users\DEEP NET\AppData\Roaming\Mozilla\Firefox\Profiles\dk4n09ws.default\Extensions\xssme@security.compass.xpi [2015-08-31]
- FF Extension: Tamper Data - C:\Users\DEEP NET\AppData\Roaming\Mozilla\Firefox\Profiles\dk4n09ws.default\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [2015-06-17]
- FF Extension: HackBar - C:\Users\DEEP NET\AppData\Roaming\Mozilla\Firefox\Profiles\dk4n09ws.default\Extensions\{F5DDF39C-9293-4d5e-9AA8-E04E6DD5E9B4}.xpi [2015-05-21]
- FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-08-27]
- FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com
- FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com [2015-04-13]
- FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com
- FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-04-13]
- FF HKU\S-1-5-21-1527722138-3059096507-1149149749-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\DEEP NET\AppData\Roaming\IDM\idmmzcc5
- FF Extension: IDM CC - C:\Users\DEEP NET\AppData\Roaming\IDM\idmmzcc5 [2015-09-22]
- FF HKU\S-1-5-21-1527722138-3059096507-1149149749-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\DEEP NET\AppData\Roaming\IDM\idmmzcc5
- Chrome:
- =======
- CHR Profile: C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default
- CHR Extension: (Google Slides) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-13]
- CHR Extension: (Google Docs) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-13]
- CHR Extension: (Google Drive) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-13]
- CHR Extension: (YouTube) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-13]
- CHR Extension: (Google Search) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-13]
- CHR Extension: (Kaspersky Protection) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-04-15]
- CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2015-05-31]
- CHR Extension: (Google Sheets) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-13]
- CHR Extension: (Google Docs Offline) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
- CHR Extension: (Chrome Hotword Shared Module) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-13]
- CHR Extension: (Skype Click to Call) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-04-14]
- CHR Extension: (Proxy Helper) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnloefcpaepkpmhaoipjkpikbnkmbnic [2015-06-17]
- CHR Extension: (IDM Integration Module) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-05-26]
- CHR Extension: (Chrome Web Store Payments) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-13]
- CHR Extension: (Gmail) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-13]
- CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
- CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-20]
- CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
- CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
- CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-20]
- ==================== Services (Whitelisted) ========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- R3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [676864 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 AudioSrv; C:\Windows\System32\Audiosrv.dll [676864 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
- R2 BFE; C:\Windows\System32\bfe.dll [703488 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 BITS; C:\Windows\System32\qmgr.dll [848384 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 Browser; C:\Windows\System32\browser.dll [136192 2009-07-14] (Microsoft Corporation) [File not signed]
- R3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
- R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
- S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [175104 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [135680 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 DcomLaunch; C:\Windows\system32\rpcss.dll [509440 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [182272 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 DPS; C:\Windows\system32\dps.dll [162816 2009-07-14] (Microsoft Corporation) [File not signed]
- R3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 EventSystem; C:\Windows\SysWOW64\es.dll [271360 2009-07-14] (Microsoft Corporation) [File not signed]
- R3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-14] (Microsoft Corporation) [File not signed]
- R3 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-14] (Microsoft Corporation) [File not signed]
- R3 FontCache; C:\Windows\system32\FntCache.dll [1127936 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-07-16] (Foxit Software Inc.)
- S3 hidserv; C:\Windows\system32\hidserv.dll [38912 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 hidserv; C:\Windows\SysWOW64\hidserv.dll [49152 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-12] (Intel Corporation)
- R2 IKEEXT; C:\Windows\System32\ikeext.dll [845824 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [565760 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 LanmanServer; C:\Windows\system32\srvsvc.dll [235520 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 MpsSvc; C:\Windows\system32\mpssvc.dll [824832 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 napagent; C:\Windows\system32\qagentRT.dll [475648 2009-07-14] (Microsoft Corporation) [File not signed]
- R3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed]
- R3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-14] (Microsoft Corporation) [File not signed]
- R3 netprofm; C:\Windows\SysWOW64\netprofm.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 NlaSvc; C:\Windows\System32\nlasvc.dll [302080 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 nsi; C:\Windows\system32\nsisvc.dll [25600 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 pla; C:\Windows\system32\pla.dll [1390080 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 pla; C:\Windows\SysWOW64\pla.dll [1508864 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [500224 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 ProfSvc; C:\Windows\system32\profsvc.dll [208384 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 RasMan; C:\Windows\System32\rasmans.dll [343552 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 RpcSs; C:\Windows\system32\rpcss.dll [509440 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 Schedule; C:\Windows\system32\schedsvc.dll [1104384 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 seclogon; C:\Windows\system32\seclogon.dll [30720 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 SessionEnv; C:\Windows\system32\sessenv.dll [104960 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [99328 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-14] (Microsoft Corporation) [File not signed]
- R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 TapiSrv; C:\Windows\System32\tapisrv.dll [316416 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [241664 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-01] (TeamViewer GmbH)
- S3 TermService; C:\Windows\System32\termsrv.dll [706560 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 upnphost; C:\Windows\SysWOW64\upnphost.dll [266752 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
- S3 WinRM; C:\Windows\system32\WsmSvc.dll [2018816 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1175040 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 wudfsvc; C:\Windows\System32\WUDFSvc.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed]
- ===================== Drivers (Whitelisted) ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- R1 AFD; C:\Windows\system32\drivers\afd.sys [500224 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-14] (Microsoft Corporation) [File not signed]
- R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2009-07-14] (Microsoft Corporation) [File not signed]
- S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-14] (Microsoft Corporation) [File not signed]
- R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
- R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2009-07-14] (Microsoft Corporation) [File not signed]
- R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] (Microsoft Corporation) [File not signed]
- R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [974848 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-11] (Broadcom Corporation)
- S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-14] (Microsoft Corporation) [File not signed]
- R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [751616 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] (Microsoft Corporation) [File not signed]
- R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
- R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
- R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2015-04-13] (Kaspersky Lab ZAO)
- R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
- R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [819896 2015-04-13] (Kaspersky Lab ZAO)
- R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
- R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
- R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
- R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
- R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
- R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2015-04-13] (Kaspersky Lab ZAO)
- R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
- R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] (Microsoft Corporation) [File not signed]
- R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [157184 2009-07-14] (Microsoft Corporation) [File not signed]
- R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [285696 2009-07-14] (Microsoft Corporation) [File not signed]
- R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [125952 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] (Microsoft Corporation) [File not signed]
- R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56320 2009-07-14] (Microsoft Corporation) [File not signed]
- R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2009-07-14] (Microsoft Corporation) [File not signed]
- R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] (Microsoft Corporation) [File not signed]
- R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [259072 2009-07-14] (Microsoft Corporation) [File not signed]
- R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-14] (Microsoft Corporation) [File not signed]
- R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-14] (Microsoft Corporation) [File not signed]
- R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111616 2009-07-14] (Microsoft Corporation) [File not signed]
- R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] (Microsoft Corporation) [File not signed]
- R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [130048 2009-07-14] (Microsoft Corporation) [File not signed]
- R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] (Microsoft Corporation) [File not signed]
- R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2009-07-14] (Microsoft Corporation) [File not signed]
- R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] (Microsoft Corporation) [File not signed]
- R3 srv; C:\Windows\System32\DRIVERS\srv.sys [465408 2009-07-14] (Microsoft Corporation) [File not signed]
- R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [407040 2009-07-14] (Microsoft Corporation) [File not signed]
- R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [162816 2009-07-14] (Microsoft Corporation) [File not signed]
- R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [44544 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2009-07-14] (Microsoft Corporation) [File not signed]
- R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [99840 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [38400 2009-07-14] (Microsoft Corporation) [File not signed]
- R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2009-07-14] (Microsoft Corporation) [File not signed]
- S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [327168 2009-07-14] (Microsoft Corporation) [File not signed]
- R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-14] (Microsoft Corporation) [File not signed]
- R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-14] (Microsoft Corporation) [File not signed]
- R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] (Microsoft Corporation) [File not signed]
- S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] (Microsoft Corporation) [File not signed]
- R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [112128 2009-07-14] (Microsoft Corporation) [File not signed]
- S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [172544 2009-07-14] (Microsoft Corporation) [File not signed]
- U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
- ==================== NetSvcs (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- ==================== One Month Created files and folders ========
- (If an entry is included in the fixlist, the file/folder will be moved.)
- 2015-09-22 10:19 - 2015-09-22 10:20 - 00000000 ___HD C:\Windows\AxInstSV
- 2015-09-21 14:12 - 2015-09-21 14:12 - 00000000 ____D C:\Users\DEEP NET\Desktop\iphone old
- 2015-09-20 10:55 - 2015-09-20 10:55 - 00000034 _____ C:\Users\DEEP NET\Desktop\Coin Base address.txt
- 2015-09-15 14:51 - 2015-07-19 21:27 - 00001794 ____N C:\Users\DEEP NET\Desktop\Spooks.The.Greater.Good.2015. Trailer.En.srt
- 2015-09-13 23:12 - 2015-09-13 23:12 - 00000000 ____D C:\Windows\system32\SPReview
- 2015-09-13 23:11 - 2015-09-13 23:11 - 00000000 ____D C:\Windows\system32\EventProviders
- 2015-09-12 20:05 - 2015-08-27 11:16 - 00147925 _____ C:\Users\DEEP NET\Desktop\Citizenfour (2014) [1080p] YIFY - YTS.srt
- 2015-09-09 09:04 - 2015-09-09 09:04 - 00000000 ____D C:\Program Files\Common Files\AV
- 2015-09-08 19:46 - 2014-01-12 13:16 - 00175761 ____N C:\Users\DEEP NET\Desktop\the-fifth-estate-yify-english.srt
- 2015-09-08 17:38 - 2015-09-08 17:39 - 00000016 _____ C:\Users\DEEP NET\Desktop\New Text Document (2).txt
- 2015-09-06 11:23 - 2015-09-06 11:23 - 00000836 _____ C:\Users\DEEP NET\Desktop\BitTorrent.lnk
- 2015-09-06 11:23 - 2015-09-06 11:23 - 00000816 _____ C:\Users\DEEP NET\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
- 2015-09-06 11:21 - 2015-09-22 13:46 - 00000000 ____D C:\Users\DEEP NET\AppData\Roaming\BitTorrent
- 2015-09-05 21:48 - 2015-07-23 13:18 - 2564476928 _____ C:\Users\DEEP NET\Desktop\Windows_7_32-bit_Home_Premium_x86.iso
- 2015-09-03 23:33 - 2015-09-03 23:36 - 00000020 _____ C:\Users\DEEP NET\Desktop\New Text Document.txt
- 2015-09-02 15:32 - 2015-09-02 15:33 - 00000000 ____D C:\Users\DEEP NET\AppData\Local\gtk-2.0
- 2015-09-02 14:59 - 2015-09-02 14:59 - 00000000 ____D C:\Users\DEEP NET\AppData\Local\enchant
- 2015-09-02 14:58 - 2015-09-02 22:14 - 00000000 ____D C:\Users\DEEP NET\AppData\Roaming\.purple
- 2015-09-02 06:46 - 2015-09-02 06:46 - 00000995 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pidgin.lnk
- 2015-09-02 06:45 - 2015-09-02 06:49 - 00000000 ____D C:\Program Files (x86)\Pidgin
- 2015-09-01 13:50 - 2015-09-01 13:50 - 00000843 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
- 2015-09-01 13:50 - 2015-09-01 13:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
- 2015-09-01 13:50 - 2015-05-13 17:11 - 00922704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
- 2015-09-01 13:49 - 2015-05-13 17:10 - 00128592 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
- 2015-08-31 17:06 - 2015-08-31 17:27 - 07421377 _____ C:\Users\DEEP NET\Downloads\burpsuite_free_v1.6.25.jar.part
- 2015-08-29 09:28 - 2015-08-29 09:29 - 00982640 _____ C:\Windows\Minidump\082915-23290-01.dmp
- 2015-08-27 21:50 - 2015-08-29 09:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
- 2015-08-27 20:13 - 2015-08-27 20:13 - 00000000 _____ C:\Users\DEEP NET\Desktop\network cats.txt
- ==================== One Month Modified files and folders ========
- (If an entry is included in the fixlist, the file/folder will be moved.)
- 2015-09-22 13:48 - 2009-07-14 10:15 - 00009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
- 2015-09-22 13:48 - 2009-07-14 10:15 - 00009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
- 2015-09-22 13:47 - 2015-06-08 20:06 - 00000000 ____D C:\FRST
- 2015-09-22 13:44 - 2015-04-14 10:21 - 00000000 ____D C:\Users\DEEP NET\AppData\Roaming\Skype
- 2015-09-22 13:34 - 2015-04-13 20:56 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- 2015-09-22 13:34 - 2015-04-13 20:41 - 01618442 _____ C:\Windows\WindowsUpdate.log
- 2015-09-22 12:02 - 2009-07-14 10:21 - 00094679 _____ C:\Windows\setupact.log
- 2015-09-22 11:44 - 2015-06-07 17:00 - 00000000 ____D C:\Program Files (x86)\TeamViewer
- 2015-09-22 11:25 - 2015-04-13 22:16 - 00000000 ____D C:\ProgramData\Kaspersky Lab
- 2015-09-22 10:26 - 2015-04-13 20:56 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- 2015-09-22 10:26 - 2009-07-14 10:38 - 00000006 ____H C:\Windows\Tasks\SA.DAT
- 2015-09-22 09:34 - 2015-04-13 21:14 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
- 2015-09-20 13:52 - 2015-06-17 08:51 - 00000000 ____D C:\Users\DEEP NET\Desktop\143 VPN
- 2015-09-19 16:18 - 2015-05-06 21:47 - 00000000 ____D C:\Users\DEEP NET\Desktop\Shit things
- 2015-09-16 21:01 - 2015-04-13 20:56 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
- 2015-09-16 21:01 - 2015-04-13 20:56 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
- 2015-09-15 17:41 - 2015-07-22 20:47 - 00000000 ____D C:\Users\DEEP NET\Desktop\New folder (2)
- 2015-09-15 17:13 - 2015-06-03 19:54 - 00000000 ____D C:\Users\DEEP NET\AppData\Roaming\vlc
- 2015-09-15 14:51 - 2015-04-13 22:16 - 00000000 ____D C:\Users\DEEP NET\AppData\Roaming\DMCache
- 2015-09-15 14:50 - 2015-04-13 22:16 - 00000000 ____D C:\Users\DEEP NET\Downloads\Compressed
- 2015-09-12 13:13 - 2015-05-26 12:02 - 00000000 ____D C:\Users\DEEP NET\.VirtualBox
- 2015-09-11 11:53 - 2015-04-13 20:56 - 00000000 ____D C:\Users\DEEP NET\AppData\Local\Google
- 2015-09-08 08:30 - 2015-04-13 22:16 - 00000000 ____D C:\Users\DEEP NET\Downloads\Video
- 2015-09-06 11:22 - 2015-05-19 21:37 - 00000000 ____D C:\Users\DEEP NET\AppData\Roaming\uTorrent
- 2015-09-05 21:50 - 2009-07-14 10:43 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
- 2015-09-01 16:37 - 2015-05-26 12:03 - 00000000 ____D C:\Users\DEEP NET\VirtualBox VMs
- 2015-08-29 09:28 - 2015-06-08 22:21 - 240223915 _____ C:\Windows\MEMORY.DMP
- 2015-08-29 09:28 - 2015-06-08 22:21 - 00000000 ____D C:\Windows\Minidump
- 2015-08-29 09:28 - 2015-04-23 20:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
- 2015-08-29 09:28 - 2015-04-13 22:57 - 00097478 _____ C:\Windows\PFRO.log
- 2015-08-26 23:00 - 2015-04-13 20:38 - 00000000 ____D C:\Users\DEEP NET
- 2015-08-23 17:08 - 2015-07-31 17:49 - 00000270 _____ C:\Users\DEEP NET\Desktop\BTC.txt
- ==================== Files in the root of some directories =======
- 2015-08-15 16:10 - 2015-08-15 16:10 - 0000110 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
- Some files in TEMP:
- ====================
- C:\Users\DEEP NET\AppData\Local\Temp\dllnt_dump.dll
- ==================== Bamital & volsnap =================
- (There is no automatic fix for files that do not pass verification.)
- C:\Windows\system32\winlogon.exe => File is digitally signed
- C:\Windows\system32\wininit.exe => File is digitally signed
- C:\Windows\SysWOW64\wininit.exe => File is digitally signed
- C:\Windows\explorer.exe => File is digitally signed
- C:\Windows\SysWOW64\explorer.exe => File is digitally signed
- C:\Windows\system32\svchost.exe => File is digitally signed
- C:\Windows\SysWOW64\svchost.exe => File is digitally signed
- C:\Windows\system32\services.exe => File is digitally signed
- C:\Windows\system32\User32.dll => File is digitally signed
- C:\Windows\SysWOW64\User32.dll => File is digitally signed
- C:\Windows\system32\userinit.exe => File is digitally signed
- C:\Windows\SysWOW64\userinit.exe => File is digitally signed
- C:\Windows\system32\rpcss.dll => MD5 is legit
- C:\Windows\system32\dnsapi.dll => File is digitally signed
- C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
- C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
- LastRegBack: 2015-09-12 12:38
- ==================== End of FRST.txt ============================
- Additional scan result of Farbar Recovery Scan Tool (x64) Version:15-09-2015
- Ran by DEEP NET (2015-09-22 13:48:33)
- Running from C:\Users\DEEP NET\Downloads\Programs
- Windows 7 Ultimate (X64) (2015-04-13 15:08:25)
- Boot Mode: Normal
- ==========================================================
- ==================== Accounts: =============================
- Administrator (S-1-5-21-1527722138-3059096507-1149149749-500 - Administrator - Disabled)
- DEEP NET (S-1-5-21-1527722138-3059096507-1149149749-1000 - Administrator - Enabled) => C:\Users\DEEP NET
- Guest (S-1-5-21-1527722138-3059096507-1149149749-501 - Limited - Disabled)
- ==================== Security Center ========================
- (If an entry is included in the fixlist, it will be removed.)
- AV: Kaspersky Anti-Virus (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
- AS: Kaspersky Anti-Virus (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
- AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
- ==================== Installed Programs ======================
- (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
- µTorrent (HKU\S-1-5-21-1527722138-3059096507-1149149749-1000\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
- BitTorrent (HKU\S-1-5-21-1527722138-3059096507-1149149749-1000\...\BitTorrent) (Version: 7.9.5.41074 - BitTorrent Inc.)
- Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
- Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
- Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
- Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.6.124.715 - Foxit Software Inc.)
- Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.1.3.320 - Foxit Software Inc.)
- Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.99 - Google Inc.)
- Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
- Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
- Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
- Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
- Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
- Kaspersky Anti-Virus (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
- LearnNext (HKLM-x32\...\{FE68F13D-33DB-49A7-B052-0684C0CF1C88}) (Version: 1.0.0.2 - Next Education India Pvt. Ltd.)
- Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
- Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
- Mozilla Firefox 41.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 41.0 (x86 en-US)) (Version: 41.0 - Mozilla)
- Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.0.5701 - Mozilla)
- Oracle VM VirtualBox 4.3.28 (HKLM\...\{E8BB81BC-E67C-4750-84EE-128DA5A7ADA5}) (Version: 4.3.28 - Oracle Corporation)
- Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.11 - )
- PowerISO (HKLM-x32\...\PowerISO) (Version: 4.8 - PowerISO Computing, Inc.)
- Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
- Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
- Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
- SMAC 2.0 (HKLM-x32\...\SMAC 2.0) (Version: - )
- SQL Server Dumper (HKLM-x32\...\{D77D9A13-68A8-44F0-96DA-E7F4F74A9FDB}) (Version: 2.0.0 - Ruizata Project)
- TeamSpeak 3 Client (HKU\S-1-5-21-1527722138-3059096507-1149149749-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
- TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43174 - TeamViewer)
- VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
- WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
- ==================== Custom CLSID (Whitelisted): ==========================
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- CustomCLSID: HKU\S-1-5-21-1527722138-3059096507-1149149749-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
- ==================== Restore Points =========================
- 13-09-2015 23:12:12 Windows 7 Service Pack 1
- ==================== Hosts content: ===============================
- (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
- 2009-07-14 08:04 - 2009-06-11 02:30 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
- ==================== Scheduled Tasks (Whitelisted) =============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- Task: {27A5907A-5523-4E48-913D-5FAB53085214} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-13] (Google Inc.)
- Task: {7C56AE1D-008F-402B-A276-293D47A81246} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-13] (Google Inc.)
- (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
- Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
- ==================== Loaded Modules (Whitelisted) ==============
- 2014-08-30 17:12 - 2014-08-30 17:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\kpcengine.2.3.dll
- 2015-09-22 09:33 - 2015-09-19 03:43 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\libglesv2.dll
- 2015-09-22 09:33 - 2015-09-19 03:43 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\libegl.dll
- 2015-09-22 09:33 - 2015-09-19 03:43 - 16487752 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\PepperFlash\pepflashplayer.dll
- ==================== Alternate Data Streams (Whitelisted) =========
- (If an entry is included in the fixlist, only the ADS will be removed.)
- ==================== Safe Mode (Whitelisted) ===================
- (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
- ==================== EXE Association (Whitelisted) ===============
- (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
- ==================== Internet Explorer trusted/restricted ===============
- (If an entry is included in the fixlist, it will be removed from the registry.)
- ==================== Other Areas ============================
- (Currently there is no automatic fix for this section.)
- HKU\S-1-5-21-1527722138-3059096507-1149149749-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\DEEP NET\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
- DNS Servers: 192.168.254.251
- HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
- Windows Firewall is enabled.
- ==================== MSCONFIG/TASK MANAGER disabled items ==
- (Currently there is no automatic fix for this section.)
- ==================== FirewallRules (Whitelisted) ===============
- (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
- FirewallRules: [{E57117C0-2940-4244-9FD0-4D15F458DB66}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- FirewallRules: [{6D055655-8231-4E2B-8B43-4FA208800DF8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
- FirewallRules: [TCP Query User{E3E6E8E3-2246-4490-B3AC-AE6FD74443F7}C:\users\deep net\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\deep net\appdata\roaming\utorrent\utorrent.exe
- FirewallRules: [UDP Query User{E2E8DB09-9ADF-4710-98B2-433C2B0A1CD0}C:\users\deep net\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\deep net\appdata\roaming\utorrent\utorrent.exe
- FirewallRules: [{F86E88BA-6F81-4450-A1E7-76F0879F202A}] => (Block) C:\users\deep net\appdata\roaming\utorrent\utorrent.exe
- FirewallRules: [{8AAAE3A8-9B83-4C4C-928F-6325EB35A586}] => (Block) C:\users\deep net\appdata\roaming\utorrent\utorrent.exe
- FirewallRules: [TCP Query User{6B80805B-866D-43D3-BC7C-9BD1E86D30B2}C:\users\deep net\downloads\programs\listen.exe] => (Allow) C:\users\deep net\downloads\programs\listen.exe
- FirewallRules: [UDP Query User{B3D7A3FE-32D5-4F9C-8492-CC0DA3918859}C:\users\deep net\downloads\programs\listen.exe] => (Allow) C:\users\deep net\downloads\programs\listen.exe
- FirewallRules: [{4508BDDA-A7F0-461E-A00C-CA67A61C60B0}] => (Block) C:\users\deep net\downloads\programs\listen.exe
- FirewallRules: [{382481A9-8D28-46E2-B899-83770FAD9D93}] => (Block) C:\users\deep net\downloads\programs\listen.exe
- FirewallRules: [{BF3E9472-D471-46FF-8ABF-F0EF3DB396A9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
- FirewallRules: [{00FCAA66-7F0E-498E-95B6-77F05A3AC963}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
- FirewallRules: [{4287386E-2432-48B0-864A-C1933E8C4A2F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
- FirewallRules: [{4EA2C048-E1B0-4BAF-9E97-768D0B377CEA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
- FirewallRules: [{19760963-4089-4B1F-89E3-AA61EE051E75}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
- FirewallRules: [TCP Query User{4CEA3181-6F09-427D-8A77-2533FBBF60E7}D:\igi 2 - covert strike\pc\1.0.exe] => (Allow) D:\igi 2 - covert strike\pc\1.0.exe
- FirewallRules: [UDP Query User{DB28E3D5-FE53-4187-AC67-77C96E6E759D}D:\igi 2 - covert strike\pc\1.0.exe] => (Allow) D:\igi 2 - covert strike\pc\1.0.exe
- FirewallRules: [TCP Query User{965EEAE4-1D11-4BB7-839C-352EC72DCFEE}D:\igi 2 - covert strike\pc\igi2.exe] => (Allow) D:\igi 2 - covert strike\pc\igi2.exe
- FirewallRules: [UDP Query User{322E633E-8A02-4742-84CB-B6883282DFB0}D:\igi 2 - covert strike\pc\igi2.exe] => (Allow) D:\igi 2 - covert strike\pc\igi2.exe
- FirewallRules: [TCP Query User{209D575B-1482-4FA9-8E29-A282EA00DB04}C:\users\deep net\appdata\roaming\utorrent\updates\3.4.3_40298.exe] => (Allow) C:\users\deep net\appdata\roaming\utorrent\updates\3.4.3_40298.exe
- FirewallRules: [UDP Query User{5D1F99B0-CB8B-4B38-964E-646E5BCF2B0C}C:\users\deep net\appdata\roaming\utorrent\updates\3.4.3_40298.exe] => (Allow) C:\users\deep net\appdata\roaming\utorrent\updates\3.4.3_40298.exe
- FirewallRules: [{7B4B5DA6-46E0-4CFA-BE43-C36B8F433531}] => (Allow) C:\Users\DEEP NET\AppData\Roaming\uTorrent\updates\3.4.3_40760.exe
- FirewallRules: [{FD8571D7-87D6-45C7-8627-A1A6198FE782}] => (Allow) C:\Users\DEEP NET\AppData\Roaming\uTorrent\updates\3.4.3_40760.exe
- FirewallRules: [TCP Query User{73E7A73E-6350-423C-BE1B-64B7F7DA97C0}C:\users\deep net\appdata\roaming\utorrent\updates\3.4.4_40911.exe] => (Allow) C:\users\deep net\appdata\roaming\utorrent\updates\3.4.4_40911.exe
- FirewallRules: [UDP Query User{FB3C7C91-EB03-431D-879F-93448C13ACF5}C:\users\deep net\appdata\roaming\utorrent\updates\3.4.4_40911.exe] => (Allow) C:\users\deep net\appdata\roaming\utorrent\updates\3.4.4_40911.exe
- FirewallRules: [{9BA23EC9-0EB5-4436-B781-9FBD0D480BDD}] => (Allow) C:\Users\DEEP NET\AppData\Roaming\BitTorrent\BitTorrent.exe
- FirewallRules: [{0A33FAF5-1B67-421D-AD99-FAC0A1F19B47}] => (Allow) C:\Users\DEEP NET\AppData\Roaming\BitTorrent\BitTorrent.exe
- FirewallRules: [{B57DB9EA-9D28-4F88-ADB8-66AAECF46C11}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
- ==================== Faulty Device Manager Devices =============
- Name: Universal Serial Bus (USB) Controller
- Description: Universal Serial Bus (USB) Controller
- Class Guid:
- Manufacturer:
- Service:
- Problem: : The drivers for this device are not installed. (Code 28)
- Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
- Name: PCI Device
- Description: PCI Device
- Class Guid:
- Manufacturer:
- Service:
- Problem: : The drivers for this device are not installed. (Code 28)
- Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
- Name: Ethernet Controller
- Description: Ethernet Controller
- Class Guid:
- Manufacturer:
- Service:
- Problem: : The drivers for this device are not installed. (Code 28)
- Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
- Name: VirtualBox Host-Only Ethernet Adapter
- Description: VirtualBox Host-Only Ethernet Adapter
- Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
- Manufacturer: Oracle Corporation
- Service: VBoxNetAdp
- Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
- Resolution: Update the driver
- ==================== Event log errors: =========================
- Application errors:
- ==================
- Error: (09/22/2015 11:29:50 AM) (Source: LearnNext) (EventID: 3) (User: )
- Description: 1442901590
- Error: (09/22/2015 11:29:00 AM) (Source: LearnNext) (EventID: 2) (User: )
- Description: N-044f2737-60ef-11e5-b2ee-28e347183d08
- Error: (09/22/2015 11:28:59 AM) (Source: LearnNext) (EventID: 3) (User: )
- Description: 1442901539
- Error: (09/17/2015 10:45:49 PM) (Source: EventSystem) (EventID: 4621) (User: )
- Description: 80070005EventSystem.EventSubscription{F55E4282-CE4F-4785-B5C8-29D60709F8AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}SENS Logon Subscription
- Error: (09/10/2015 12:15:12 AM) (Source: EventSystem) (EventID: 4621) (User: )
- Description: 80070005EventSystem.EventSubscription{F55E4282-CE4F-4785-B5C8-29D60709F8AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}SENS Logon Subscription
- Error: (09/03/2015 11:41:18 PM) (Source: EventSystem) (EventID: 4621) (User: )
- Description: 80070005EventSystem.EventSubscription{F55E4282-CE4F-4785-B5C8-29D60709F8AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}SENS Logon Subscription
- Error: (08/31/2015 06:18:49 PM) (Source: RasClient) (EventID: 20227) (User: )
- Description: CoId={F2B36317-E52E-4499-9374-BDBD6E77A33D}: The user DEEPNET-PC\DEEP NET dialed a connection named VPN Connection which has failed. The error code returned on failure is 0.
- Error: (08/31/2015 05:04:41 PM) (Source: RasClient) (EventID: 20227) (User: )
- Description: CoId={ADD04AD8-CAE4-432A-BA93-C267610D8BC5}: The user DEEPNET-PC\DEEP NET dialed a connection named VPN Connection which has failed. The error code returned on failure is 0.
- Error: (08/31/2015 10:33:20 AM) (Source: RasClient) (EventID: 20227) (User: )
- Description: CoId={EA2205D9-222A-43BE-83E8-FE170A58EF35}: The user DEEPNET-PC\DEEP NET dialed a connection named VPN Connection which has failed. The error code returned on failure is 0.
- Error: (08/30/2015 01:40:25 PM) (Source: RasClient) (EventID: 20227) (User: )
- Description: CoId={8FB90723-0A91-4B3A-89CF-6697A604BD27}: The user DEEPNET-PC\DEEP NET dialed a connection named VPN Connection which has failed. The error code returned on failure is 0.
- System errors:
- =============
- Error: (09/22/2015 10:26:28 AM) (Source: EventLog) (EventID: 6008) (User: )
- Description: The previous system shutdown at 10:25:16 AM on 9/22/2015 was unexpected.
- Error: (09/22/2015 10:24:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
- Description: The Google Update Service (gupdate) service failed to start due to the following error:
- %%1053
- Error: (09/22/2015 10:24:16 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
- Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
- Error: (09/22/2015 10:21:22 AM) (Source: EventLog) (EventID: 6008) (User: )
- Description: The previous system shutdown at 10:19:55 AM on 9/22/2015 was unexpected.
- Error: (09/21/2015 10:04:56 AM) (Source: EventLog) (EventID: 6008) (User: )
- Description: The previous system shutdown at 10:44:20 PM on 9/20/2015 was unexpected.
- Error: (09/20/2015 02:33:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
- Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WinDefend service.
- Error: (09/19/2015 11:11:17 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
- Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
- Error: (09/19/2015 08:11:41 AM) (Source: EventLog) (EventID: 6008) (User: )
- Description: The previous system shutdown at 12:11:45 AM on 9/19/2015 was unexpected.
- Error: (09/18/2015 09:38:02 AM) (Source: DCOM) (EventID: 10010) (User: )
- Description: {820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}
- Error: (09/17/2015 03:04:03 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
- Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
- CodeIntegrity:
- ===================================
- Date: 2015-09-19 11:52:19.650
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
- Date: 2015-09-19 11:52:19.650
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
- Date: 2015-09-19 11:52:19.650
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
- Date: 2015-09-19 11:52:19.620
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
- Date: 2015-09-19 11:52:19.620
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
- Date: 2015-09-19 11:52:19.610
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
- Date: 2015-09-18 18:09:54.387
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
- Date: 2015-09-18 18:09:54.377
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
- Date: 2015-09-18 18:09:54.377
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
- Date: 2015-09-18 18:09:54.337
- Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
- ==================== Memory info ===========================
- Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
- Percentage of memory in use: 90%
- Total physical RAM: 1946.36 MB
- Available physical RAM: 187.91 MB
- Total Virtual: 3892.71 MB
- Available Virtual: 885.07 MB
- ==================== Drives ================================
- Drive c: () (Fixed) (Total:207.42 GB) (Free:175.69 GB) NTFS ==>[drive with boot components (obtained from BCD)]
- Drive d: () (Fixed) (Total:141.06 GB) (Free:123.47 GB) NTFS
- Drive e: () (Fixed) (Total:117.19 GB) (Free:101.21 GB) NTFS
- ==================== MBR & Partition Table ==================
- ========================================================
- Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00086C6A)
- Partition 1: (Active) - (Size=207.4 GB) - (Type=07 NTFS)
- Partition 2: (Not Active) - (Size=141.1 GB) - (Type=07 NTFS)
- Partition 3: (Not Active) - (Size=117.2 GB) - (Type=07 NTFS)
- ==================== End of Addition.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement