API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 22nd, 2015
203
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 60.78 KB | None | 0 0
raw download clone embed print report
  1. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015
  2. Ran by DEEP NET (administrator) on DEEPNET-PC (22-09-2015 13:47:12)
  3. Running from C:\Users\DEEP NET\Downloads\Programs
  4. Loaded Profiles: DEEP NET (Available Profiles: DEEP NET)
  5. Platform: Windows 7 Ultimate (X64) Language: English (United States)
  6. Internet Explorer Version 8 (Default browser: Chrome)
  7. Boot Mode: Normal
  8. Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
  9.  
  10. ==================== Processes (Whitelisted) =================
  11.  
  12. (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
  13.  
  14. (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
  15. (Microsoft Corporation) C:\Windows\System32\wlanext.exe
  16. (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe
  17. (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
  18. (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
  19. (Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
  20. (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
  21. (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
  22. (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
  23. (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
  24. (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avpui.exe
  25. (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
  26. (Intel Corporation) C:\Windows\System32\igfxHK.exe
  27. (Intel Corporation) C:\Windows\System32\igfxTray.exe
  28. (Intel Corporation) C:\Windows\System32\igfxEM.exe
  29. (Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe
  30. (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
  31. (BitTorrent Inc.) C:\Users\DEEP NET\AppData\Roaming\BitTorrent\BitTorrent.exe
  32. (PowerISO Computing, Inc.) C:\Program Files (x86)\PowerISO\PWRISOVM.EXE
  33. (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
  34. (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
  35. (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
  36. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  37. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  38. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  39. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  40. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  41. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  42. (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
  43. (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\plugin-nm-server.exe
  44. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  45. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  46. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  47. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  48. (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  49. (Farbar) C:\Users\DEEP NET\Downloads\Programs\FRST64_2.exe
  50.  
  51.  
  52. ==================== Registry (Whitelisted) ===========================
  53.  
  54. (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
  55.  
  56. HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files (x86)\PowerISO\PWRISOVM.EXE [307200 2011-06-15] (PowerISO Computing, Inc.)
  57. HKU\S-1-5-21-1527722138-3059096507-1149149749-1000\...\Run: [Hide.me] => C:\Program Files (x86)\inCloak VPN\Start.exe
  58. HKU\S-1-5-21-1527722138-3059096507-1149149749-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3898960 2015-05-03] (Tonec Inc.)
  59. HKU\S-1-5-21-1527722138-3059096507-1149149749-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53288576 2015-06-30] (Skype Technologies S.A.)
  60. HKU\S-1-5-21-1527722138-3059096507-1149149749-1000\...\Run: [BitTorrent] => C:\Users\DEEP NET\AppData\Roaming\BitTorrent\BitTorrent.exe [1906536 2015-09-18] (BitTorrent Inc.)
  61. HKU\S-1-5-21-1527722138-3059096507-1149149749-1000\...\Run: [Mino] => C:\Users\DEEP NET\AppData\Roaming [0 2015-09-06] ()
  62. ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2014-04-21] (Tonec Inc.)
  63.  
  64. ==================== Internet (Whitelisted) ====================
  65.  
  66. (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
  67.  
  68. Tcpip\Parameters: [DhcpNameServer] 192.168.254.251
  69. Tcpip\..\Interfaces\{B83601EE-675B-4351-A68B-BA0307ADFD1A}: [DhcpNameServer] 192.168.254.251
  70.  
  71. Internet Explorer:
  72. ==================
  73. HKU\S-1-5-21-1527722138-3059096507-1149149749-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-in/?ocid=iehp
  74. BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-02-21] (Internet Download Manager, Tonec Inc.)
  75. BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\x64\IEExt\ie_plugin.dll [2015-04-13] (Kaspersky Lab ZAO)
  76. BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
  77. BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\x64\IEExt\ie_plugin.dll [2015-04-13] (Kaspersky Lab ZAO)
  78. BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\x64\IEExt\ie_plugin.dll [2015-04-13] (Kaspersky Lab ZAO)
  79. BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-02-21] (Internet Download Manager, Tonec Inc.)
  80. BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2015-04-13] (Kaspersky Lab ZAO)
  81. BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
  82. BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2015-04-13] (Kaspersky Lab ZAO)
  83. BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\IEExt\ie_plugin.dll [2015-04-13] (Kaspersky Lab ZAO)
  84. Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
  85. Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
  86. Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
  87. Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
  88. Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation)
  89. Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation)
  90.  
  91. FireFox:
  92. ========
  93. FF ProfilePath: C:\Users\DEEP NET\AppData\Roaming\Mozilla\Firefox\Profiles\dk4n09ws.default
  94. FF NetworkProxy: "socks", "95.25.205.177"
  95. FF NetworkProxy: "socks_port", 9886
  96. FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-09-25] (VideoLAN)
  97. FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
  98. FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
  99. FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
  100. FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
  101. FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
  102. FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com [2015-04-14] ()
  103. FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-04-14] ()
  104. FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
  105. FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.)
  106. FF user.js: detected! => C:\Users\DEEP NET\AppData\Roaming\Mozilla\Firefox\Profiles\dk4n09ws.default\user.js [2015-04-24]
  107. FF Extension: XSS Me - C:\Users\DEEP NET\AppData\Roaming\Mozilla\Firefox\Profiles\dk4n09ws.default\Extensions\xssme@security.compass.xpi [2015-08-31]
  108. FF Extension: Tamper Data - C:\Users\DEEP NET\AppData\Roaming\Mozilla\Firefox\Profiles\dk4n09ws.default\Extensions\{9c51bd27-6ed8-4000-a2bf-36cb95c0c947}.xpi [2015-06-17]
  109. FF Extension: HackBar - C:\Users\DEEP NET\AppData\Roaming\Mozilla\Firefox\Profiles\dk4n09ws.default\Extensions\{F5DDF39C-9293-4d5e-9AA8-E04E6DD5E9B4}.xpi [2015-05-21]
  110. FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-08-27]
  111. FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com
  112. FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\content_blocker@kaspersky.com [2015-04-13]
  113. FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com
  114. FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-04-13]
  115. FF HKU\S-1-5-21-1527722138-3059096507-1149149749-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\DEEP NET\AppData\Roaming\IDM\idmmzcc5
  116. FF Extension: IDM CC - C:\Users\DEEP NET\AppData\Roaming\IDM\idmmzcc5 [2015-09-22]
  117. FF HKU\S-1-5-21-1527722138-3059096507-1149149749-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\DEEP NET\AppData\Roaming\IDM\idmmzcc5
  118.  
  119. Chrome:
  120. =======
  121. CHR Profile: C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default
  122. CHR Extension: (Google Slides) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-13]
  123. CHR Extension: (Google Docs) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-13]
  124. CHR Extension: (Google Drive) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-13]
  125. CHR Extension: (YouTube) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-13]
  126. CHR Extension: (Google Search) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-13]
  127. CHR Extension: (Kaspersky Protection) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-04-15]
  128. CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2015-05-31]
  129. CHR Extension: (Google Sheets) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-13]
  130. CHR Extension: (Google Docs Offline) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-03]
  131. CHR Extension: (Chrome Hotword Shared Module) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-13]
  132. CHR Extension: (Skype Click to Call) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-04-14]
  133. CHR Extension: (Proxy Helper) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnloefcpaepkpmhaoipjkpikbnkmbnic [2015-06-17]
  134. CHR Extension: (IDM Integration Module) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-05-26]
  135. CHR Extension: (Chrome Web Store Payments) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-13]
  136. CHR Extension: (Gmail) - C:\Users\DEEP NET\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-13]
  137. CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
  138. CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-20]
  139. CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
  140. CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
  141. CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-04-20]
  142.  
  143. ==================== Services (Whitelisted) ========================
  144.  
  145. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  146.  
  147. R3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2009-07-14] (Microsoft Corporation) [File not signed]
  148. R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [676864 2009-07-14] (Microsoft Corporation) [File not signed]
  149. R2 AudioSrv; C:\Windows\System32\Audiosrv.dll [676864 2009-07-14] (Microsoft Corporation) [File not signed]
  150. R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
  151. R2 BFE; C:\Windows\System32\bfe.dll [703488 2009-07-14] (Microsoft Corporation) [File not signed]
  152. R2 BITS; C:\Windows\System32\qmgr.dll [848384 2009-07-14] (Microsoft Corporation) [File not signed]
  153. S3 Browser; C:\Windows\System32\browser.dll [136192 2009-07-14] (Microsoft Corporation) [File not signed]
  154. R3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-14] (Microsoft Corporation) [File not signed]
  155. R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
  156. R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
  157. S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2009-07-14] (Microsoft Corporation) [File not signed]
  158. R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [175104 2009-07-14] (Microsoft Corporation) [File not signed]
  159. R2 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [135680 2009-07-14] (Microsoft Corporation) [File not signed]
  160. R2 DcomLaunch; C:\Windows\system32\rpcss.dll [509440 2009-07-14] (Microsoft Corporation) [File not signed]
  161. S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Microsoft Corporation) [File not signed]
  162. R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [182272 2009-07-14] (Microsoft Corporation) [File not signed]
  163. S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2009-07-14] (Microsoft Corporation) [File not signed]
  164. R2 DPS; C:\Windows\system32\dps.dll [162816 2009-07-14] (Microsoft Corporation) [File not signed]
  165. R3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-14] (Microsoft Corporation) [File not signed]
  166. R2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2009-07-14] (Microsoft Corporation) [File not signed]
  167. R2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-14] (Microsoft Corporation) [File not signed]
  168. R2 EventSystem; C:\Windows\SysWOW64\es.dll [271360 2009-07-14] (Microsoft Corporation) [File not signed]
  169. R3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-14] (Microsoft Corporation) [File not signed]
  170. R3 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-14] (Microsoft Corporation) [File not signed]
  171. R3 FontCache; C:\Windows\system32\FntCache.dll [1127936 2009-07-14] (Microsoft Corporation) [File not signed]
  172. R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [244392 2015-07-16] (Foxit Software Inc.)
  173. S3 hidserv; C:\Windows\system32\hidserv.dll [38912 2009-07-14] (Microsoft Corporation) [File not signed]
  174. S3 hidserv; C:\Windows\SysWOW64\hidserv.dll [49152 2009-07-14] (Microsoft Corporation) [File not signed]
  175. S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed]
  176. R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-03-12] (Intel Corporation)
  177. R2 IKEEXT; C:\Windows\System32\ikeext.dll [845824 2009-07-14] (Microsoft Corporation) [File not signed]
  178. S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-14] (Microsoft Corporation) [File not signed]
  179. R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [565760 2009-07-14] (Microsoft Corporation) [File not signed]
  180. S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-14] (Microsoft Corporation) [File not signed]
  181. R2 LanmanServer; C:\Windows\system32\srvsvc.dll [235520 2009-07-14] (Microsoft Corporation) [File not signed]
  182. R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2009-07-14] (Microsoft Corporation) [File not signed]
  183. S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-14] (Microsoft Corporation) [File not signed]
  184. R2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation) [File not signed]
  185. R2 MpsSvc; C:\Windows\system32\mpssvc.dll [824832 2009-07-14] (Microsoft Corporation) [File not signed]
  186. S3 napagent; C:\Windows\system32\qagentRT.dll [475648 2009-07-14] (Microsoft Corporation) [File not signed]
  187. R3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed]
  188. R3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-14] (Microsoft Corporation) [File not signed]
  189. R3 netprofm; C:\Windows\SysWOW64\netprofm.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed]
  190. R2 NlaSvc; C:\Windows\System32\nlasvc.dll [302080 2009-07-14] (Microsoft Corporation) [File not signed]
  191. R2 nsi; C:\Windows\system32\nsisvc.dll [25600 2009-07-14] (Microsoft Corporation) [File not signed]
  192. S3 pla; C:\Windows\system32\pla.dll [1390080 2009-07-14] (Microsoft Corporation) [File not signed]
  193. S3 pla; C:\Windows\SysWOW64\pla.dll [1508864 2009-07-14] (Microsoft Corporation) [File not signed]
  194. R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2009-07-14] (Microsoft Corporation) [File not signed]
  195. S3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [500224 2009-07-14] (Microsoft Corporation) [File not signed]
  196. R2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-14] (Microsoft Corporation) [File not signed]
  197. R2 ProfSvc; C:\Windows\system32\profsvc.dll [208384 2009-07-14] (Microsoft Corporation) [File not signed]
  198. S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-14] (Microsoft Corporation) [File not signed]
  199. S3 RasMan; C:\Windows\System32\rasmans.dll [343552 2009-07-14] (Microsoft Corporation) [File not signed]
  200. S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-14] (Microsoft Corporation) [File not signed]
  201. R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-14] (Microsoft Corporation) [File not signed]
  202. R2 RpcSs; C:\Windows\system32\rpcss.dll [509440 2009-07-14] (Microsoft Corporation) [File not signed]
  203. R2 Schedule; C:\Windows\system32\schedsvc.dll [1104384 2009-07-14] (Microsoft Corporation) [File not signed]
  204. S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2009-07-14] (Microsoft Corporation) [File not signed]
  205. S3 seclogon; C:\Windows\system32\seclogon.dll [30720 2009-07-14] (Microsoft Corporation) [File not signed]
  206. R2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-14] (Microsoft Corporation) [File not signed]
  207. R2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
  208. S3 SessionEnv; C:\Windows\system32\sessenv.dll [104960 2009-07-14] (Microsoft Corporation) [File not signed]
  209. S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [99328 2009-07-14] (Microsoft Corporation) [File not signed]
  210. S3 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-14] (Microsoft Corporation) [File not signed]
  211. R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-14] (Microsoft Corporation) [File not signed]
  212. S3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-14] (Microsoft Corporation) [File not signed]
  213. S3 TapiSrv; C:\Windows\System32\tapisrv.dll [316416 2009-07-14] (Microsoft Corporation) [File not signed]
  214. S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [241664 2009-07-14] (Microsoft Corporation) [File not signed]
  215. S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-14] (Microsoft Corporation) [File not signed]
  216. R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-01] (TeamViewer GmbH)
  217. S3 TermService; C:\Windows\System32\termsrv.dll [706560 2009-07-14] (Microsoft Corporation) [File not signed]
  218. S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation) [File not signed]
  219. R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-14] (Microsoft Corporation) [File not signed]
  220. S3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-14] (Microsoft Corporation) [File not signed]
  221. S3 upnphost; C:\Windows\SysWOW64\upnphost.dll [266752 2009-07-14] (Microsoft Corporation) [File not signed]
  222. S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-14] (Microsoft Corporation) [File not signed]
  223. S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-14] (Microsoft Corporation) [File not signed]
  224. S3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-14] (Microsoft Corporation) [File not signed]
  225. R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
  226. S3 WinRM; C:\Windows\system32\WsmSvc.dll [2018816 2009-07-14] (Microsoft Corporation) [File not signed]
  227. S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1175040 2009-07-14] (Microsoft Corporation) [File not signed]
  228. R2 wudfsvc; C:\Windows\System32\WUDFSvc.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed]
  229.  
  230. ===================== Drivers (Whitelisted) ==========================
  231.  
  232. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  233.  
  234. R1 AFD; C:\Windows\system32\drivers\afd.sys [500224 2009-07-14] (Microsoft Corporation) [File not signed]
  235. S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-14] (Microsoft Corporation) [File not signed]
  236. R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2009-07-14] (Microsoft Corporation) [File not signed]
  237. S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-14] (Microsoft Corporation) [File not signed]
  238. R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
  239. R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2009-07-14] (Microsoft Corporation) [File not signed]
  240. R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] (Microsoft Corporation) [File not signed]
  241. R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [974848 2009-07-14] (Microsoft Corporation) [File not signed]
  242. S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-11] (Broadcom Corporation)
  243. S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-14] (Microsoft Corporation) [File not signed]
  244. S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-14] (Microsoft Corporation) [File not signed]
  245. S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-14] (Microsoft Corporation) [File not signed]
  246. R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [751616 2009-07-14] (Microsoft Corporation) [File not signed]
  247. S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2009-07-14] (Microsoft Corporation) [File not signed]
  248. S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] (Microsoft Corporation) [File not signed]
  249. R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
  250. R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
  251. R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2015-04-13] (Kaspersky Lab ZAO)
  252. R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
  253. R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [819896 2015-04-13] (Kaspersky Lab ZAO)
  254. R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
  255. R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
  256. R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
  257. R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
  258. R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
  259. R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2015-04-13] (Kaspersky Lab ZAO)
  260. R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
  261. R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] (Microsoft Corporation) [File not signed]
  262. R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] (Microsoft Corporation) [File not signed]
  263. R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] (Microsoft Corporation) [File not signed]
  264. S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] (Microsoft Corporation) [File not signed]
  265. R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [157184 2009-07-14] (Microsoft Corporation) [File not signed]
  266. R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [285696 2009-07-14] (Microsoft Corporation) [File not signed]
  267. R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [125952 2009-07-14] (Microsoft Corporation) [File not signed]
  268. S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] (Microsoft Corporation) [File not signed]
  269. S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] (Microsoft Corporation) [File not signed]
  270. S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] (Microsoft Corporation) [File not signed]
  271. S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] (Microsoft Corporation) [File not signed]
  272. S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] (Microsoft Corporation) [File not signed]
  273. S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] (Microsoft Corporation) [File not signed]
  274. R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56320 2009-07-14] (Microsoft Corporation) [File not signed]
  275. R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2009-07-14] (Microsoft Corporation) [File not signed]
  276. R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] (Microsoft Corporation) [File not signed]
  277. R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [259072 2009-07-14] (Microsoft Corporation) [File not signed]
  278. R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-14] (Microsoft Corporation) [File not signed]
  279. R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-14] (Microsoft Corporation) [File not signed]
  280. R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-14] (Microsoft Corporation) [File not signed]
  281. R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111616 2009-07-14] (Microsoft Corporation) [File not signed]
  282. R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2009-07-14] (Microsoft Corporation) [File not signed]
  283. S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] (Microsoft Corporation) [File not signed]
  284. R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [130048 2009-07-14] (Microsoft Corporation) [File not signed]
  285. R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] (Microsoft Corporation) [File not signed]
  286. R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2009-07-14] (Microsoft Corporation) [File not signed]
  287. R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] (Microsoft Corporation) [File not signed]
  288. R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] (Microsoft Corporation) [File not signed]
  289. S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2009-07-14] (Microsoft Corporation) [File not signed]
  290. S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] (Microsoft Corporation) [File not signed]
  291. R3 srv; C:\Windows\System32\DRIVERS\srv.sys [465408 2009-07-14] (Microsoft Corporation) [File not signed]
  292. R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [407040 2009-07-14] (Microsoft Corporation) [File not signed]
  293. R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [162816 2009-07-14] (Microsoft Corporation) [File not signed]
  294. R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [44544 2009-07-14] (Microsoft Corporation) [File not signed]
  295. S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] (Microsoft Corporation) [File not signed]
  296. S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2009-07-14] (Microsoft Corporation) [File not signed]
  297. R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [99840 2009-07-14] (Microsoft Corporation) [File not signed]
  298. S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [38400 2009-07-14] (Microsoft Corporation) [File not signed]
  299. R3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2009-07-14] (Microsoft Corporation) [File not signed]
  300. S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [327168 2009-07-14] (Microsoft Corporation) [File not signed]
  301. R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] (Microsoft Corporation) [File not signed]
  302. S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-14] (Microsoft Corporation) [File not signed]
  303. R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-14] (Microsoft Corporation) [File not signed]
  304. R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] (Microsoft Corporation) [File not signed]
  305. S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] (Microsoft Corporation) [File not signed]
  306. R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [112128 2009-07-14] (Microsoft Corporation) [File not signed]
  307. S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [172544 2009-07-14] (Microsoft Corporation) [File not signed]
  308. U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
  309.  
  310. ==================== NetSvcs (Whitelisted) ===================
  311.  
  312. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  313.  
  314.  
  315. ==================== One Month Created files and folders ========
  316.  
  317. (If an entry is included in the fixlist, the file/folder will be moved.)
  318.  
  319. 2015-09-22 10:19 - 2015-09-22 10:20 - 00000000 ___HD C:\Windows\AxInstSV
  320. 2015-09-21 14:12 - 2015-09-21 14:12 - 00000000 ____D C:\Users\DEEP NET\Desktop\iphone old
  321. 2015-09-20 10:55 - 2015-09-20 10:55 - 00000034 _____ C:\Users\DEEP NET\Desktop\Coin Base address.txt
  322. 2015-09-15 14:51 - 2015-07-19 21:27 - 00001794 ____N C:\Users\DEEP NET\Desktop\Spooks.The.Greater.Good.2015. Trailer.En.srt
  323. 2015-09-13 23:12 - 2015-09-13 23:12 - 00000000 ____D C:\Windows\system32\SPReview
  324. 2015-09-13 23:11 - 2015-09-13 23:11 - 00000000 ____D C:\Windows\system32\EventProviders
  325. 2015-09-12 20:05 - 2015-08-27 11:16 - 00147925 _____ C:\Users\DEEP NET\Desktop\Citizenfour (2014) [1080p] YIFY - YTS.srt
  326. 2015-09-09 09:04 - 2015-09-09 09:04 - 00000000 ____D C:\Program Files\Common Files\AV
  327. 2015-09-08 19:46 - 2014-01-12 13:16 - 00175761 ____N C:\Users\DEEP NET\Desktop\the-fifth-estate-yify-english.srt
  328. 2015-09-08 17:38 - 2015-09-08 17:39 - 00000016 _____ C:\Users\DEEP NET\Desktop\New Text Document (2).txt
  329. 2015-09-06 11:23 - 2015-09-06 11:23 - 00000836 _____ C:\Users\DEEP NET\Desktop\BitTorrent.lnk
  330. 2015-09-06 11:23 - 2015-09-06 11:23 - 00000816 _____ C:\Users\DEEP NET\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
  331. 2015-09-06 11:21 - 2015-09-22 13:46 - 00000000 ____D C:\Users\DEEP NET\AppData\Roaming\BitTorrent
  332. 2015-09-05 21:48 - 2015-07-23 13:18 - 2564476928 _____ C:\Users\DEEP NET\Desktop\Windows_7_32-bit_Home_Premium_x86.iso
  333. 2015-09-03 23:33 - 2015-09-03 23:36 - 00000020 _____ C:\Users\DEEP NET\Desktop\New Text Document.txt
  334. 2015-09-02 15:32 - 2015-09-02 15:33 - 00000000 ____D C:\Users\DEEP NET\AppData\Local\gtk-2.0
  335. 2015-09-02 14:59 - 2015-09-02 14:59 - 00000000 ____D C:\Users\DEEP NET\AppData\Local\enchant
  336. 2015-09-02 14:58 - 2015-09-02 22:14 - 00000000 ____D C:\Users\DEEP NET\AppData\Roaming\.purple
  337. 2015-09-02 06:46 - 2015-09-02 06:46 - 00000995 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pidgin.lnk
  338. 2015-09-02 06:45 - 2015-09-02 06:49 - 00000000 ____D C:\Program Files (x86)\Pidgin
  339. 2015-09-01 13:50 - 2015-09-01 13:50 - 00000843 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
  340. 2015-09-01 13:50 - 2015-09-01 13:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
  341. 2015-09-01 13:50 - 2015-05-13 17:11 - 00922704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
  342. 2015-09-01 13:49 - 2015-05-13 17:10 - 00128592 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
  343. 2015-08-31 17:06 - 2015-08-31 17:27 - 07421377 _____ C:\Users\DEEP NET\Downloads\burpsuite_free_v1.6.25.jar.part
  344. 2015-08-29 09:28 - 2015-08-29 09:29 - 00982640 _____ C:\Windows\Minidump\082915-23290-01.dmp
  345. 2015-08-27 21:50 - 2015-08-29 09:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
  346. 2015-08-27 20:13 - 2015-08-27 20:13 - 00000000 _____ C:\Users\DEEP NET\Desktop\network cats.txt
  347.  
  348. ==================== One Month Modified files and folders ========
  349.  
  350. (If an entry is included in the fixlist, the file/folder will be moved.)
  351.  
  352. 2015-09-22 13:48 - 2009-07-14 10:15 - 00009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  353. 2015-09-22 13:48 - 2009-07-14 10:15 - 00009584 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  354. 2015-09-22 13:47 - 2015-06-08 20:06 - 00000000 ____D C:\FRST
  355. 2015-09-22 13:44 - 2015-04-14 10:21 - 00000000 ____D C:\Users\DEEP NET\AppData\Roaming\Skype
  356. 2015-09-22 13:34 - 2015-04-13 20:56 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
  357. 2015-09-22 13:34 - 2015-04-13 20:41 - 01618442 _____ C:\Windows\WindowsUpdate.log
  358. 2015-09-22 12:02 - 2009-07-14 10:21 - 00094679 _____ C:\Windows\setupact.log
  359. 2015-09-22 11:44 - 2015-06-07 17:00 - 00000000 ____D C:\Program Files (x86)\TeamViewer
  360. 2015-09-22 11:25 - 2015-04-13 22:16 - 00000000 ____D C:\ProgramData\Kaspersky Lab
  361. 2015-09-22 10:26 - 2015-04-13 20:56 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
  362. 2015-09-22 10:26 - 2009-07-14 10:38 - 00000006 ____H C:\Windows\Tasks\SA.DAT
  363. 2015-09-22 09:34 - 2015-04-13 21:14 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
  364. 2015-09-20 13:52 - 2015-06-17 08:51 - 00000000 ____D C:\Users\DEEP NET\Desktop\143 VPN
  365. 2015-09-19 16:18 - 2015-05-06 21:47 - 00000000 ____D C:\Users\DEEP NET\Desktop\Shit things
  366. 2015-09-16 21:01 - 2015-04-13 20:56 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
  367. 2015-09-16 21:01 - 2015-04-13 20:56 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
  368. 2015-09-15 17:41 - 2015-07-22 20:47 - 00000000 ____D C:\Users\DEEP NET\Desktop\New folder (2)
  369. 2015-09-15 17:13 - 2015-06-03 19:54 - 00000000 ____D C:\Users\DEEP NET\AppData\Roaming\vlc
  370. 2015-09-15 14:51 - 2015-04-13 22:16 - 00000000 ____D C:\Users\DEEP NET\AppData\Roaming\DMCache
  371. 2015-09-15 14:50 - 2015-04-13 22:16 - 00000000 ____D C:\Users\DEEP NET\Downloads\Compressed
  372. 2015-09-12 13:13 - 2015-05-26 12:02 - 00000000 ____D C:\Users\DEEP NET\.VirtualBox
  373. 2015-09-11 11:53 - 2015-04-13 20:56 - 00000000 ____D C:\Users\DEEP NET\AppData\Local\Google
  374. 2015-09-08 08:30 - 2015-04-13 22:16 - 00000000 ____D C:\Users\DEEP NET\Downloads\Video
  375. 2015-09-06 11:22 - 2015-05-19 21:37 - 00000000 ____D C:\Users\DEEP NET\AppData\Roaming\uTorrent
  376. 2015-09-05 21:50 - 2009-07-14 10:43 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
  377. 2015-09-01 16:37 - 2015-05-26 12:03 - 00000000 ____D C:\Users\DEEP NET\VirtualBox VMs
  378. 2015-08-29 09:28 - 2015-06-08 22:21 - 240223915 _____ C:\Windows\MEMORY.DMP
  379. 2015-08-29 09:28 - 2015-06-08 22:21 - 00000000 ____D C:\Windows\Minidump
  380. 2015-08-29 09:28 - 2015-04-23 20:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
  381. 2015-08-29 09:28 - 2015-04-13 22:57 - 00097478 _____ C:\Windows\PFRO.log
  382. 2015-08-26 23:00 - 2015-04-13 20:38 - 00000000 ____D C:\Users\DEEP NET
  383. 2015-08-23 17:08 - 2015-07-31 17:49 - 00000270 _____ C:\Users\DEEP NET\Desktop\BTC.txt
  384.  
  385. ==================== Files in the root of some directories =======
  386.  
  387. 2015-08-15 16:10 - 2015-08-15 16:10 - 0000110 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
  388.  
  389. Some files in TEMP:
  390. ====================
  391. C:\Users\DEEP NET\AppData\Local\Temp\dllnt_dump.dll
  392.  
  393.  
  394. ==================== Bamital & volsnap =================
  395.  
  396. (There is no automatic fix for files that do not pass verification.)
  397.  
  398. C:\Windows\system32\winlogon.exe => File is digitally signed
  399. C:\Windows\system32\wininit.exe => File is digitally signed
  400. C:\Windows\SysWOW64\wininit.exe => File is digitally signed
  401. C:\Windows\explorer.exe => File is digitally signed
  402. C:\Windows\SysWOW64\explorer.exe => File is digitally signed
  403. C:\Windows\system32\svchost.exe => File is digitally signed
  404. C:\Windows\SysWOW64\svchost.exe => File is digitally signed
  405. C:\Windows\system32\services.exe => File is digitally signed
  406. C:\Windows\system32\User32.dll => File is digitally signed
  407. C:\Windows\SysWOW64\User32.dll => File is digitally signed
  408. C:\Windows\system32\userinit.exe => File is digitally signed
  409. C:\Windows\SysWOW64\userinit.exe => File is digitally signed
  410. C:\Windows\system32\rpcss.dll => MD5 is legit
  411. C:\Windows\system32\dnsapi.dll => File is digitally signed
  412. C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
  413. C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
  414.  
  415.  
  416. LastRegBack: 2015-09-12 12:38
  417.  
  418.  
  419. ==================== End of FRST.txt ============================
  420.  
  421. Additional scan result of Farbar Recovery Scan Tool (x64) Version:15-09-2015
  422. Ran by DEEP NET (2015-09-22 13:48:33)
  423. Running from C:\Users\DEEP NET\Downloads\Programs
  424. Windows 7 Ultimate (X64) (2015-04-13 15:08:25)
  425. Boot Mode: Normal
  426. ==========================================================
  427.  
  428.  
  429. ==================== Accounts: =============================
  430.  
  431. Administrator (S-1-5-21-1527722138-3059096507-1149149749-500 - Administrator - Disabled)
  432. DEEP NET (S-1-5-21-1527722138-3059096507-1149149749-1000 - Administrator - Enabled) => C:\Users\DEEP NET
  433. Guest (S-1-5-21-1527722138-3059096507-1149149749-501 - Limited - Disabled)
  434.  
  435. ==================== Security Center ========================
  436.  
  437. (If an entry is included in the fixlist, it will be removed.)
  438.  
  439. AV: Kaspersky Anti-Virus (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
  440. AS: Kaspersky Anti-Virus (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
  441. AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  442.  
  443. ==================== Installed Programs ======================
  444.  
  445. (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
  446.  
  447. µTorrent (HKU\S-1-5-21-1527722138-3059096507-1149149749-1000\...\uTorrent) (Version: 3.4.4.40911 - BitTorrent Inc.)
  448. BitTorrent (HKU\S-1-5-21-1527722138-3059096507-1149149749-1000\...\BitTorrent) (Version: 7.9.5.41074 - BitTorrent Inc.)
  449. Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
  450. Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
  451. Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
  452. Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.6.124.715 - Foxit Software Inc.)
  453. Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.1.3.320 - Foxit Software Inc.)
  454. Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.99 - Google Inc.)
  455. Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
  456. Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
  457. Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
  458. Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
  459. Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
  460. Kaspersky Anti-Virus (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
  461. LearnNext (HKLM-x32\...\{FE68F13D-33DB-49A7-B052-0684C0CF1C88}) (Version: 1.0.0.2 - Next Education India Pvt. Ltd.)
  462. Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
  463. Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
  464. Mozilla Firefox 41.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 41.0 (x86 en-US)) (Version: 41.0 - Mozilla)
  465. Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 41.0.0.5701 - Mozilla)
  466. Oracle VM VirtualBox 4.3.28 (HKLM\...\{E8BB81BC-E67C-4750-84EE-128DA5A7ADA5}) (Version: 4.3.28 - Oracle Corporation)
  467. Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.11 - )
  468. PowerISO (HKLM-x32\...\PowerISO) (Version: 4.8 - PowerISO Computing, Inc.)
  469. Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
  470. Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
  471. Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
  472. SMAC 2.0 (HKLM-x32\...\SMAC 2.0) (Version: - )
  473. SQL Server Dumper (HKLM-x32\...\{D77D9A13-68A8-44F0-96DA-E7F4F74A9FDB}) (Version: 2.0.0 - Ruizata Project)
  474. TeamSpeak 3 Client (HKU\S-1-5-21-1527722138-3059096507-1149149749-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
  475. TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43174 - TeamViewer)
  476. VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
  477. WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
  478.  
  479. ==================== Custom CLSID (Whitelisted): ==========================
  480.  
  481. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  482.  
  483. CustomCLSID: HKU\S-1-5-21-1527722138-3059096507-1149149749-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
  484.  
  485. ==================== Restore Points =========================
  486.  
  487. 13-09-2015 23:12:12 Windows 7 Service Pack 1
  488.  
  489. ==================== Hosts content: ===============================
  490.  
  491. (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
  492.  
  493. 2009-07-14 08:04 - 2009-06-11 02:30 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
  494.  
  495. ==================== Scheduled Tasks (Whitelisted) =============
  496.  
  497. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  498.  
  499. Task: {27A5907A-5523-4E48-913D-5FAB53085214} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-13] (Google Inc.)
  500. Task: {7C56AE1D-008F-402B-A276-293D47A81246} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-13] (Google Inc.)
  501.  
  502. (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
  503.  
  504. Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  505. Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  506.  
  507. ==================== Loaded Modules (Whitelisted) ==============
  508.  
  509. 2014-08-30 17:12 - 2014-08-30 17:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\kpcengine.2.3.dll
  510. 2015-09-22 09:33 - 2015-09-19 03:43 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\libglesv2.dll
  511. 2015-09-22 09:33 - 2015-09-19 03:43 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\libegl.dll
  512. 2015-09-22 09:33 - 2015-09-19 03:43 - 16487752 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.99\PepperFlash\pepflashplayer.dll
  513.  
  514. ==================== Alternate Data Streams (Whitelisted) =========
  515.  
  516. (If an entry is included in the fixlist, only the ADS will be removed.)
  517.  
  518.  
  519. ==================== Safe Mode (Whitelisted) ===================
  520.  
  521. (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
  522.  
  523.  
  524. ==================== EXE Association (Whitelisted) ===============
  525.  
  526. (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
  527.  
  528.  
  529. ==================== Internet Explorer trusted/restricted ===============
  530.  
  531. (If an entry is included in the fixlist, it will be removed from the registry.)
  532.  
  533.  
  534. ==================== Other Areas ============================
  535.  
  536. (Currently there is no automatic fix for this section.)
  537.  
  538. HKU\S-1-5-21-1527722138-3059096507-1149149749-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\DEEP NET\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
  539. DNS Servers: 192.168.254.251
  540. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
  541. Windows Firewall is enabled.
  542.  
  543. ==================== MSCONFIG/TASK MANAGER disabled items ==
  544.  
  545. (Currently there is no automatic fix for this section.)
  546.  
  547.  
  548. ==================== FirewallRules (Whitelisted) ===============
  549.  
  550. (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
  551.  
  552. FirewallRules: [{E57117C0-2940-4244-9FD0-4D15F458DB66}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  553. FirewallRules: [{6D055655-8231-4E2B-8B43-4FA208800DF8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  554. FirewallRules: [TCP Query User{E3E6E8E3-2246-4490-B3AC-AE6FD74443F7}C:\users\deep net\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\deep net\appdata\roaming\utorrent\utorrent.exe
  555. FirewallRules: [UDP Query User{E2E8DB09-9ADF-4710-98B2-433C2B0A1CD0}C:\users\deep net\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\deep net\appdata\roaming\utorrent\utorrent.exe
  556. FirewallRules: [{F86E88BA-6F81-4450-A1E7-76F0879F202A}] => (Block) C:\users\deep net\appdata\roaming\utorrent\utorrent.exe
  557. FirewallRules: [{8AAAE3A8-9B83-4C4C-928F-6325EB35A586}] => (Block) C:\users\deep net\appdata\roaming\utorrent\utorrent.exe
  558. FirewallRules: [TCP Query User{6B80805B-866D-43D3-BC7C-9BD1E86D30B2}C:\users\deep net\downloads\programs\listen.exe] => (Allow) C:\users\deep net\downloads\programs\listen.exe
  559. FirewallRules: [UDP Query User{B3D7A3FE-32D5-4F9C-8492-CC0DA3918859}C:\users\deep net\downloads\programs\listen.exe] => (Allow) C:\users\deep net\downloads\programs\listen.exe
  560. FirewallRules: [{4508BDDA-A7F0-461E-A00C-CA67A61C60B0}] => (Block) C:\users\deep net\downloads\programs\listen.exe
  561. FirewallRules: [{382481A9-8D28-46E2-B899-83770FAD9D93}] => (Block) C:\users\deep net\downloads\programs\listen.exe
  562. FirewallRules: [{BF3E9472-D471-46FF-8ABF-F0EF3DB396A9}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
  563. FirewallRules: [{00FCAA66-7F0E-498E-95B6-77F05A3AC963}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
  564. FirewallRules: [{4287386E-2432-48B0-864A-C1933E8C4A2F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
  565. FirewallRules: [{4EA2C048-E1B0-4BAF-9E97-768D0B377CEA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
  566. FirewallRules: [{19760963-4089-4B1F-89E3-AA61EE051E75}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
  567. FirewallRules: [TCP Query User{4CEA3181-6F09-427D-8A77-2533FBBF60E7}D:\igi 2 - covert strike\pc\1.0.exe] => (Allow) D:\igi 2 - covert strike\pc\1.0.exe
  568. FirewallRules: [UDP Query User{DB28E3D5-FE53-4187-AC67-77C96E6E759D}D:\igi 2 - covert strike\pc\1.0.exe] => (Allow) D:\igi 2 - covert strike\pc\1.0.exe
  569. FirewallRules: [TCP Query User{965EEAE4-1D11-4BB7-839C-352EC72DCFEE}D:\igi 2 - covert strike\pc\igi2.exe] => (Allow) D:\igi 2 - covert strike\pc\igi2.exe
  570. FirewallRules: [UDP Query User{322E633E-8A02-4742-84CB-B6883282DFB0}D:\igi 2 - covert strike\pc\igi2.exe] => (Allow) D:\igi 2 - covert strike\pc\igi2.exe
  571. FirewallRules: [TCP Query User{209D575B-1482-4FA9-8E29-A282EA00DB04}C:\users\deep net\appdata\roaming\utorrent\updates\3.4.3_40298.exe] => (Allow) C:\users\deep net\appdata\roaming\utorrent\updates\3.4.3_40298.exe
  572. FirewallRules: [UDP Query User{5D1F99B0-CB8B-4B38-964E-646E5BCF2B0C}C:\users\deep net\appdata\roaming\utorrent\updates\3.4.3_40298.exe] => (Allow) C:\users\deep net\appdata\roaming\utorrent\updates\3.4.3_40298.exe
  573. FirewallRules: [{7B4B5DA6-46E0-4CFA-BE43-C36B8F433531}] => (Allow) C:\Users\DEEP NET\AppData\Roaming\uTorrent\updates\3.4.3_40760.exe
  574. FirewallRules: [{FD8571D7-87D6-45C7-8627-A1A6198FE782}] => (Allow) C:\Users\DEEP NET\AppData\Roaming\uTorrent\updates\3.4.3_40760.exe
  575. FirewallRules: [TCP Query User{73E7A73E-6350-423C-BE1B-64B7F7DA97C0}C:\users\deep net\appdata\roaming\utorrent\updates\3.4.4_40911.exe] => (Allow) C:\users\deep net\appdata\roaming\utorrent\updates\3.4.4_40911.exe
  576. FirewallRules: [UDP Query User{FB3C7C91-EB03-431D-879F-93448C13ACF5}C:\users\deep net\appdata\roaming\utorrent\updates\3.4.4_40911.exe] => (Allow) C:\users\deep net\appdata\roaming\utorrent\updates\3.4.4_40911.exe
  577. FirewallRules: [{9BA23EC9-0EB5-4436-B781-9FBD0D480BDD}] => (Allow) C:\Users\DEEP NET\AppData\Roaming\BitTorrent\BitTorrent.exe
  578. FirewallRules: [{0A33FAF5-1B67-421D-AD99-FAC0A1F19B47}] => (Allow) C:\Users\DEEP NET\AppData\Roaming\BitTorrent\BitTorrent.exe
  579. FirewallRules: [{B57DB9EA-9D28-4F88-ADB8-66AAECF46C11}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  580.  
  581. ==================== Faulty Device Manager Devices =============
  582.  
  583. Name: Universal Serial Bus (USB) Controller
  584. Description: Universal Serial Bus (USB) Controller
  585. Class Guid:
  586. Manufacturer:
  587. Service:
  588. Problem: : The drivers for this device are not installed. (Code 28)
  589. Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
  590.  
  591. Name: PCI Device
  592. Description: PCI Device
  593. Class Guid:
  594. Manufacturer:
  595. Service:
  596. Problem: : The drivers for this device are not installed. (Code 28)
  597. Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
  598.  
  599. Name: Ethernet Controller
  600. Description: Ethernet Controller
  601. Class Guid:
  602. Manufacturer:
  603. Service:
  604. Problem: : The drivers for this device are not installed. (Code 28)
  605. Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
  606.  
  607. Name: VirtualBox Host-Only Ethernet Adapter
  608. Description: VirtualBox Host-Only Ethernet Adapter
  609. Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
  610. Manufacturer: Oracle Corporation
  611. Service: VBoxNetAdp
  612. Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
  613. Resolution: Update the driver
  614.  
  615.  
  616. ==================== Event log errors: =========================
  617.  
  618. Application errors:
  619. ==================
  620. Error: (09/22/2015 11:29:50 AM) (Source: LearnNext) (EventID: 3) (User: )
  621. Description: 1442901590
  622.  
  623. Error: (09/22/2015 11:29:00 AM) (Source: LearnNext) (EventID: 2) (User: )
  624. Description: N-044f2737-60ef-11e5-b2ee-28e347183d08
  625.  
  626. Error: (09/22/2015 11:28:59 AM) (Source: LearnNext) (EventID: 3) (User: )
  627. Description: 1442901539
  628.  
  629. Error: (09/17/2015 10:45:49 PM) (Source: EventSystem) (EventID: 4621) (User: )
  630. Description: 80070005EventSystem.EventSubscription{F55E4282-CE4F-4785-B5C8-29D60709F8AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}SENS Logon Subscription
  631.  
  632. Error: (09/10/2015 12:15:12 AM) (Source: EventSystem) (EventID: 4621) (User: )
  633. Description: 80070005EventSystem.EventSubscription{F55E4282-CE4F-4785-B5C8-29D60709F8AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}SENS Logon Subscription
  634.  
  635. Error: (09/03/2015 11:41:18 PM) (Source: EventSystem) (EventID: 4621) (User: )
  636. Description: 80070005EventSystem.EventSubscription{F55E4282-CE4F-4785-B5C8-29D60709F8AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}SENS Logon Subscription
  637.  
  638. Error: (08/31/2015 06:18:49 PM) (Source: RasClient) (EventID: 20227) (User: )
  639. Description: CoId={F2B36317-E52E-4499-9374-BDBD6E77A33D}: The user DEEPNET-PC\DEEP NET dialed a connection named VPN Connection which has failed. The error code returned on failure is 0.
  640.  
  641. Error: (08/31/2015 05:04:41 PM) (Source: RasClient) (EventID: 20227) (User: )
  642. Description: CoId={ADD04AD8-CAE4-432A-BA93-C267610D8BC5}: The user DEEPNET-PC\DEEP NET dialed a connection named VPN Connection which has failed. The error code returned on failure is 0.
  643.  
  644. Error: (08/31/2015 10:33:20 AM) (Source: RasClient) (EventID: 20227) (User: )
  645. Description: CoId={EA2205D9-222A-43BE-83E8-FE170A58EF35}: The user DEEPNET-PC\DEEP NET dialed a connection named VPN Connection which has failed. The error code returned on failure is 0.
  646.  
  647. Error: (08/30/2015 01:40:25 PM) (Source: RasClient) (EventID: 20227) (User: )
  648. Description: CoId={8FB90723-0A91-4B3A-89CF-6697A604BD27}: The user DEEPNET-PC\DEEP NET dialed a connection named VPN Connection which has failed. The error code returned on failure is 0.
  649.  
  650.  
  651. System errors:
  652. =============
  653. Error: (09/22/2015 10:26:28 AM) (Source: EventLog) (EventID: 6008) (User: )
  654. Description: The previous system shutdown at 10:25:16 AM on ‎9/‎22/‎2015 was unexpected.
  655.  
  656. Error: (09/22/2015 10:24:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
  657. Description: The Google Update Service (gupdate) service failed to start due to the following error:
  658. %%1053
  659.  
  660. Error: (09/22/2015 10:24:16 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
  661. Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
  662.  
  663. Error: (09/22/2015 10:21:22 AM) (Source: EventLog) (EventID: 6008) (User: )
  664. Description: The previous system shutdown at 10:19:55 AM on ‎9/‎22/‎2015 was unexpected.
  665.  
  666. Error: (09/21/2015 10:04:56 AM) (Source: EventLog) (EventID: 6008) (User: )
  667. Description: The previous system shutdown at 10:44:20 PM on ‎9/‎20/‎2015 was unexpected.
  668.  
  669. Error: (09/20/2015 02:33:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
  670. Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the WinDefend service.
  671.  
  672. Error: (09/19/2015 11:11:17 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
  673. Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the lmhosts service.
  674.  
  675. Error: (09/19/2015 08:11:41 AM) (Source: EventLog) (EventID: 6008) (User: )
  676. Description: The previous system shutdown at 12:11:45 AM on ‎9/‎19/‎2015 was unexpected.
  677.  
  678. Error: (09/18/2015 09:38:02 AM) (Source: DCOM) (EventID: 10010) (User: )
  679. Description: {820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}
  680.  
  681. Error: (09/17/2015 03:04:03 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
  682. Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
  683.  
  684.  
  685. CodeIntegrity:
  686. ===================================
  687. Date: 2015-09-19 11:52:19.650
  688. Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
  689.  
  690. Date: 2015-09-19 11:52:19.650
  691. Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
  692.  
  693. Date: 2015-09-19 11:52:19.650
  694. Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
  695.  
  696. Date: 2015-09-19 11:52:19.620
  697. Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
  698.  
  699. Date: 2015-09-19 11:52:19.620
  700. Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
  701.  
  702. Date: 2015-09-19 11:52:19.610
  703. Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
  704.  
  705. Date: 2015-09-18 18:09:54.387
  706. Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
  707.  
  708. Date: 2015-09-18 18:09:54.377
  709. Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
  710.  
  711. Date: 2015-09-18 18:09:54.377
  712. Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
  713.  
  714. Date: 2015-09-18 18:09:54.337
  715. Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 15.0.1\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
  716.  
  717.  
  718. ==================== Memory info ===========================
  719.  
  720. Processor: Intel(R) Core(TM) i3-3110M CPU @ 2.40GHz
  721. Percentage of memory in use: 90%
  722. Total physical RAM: 1946.36 MB
  723. Available physical RAM: 187.91 MB
  724. Total Virtual: 3892.71 MB
  725. Available Virtual: 885.07 MB
  726.  
  727. ==================== Drives ================================
  728.  
  729. Drive c: () (Fixed) (Total:207.42 GB) (Free:175.69 GB) NTFS ==>[drive with boot components (obtained from BCD)]
  730. Drive d: () (Fixed) (Total:141.06 GB) (Free:123.47 GB) NTFS
  731. Drive e: () (Fixed) (Total:117.19 GB) (Free:101.21 GB) NTFS
  732.  
  733. ==================== MBR & Partition Table ==================
  734.  
  735. ========================================================
  736. Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00086C6A)
  737. Partition 1: (Active) - (Size=207.4 GB) - (Type=07 NTFS)
  738. Partition 2: (Not Active) - (Size=141.1 GB) - (Type=07 NTFS)
  739. Partition 3: (Not Active) - (Size=117.2 GB) - (Type=07 NTFS)
  740.  
  741. ==================== End of Addition.txt ============================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!