API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 21st, 2014
187
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 56.22 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 21.9.2014. 22:16:28 - Run 1
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Denis\Desktop
  3. 64bit- Enterprise Edition (Version = 6.2.9200) - Type = NTWorkstation
  4. Internet Explorer (Version = 9.10.9200.17088)
  5. Locale: 0000041a | Country: Hrvatska | Language: HRV | Date Format: d.M.yyyy.
  6.  
  7. 5,75 Gb Total Physical Memory | 3,58 Gb Available Physical Memory | 62,30% Memory free
  8. 6,69 Gb Paging File | 4,12 Gb Available in Paging File | 61,59% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
  12. Drive C: | 97,66 Gb Total Space | 43,86 Gb Free Space | 44,91% Space Free | Partition Type: NTFS
  13. Drive D: | 97,56 Gb Total Space | 66,71 Gb Free Space | 68,38% Space Free | Partition Type: NTFS
  14. Drive E: | 270,45 Gb Total Space | 160,03 Gb Free Space | 59,17% Space Free | Partition Type: NTFS
  15.  
  16. Computer Name: DENIS | User Name: Denis | Logged in as Administrator.
  17. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
  18. Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
  19.  
  20. [color=#E56717]========== Processes (SafeList) ==========[/color]
  21.  
  22. PRC - [2014.09.21 22:15:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Denis\Desktop\OTL.exe
  23. PRC - [2014.09.19 23:05:07 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  24. PRC - [2014.09.09 19:28:54 | 001,870,000 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
  25. PRC - [2014.08.02 10:25:25 | 004,085,896 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
  26. PRC - [2014.08.02 10:24:49 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
  27. PRC - [2014.06.27 11:52:26 | 002,088,408 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
  28. PRC - [2014.06.24 10:42:12 | 004,101,576 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
  29. PRC - [2014.06.24 10:41:42 | 001,738,168 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
  30. PRC - [2014.04.25 14:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
  31. PRC - [2013.12.17 12:38:33 | 005,341,536 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
  32. PRC - [2013.01.27 22:31:16 | 002,570,560 | ---- | M] (IntelliBreeze Software) -- C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe
  33.  
  34.  
  35. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  36.  
  37. MOD - [2014.09.19 23:05:05 | 003,734,640 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
  38. MOD - [2014.09.09 19:28:52 | 016,825,520 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
  39. MOD - [2014.08.02 10:24:53 | 019,329,904 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
  40. MOD - [2014.08.02 10:24:52 | 000,301,152 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\aswProperty.dll
  41. MOD - [2014.05.13 12:04:48 | 000,167,768 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
  42. MOD - [2014.05.13 12:04:46 | 000,109,400 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
  43. MOD - [2014.05.13 12:04:42 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
  44. MOD - [2012.10.21 22:59:04 | 001,128,448 | ---- | M] () -- C:\Program Files (x86)\Gmail Notifier Pro\DotNetOpenAuth.dll
  45.  
  46.  
  47. [color=#E56717]========== Services (SafeList) ==========[/color]
  48.  
  49. SRV:[b]64bit:[/b] - [2014.08.02 10:24:49 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
  50. SRV:[b]64bit:[/b] - [2014.05.30 01:02:28 | 000,439,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
  51. SRV:[b]64bit:[/b] - [2014.03.29 10:05:59 | 000,016,056 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
  52. SRV:[b]64bit:[/b] - [2014.01.09 07:15:48 | 001,025,408 | ---- | M] (Enigma Software Group USA, LLC.) [Auto | Running] -- C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe -- (SpyHunter 4 Service)
  53. SRV:[b]64bit:[/b] - [2013.08.16 07:39:26 | 002,371,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
  54. SRV:[b]64bit:[/b] - [2013.06.25 00:54:45 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
  55. SRV:[b]64bit:[/b] - [2013.06.01 11:19:58 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
  56. SRV:[b]64bit:[/b] - [2013.05.04 08:58:02 | 000,470,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
  57. SRV:[b]64bit:[/b] - [2013.05.04 08:57:05 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
  58. SRV:[b]64bit:[/b] - [2013.04.09 06:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
  59. SRV:[b]64bit:[/b] - [2013.03.02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
  60. SRV:[b]64bit:[/b] - [2013.03.02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
  61. SRV:[b]64bit:[/b] - [2013.01.10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
  62. SRV:[b]64bit:[/b] - [2012.11.06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
  63. SRV:[b]64bit:[/b] - [2012.09.20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
  64. SRV:[b]64bit:[/b] - [2012.07.26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
  65. SRV:[b]64bit:[/b] - [2012.07.26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
  66. SRV:[b]64bit:[/b] - [2012.07.26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
  67. SRV:[b]64bit:[/b] - [2012.07.26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
  68. SRV:[b]64bit:[/b] - [2012.07.26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
  69. SRV:[b]64bit:[/b] - [2012.07.26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
  70. SRV:[b]64bit:[/b] - [2012.07.26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
  71. SRV:[b]64bit:[/b] - [2012.07.26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
  72. SRV:[b]64bit:[/b] - [2012.07.26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
  73. SRV:[b]64bit:[/b] - [2012.07.26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
  74. SRV:[b]64bit:[/b] - [2012.07.26 05:05:04 | 000,187,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
  75. SRV:[b]64bit:[/b] - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
  76. SRV:[b]64bit:[/b] - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
  77. SRV:[b]64bit:[/b] - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
  78. SRV:[b]64bit:[/b] - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
  79. SRV:[b]64bit:[/b] - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
  80. SRV:[b]64bit:[/b] - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
  81. SRV - [2014.09.19 23:05:06 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
  82. SRV - [2014.09.09 19:28:55 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
  83. SRV - [2014.05.12 07:24:42 | 000,860,472 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- D:\Nova mapa\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
  84. SRV - [2014.05.12 07:24:40 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- D:\Nova mapa\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
  85. SRV - [2013.12.17 12:38:33 | 005,341,536 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
  86. SRV - [2013.10.23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
  87. SRV - [2012.11.06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
  88. SRV - [2012.07.26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
  89. SRV - [2012.07.13 17:27:00 | 000,769,432 | ---- | M] (Nero AG) [Disabled | Stopped] -- C:\Program Files (x86)\Nero\Update\NASvc.exe -- (NAUpdate)
  90.  
  91.  
  92. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  93.  
  94. DRV:[b]64bit:[/b] - [2014.08.02 10:25:22 | 000,427,360 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\aswsp.sys -- (aswSP)
  95. DRV:[b]64bit:[/b] - [2014.08.02 10:25:02 | 001,041,168 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\aswSnx.sys -- (aswSnx)
  96. DRV:[b]64bit:[/b] - [2014.08.02 10:25:02 | 000,224,896 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
  97. DRV:[b]64bit:[/b] - [2014.08.02 10:25:02 | 000,092,008 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\aswStm.sys -- (aswStm)
  98. DRV:[b]64bit:[/b] - [2014.08.02 10:25:02 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\Drivers\aswMonFlt.sys -- (aswMonFlt)
  99. DRV:[b]64bit:[/b] - [2014.08.02 10:25:02 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
  100. DRV:[b]64bit:[/b] - [2014.08.02 10:25:02 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\aswHwid.sys -- (aswHwid)
  101. DRV:[b]64bit:[/b] - [2014.08.02 10:25:01 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\aswRdr2.sys -- (aswRdr)
  102. DRV:[b]64bit:[/b] - [2014.05.12 07:26:14 | 000,064,216 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mwac.sys -- (MBAMWebAccessControl)
  103. DRV:[b]64bit:[/b] - [2014.05.12 07:25:56 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mbam.sys -- (MBAMProtector)
  104. DRV:[b]64bit:[/b] - [2014.03.28 21:19:38 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
  105. DRV:[b]64bit:[/b] - [2014.03.24 00:11:52 | 000,269,592 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
  106. DRV:[b]64bit:[/b] - [2014.01.07 03:47:06 | 000,014,872 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys -- (esgiguard)
  107. DRV:[b]64bit:[/b] - [2013.11.18 03:18:34 | 000,017,088 | ---- | M] (Glarysoft Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\BootDefragDriver.sys -- (BootDefragDriver)
  108. DRV:[b]64bit:[/b] - [2013.10.10 13:53:35 | 000,096,600 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
  109. DRV:[b]64bit:[/b] - [2013.10.05 08:10:20 | 000,285,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
  110. DRV:[b]64bit:[/b] - [2013.10.02 04:50:07 | 000,447,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
  111. DRV:[b]64bit:[/b] - [2013.08.16 07:41:13 | 000,058,200 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
  112. DRV:[b]64bit:[/b] - [2013.08.10 08:30:22 | 000,151,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
  113. DRV:[b]64bit:[/b] - [2013.07.25 16:53:46 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\netaapl64.sys -- (Netaapl)
  114. DRV:[b]64bit:[/b] - [2013.07.09 10:04:07 | 000,120,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
  115. DRV:[b]64bit:[/b] - [2013.07.02 03:41:47 | 000,337,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
  116. DRV:[b]64bit:[/b] - [2013.07.02 03:41:47 | 000,213,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
  117. DRV:[b]64bit:[/b] - [2013.06.29 08:15:54 | 000,195,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
  118. DRV:[b]64bit:[/b] - [2013.06.01 05:08:57 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
  119. DRV:[b]64bit:[/b] - [2013.03.02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
  120. DRV:[b]64bit:[/b] - [2013.03.02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
  121. DRV:[b]64bit:[/b] - [2013.01.22 09:52:08 | 000,075,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dc3d.sys -- (dc3d)
  122. DRV:[b]64bit:[/b] - [2013.01.10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
  123. DRV:[b]64bit:[/b] - [2012.12.13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
  124. DRV:[b]64bit:[/b] - [2012.11.27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
  125. DRV:[b]64bit:[/b] - [2012.11.20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
  126. DRV:[b]64bit:[/b] - [2012.11.06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
  127. DRV:[b]64bit:[/b] - [2012.10.12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
  128. DRV:[b]64bit:[/b] - [2012.10.11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
  129. DRV:[b]64bit:[/b] - [2012.10.11 07:19:44 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDScan.sys -- (WSDScan)
  130. DRV:[b]64bit:[/b] - [2012.09.20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
  131. DRV:[b]64bit:[/b] - [2012.09.20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
  132. DRV:[b]64bit:[/b] - [2012.08.21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
  133. DRV:[b]64bit:[/b] - [2012.07.26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
  134. DRV:[b]64bit:[/b] - [2012.07.26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
  135. DRV:[b]64bit:[/b] - [2012.07.26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
  136. DRV:[b]64bit:[/b] - [2012.07.26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
  137. DRV:[b]64bit:[/b] - [2012.07.26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
  138. DRV:[b]64bit:[/b] - [2012.07.26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
  139. DRV:[b]64bit:[/b] - [2012.07.26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
  140. DRV:[b]64bit:[/b] - [2012.07.26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
  141. DRV:[b]64bit:[/b] - [2012.07.26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
  142. DRV:[b]64bit:[/b] - [2012.07.26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
  143. DRV:[b]64bit:[/b] - [2012.07.26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
  144. DRV:[b]64bit:[/b] - [2012.07.26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
  145. DRV:[b]64bit:[/b] - [2012.07.26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
  146. DRV:[b]64bit:[/b] - [2012.07.26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
  147. DRV:[b]64bit:[/b] - [2012.07.26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
  148. DRV:[b]64bit:[/b] - [2012.07.26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
  149. DRV:[b]64bit:[/b] - [2012.07.26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
  150. DRV:[b]64bit:[/b] - [2012.07.26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
  151. DRV:[b]64bit:[/b] - [2012.07.26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
  152. DRV:[b]64bit:[/b] - [2012.07.26 06:50:20 | 000,053,352 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Synth3dVsc.sys -- (Synth3dVsc)
  153. DRV:[b]64bit:[/b] - [2012.07.26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
  154. DRV:[b]64bit:[/b] - [2012.07.26 04:29:47 | 000,021,504 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WSDPrint.sys -- (WSDPrintDevice)
  155. DRV:[b]64bit:[/b] - [2012.07.26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
  156. DRV:[b]64bit:[/b] - [2012.07.26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
  157. DRV:[b]64bit:[/b] - [2012.07.26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
  158. DRV:[b]64bit:[/b] - [2012.07.26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
  159. DRV:[b]64bit:[/b] - [2012.07.26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
  160. DRV:[b]64bit:[/b] - [2012.07.26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
  161. DRV:[b]64bit:[/b] - [2012.07.26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
  162. DRV:[b]64bit:[/b] - [2012.07.26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
  163. DRV:[b]64bit:[/b] - [2012.07.26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
  164. DRV:[b]64bit:[/b] - [2012.07.26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
  165. DRV:[b]64bit:[/b] - [2012.07.26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
  166. DRV:[b]64bit:[/b] - [2012.07.26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
  167. DRV:[b]64bit:[/b] - [2012.07.26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
  168. DRV:[b]64bit:[/b] - [2012.07.26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
  169. DRV:[b]64bit:[/b] - [2012.07.26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
  170. DRV:[b]64bit:[/b] - [2012.07.26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
  171. DRV:[b]64bit:[/b] - [2012.07.26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
  172. DRV:[b]64bit:[/b] - [2012.07.26 04:25:26 | 000,203,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Vid.sys -- (Vid)
  173. DRV:[b]64bit:[/b] - [2012.07.26 04:25:22 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\storvsp.sys -- (storvsp)
  174. DRV:[b]64bit:[/b] - [2012.07.26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
  175. DRV:[b]64bit:[/b] - [2012.07.26 04:25:12 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmbusr.sys -- (vmbusr)
  176. DRV:[b]64bit:[/b] - [2012.07.26 04:25:12 | 000,066,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpcivsp.sys -- (vpcivsp)
  177. DRV:[b]64bit:[/b] - [2012.07.26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
  178. DRV:[b]64bit:[/b] - [2012.07.26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
  179. DRV:[b]64bit:[/b] - [2012.07.26 04:23:42 | 000,115,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tsusbhub.sys -- (tsusbhub)
  180. DRV:[b]64bit:[/b] - [2012.07.26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
  181. DRV:[b]64bit:[/b] - [2012.07.26 00:53:22 | 011,926,528 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
  182. DRV:[b]64bit:[/b] - [2012.06.29 04:00:48 | 000,360,448 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
  183. DRV:[b]64bit:[/b] - [2012.06.22 11:01:32 | 000,022,704 | ---- | M] () [File_System | Auto | Stop_Pending] -- C:\Windows\SysNative\Drivers\EsgScanner.sys -- (EsgScanner)
  184. DRV:[b]64bit:[/b] - [2012.06.02 16:31:37 | 000,425,472 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\k57nd60a.sys -- (k57nd60a)
  185. DRV:[b]64bit:[/b] - [2012.06.02 16:31:32 | 002,935,808 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athrx.sys -- (athr)
  186. DRV:[b]64bit:[/b] - [2012.03.27 07:50:38 | 000,284,160 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BrSerIb.sys -- (BrSerIb)
  187. DRV:[b]64bit:[/b] - [2011.07.18 22:58:32 | 000,015,360 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BrUsbSIb.sys -- (BrUsbSIb)
  188. DRV:[b]64bit:[/b] - [2011.04.08 23:00:20 | 000,018,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\nuidfltr.sys -- (NuidFltr)
  189.  
  190. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  191.  
  192.  
  193. [color=#E56717]========== Internet Explorer ==========[/color]
  194.  
  195. IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  196. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  197. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}: "URL" = http://www.default-search.net/search?sid=503&aid=100&itype=n&ver=13001&tm=394&src=ds&p={searchTerms}
  198. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  199. IE - HKLM\..\SearchScopes,DefaultScope =
  200. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  201. IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}: "URL" = http://www.default-search.net/search?sid=503&aid=100&itype=n&ver=13001&tm=394&src=ds&p={searchTerms}
  202.  
  203. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.google.com
  204. IE - HKCU\..\SearchScopes,DefaultScope =
  205. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
  206. IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2503}: "URL" = http://www.default-search.net/search?sid=503&aid=100&itype=n&ver=13001&tm=394&src=ds&p={searchTerms}
  207. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  208. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
  209.  
  210. [color=#E56717]========== FireFox ==========[/color]
  211.  
  212. FF - prefs.js..browser.search.defaultengine: "Google"
  213. FF - prefs.js..browser.search.defaulturl: "http://www.google.com/search?btnG=Google+Search&q="
  214. FF - prefs.js..browser.search.useDBForOrder: "false"
  215. FF - prefs.js..extensions.enabledAddons: system-monitor%40clear-code.com:0.7.0
  216. FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2021.112
  217. FF - prefs.js..extensions.enabledAddons: foxmarks%40kei.com:4.3.3
  218. FF - prefs.js..extensions.enabledAddons: %7Bcc6cc772-f121-49e0-b1f0-c26583cb0c5e%7D:0.1
  219. FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0.2
  220. FF - user.js - File not found
  221.  
  222. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll File not found
  223. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
  224. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
  225. FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
  226. FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
  227. FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
  228. FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
  229. FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
  230. FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
  231. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
  232. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
  233. FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Denis\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found
  234. FF - HKCU\Software\MozillaPlugins\autodesk.com/Autodesk123DShapes: C:\Users\Denis\AppData\Local\Autodesk\123DPlugins\Autodesk 123D Shapes321.0.129\npAutodesk123DShapes32.dll (Autodesk)
  235. FF - HKCU\Software\MozillaPlugins\autodesk.com/Autodesk3DPrintingPlugIn: C:\Users\Denis\AppData\Local\Autodesk\123DPlugins\Autodesk 3D Printing321.0.12\npAutodesk3DPrinting32.dll (Autodesk)
  236.  
  237. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014.08.02 10:25:03 | 000,000,000 | ---D | M]
  238. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
  239. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
  240. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
  241. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
  242.  
  243. [2014.04.20 15:56:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Denis\AppData\Roaming\mozilla\Extensions
  244. [2014.04.20 15:56:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Denis\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
  245. [2014.09.15 22:29:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Denis\AppData\Roaming\mozilla\Firefox\Profiles\rgha27iq.default\extensions
  246. [2014.09.15 22:29:54 | 000,000,000 | ---D | M] ("Website Counselor") -- C:\Users\Denis\AppData\Roaming\mozilla\Firefox\Profiles\rgha27iq.default\extensions\{cc6cc772-f121-49e0-b1f0-c26583cb0c5e}
  247. [2014.08.14 08:46:32 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Denis\AppData\Roaming\mozilla\Firefox\Profiles\rgha27iq.default\extensions\foxmarks@kei.com
  248. [2014.09.15 22:21:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Denis\AppData\Roaming\mozilla\Firefox\Profilesrgha27iq.default\extensions
  249. [2014.09.15 22:21:42 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Denis\AppData\Roaming\mozilla\Firefox\Profilesrgha27iq.default\extensions\staged
  250. [2013.02.01 11:04:52 | 000,070,479 | ---- | M] () (No name found) -- C:\Users\Denis\AppData\Roaming\mozilla\firefox\profiles\rgha27iq.default\extensions\system-monitor@clear-code.com.xpi
  251. [2014.08.13 16:08:51 | 000,967,685 | ---- | M] () (No name found) -- C:\Users\Denis\AppData\Roaming\mozilla\firefox\profiles\rgha27iq.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
  252. [2014.09.19 23:04:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
  253. [2014.09.19 23:05:09 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
  254. [2014.08.02 10:25:03 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
  255.  
  256. [color=#E56717]========== Chrome ==========[/color]
  257.  
  258. CHR - default_search_provider: (Enabled)
  259. CHR - default_search_provider: search_url =
  260. CHR - default_search_provider: suggest_url =
  261. CHR - plugin: Error reading preferences file
  262. CHR - Extension: No name found = C:\Users\Denis\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.28_0\
  263. CHR - Extension: No name found = C:\Users\Denis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
  264. CHR - Extension: No name found = C:\Users\Denis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
  265. CHR - Extension: No name found = C:\Users\Denis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
  266. CHR - Extension: No name found = C:\Users\Denis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
  267. CHR - Extension: No name found = C:\Users\Denis\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmpncdjcpgnbcgfkboljpaagkkkcbbbk\1_0\
  268. CHR - Extension: No name found = C:\Users\Denis\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck\9.0.2022.122_0\
  269. CHR - Extension: No name found = C:\Users\Denis\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.7.13_0\
  270. CHR - Extension: No name found = C:\Users\Denis\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2022.121_0\
  271. CHR - Extension: No name found = C:\Users\Denis\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkbhppfbabandkdmgjmifahoabeodiep\1.4.1_0\
  272. CHR - Extension: No name found = C:\Users\Denis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
  273. CHR - Extension: No name found = C:\Users\Denis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
  274.  
  275. O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
  276. O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
  277. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
  278. O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
  279. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
  280. O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No CLSID value found.
  281. O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
  282. O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
  283. O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
  284. O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
  285. O4 - HKCU..\Run: [GmailNotifierPro] C:\Program Files (x86)\Gmail Notifier Pro\GmailNotifierPro.exe (IntelliBreeze Software)
  286. O4 - HKCU..\Run: [GUDelayStartup] D:\Nova mapa\Glary Utilities 4\StartupManager.exe (Glarysoft Ltd)
  287. O4 - HKCU..\Run: [Viber] C:\Users\Denis\AppData\Local\Viber\Viber.exe ()
  288. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
  289. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
  290. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
  291. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
  292. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  293. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
  294. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
  295. O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
  296. O13[b]64bit:[/b] - gopher Prefix: missing
  297. O13 - gopher Prefix: missing
  298. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
  299. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4A8B2A46-8D70-4D62-8420-4D88C1A3EEB8}: DhcpNameServer = 172.20.10.1
  300. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8CD720C3-01BA-43E4-A574-9A022B515DC6}: DhcpNameServer = 192.168.1.1
  301. O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
  302. O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
  303. O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  304. O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
  305. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
  306. O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
  307. O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found
  308. O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  309. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  310. O30 - LSA: Security Packages - (livessp) - File not found
  311. O32 - HKLM CDRom: AutoRun - 1
  312. O32 - AutoRun File - [2014.09.19 22:46:57 | 000,000,000 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
  313. O33 - MountPoints2\{6da856b6-c8c9-11e3-bec4-206a8a058368}\Shell - "" = AutoRun
  314. O33 - MountPoints2\{6da856b6-c8c9-11e3-bec4-206a8a058368}\Shell\AutoRun\command - "" = "G:\AutoRun.exe"
  315. O33 - MountPoints2\{6da856f0-c8c9-11e3-bec4-206a8a058368}\Shell - "" = AutoRun
  316. O33 - MountPoints2\{6da856f0-c8c9-11e3-bec4-206a8a058368}\Shell\AutoRun\command - "" = "G:\AutoRun.exe"
  317. O34 - HKLM BootExecute: (autocheck autochk *)
  318. O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
  319. O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
  320. O35 - HKLM\..comfile [open] -- "%1" %*
  321. O35 - HKLM\..exefile [open] -- "%1" %*
  322. O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
  323. O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
  324. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  325. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  326. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  327. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  328.  
  329. NetSvcs:[b]64bit:[/b] wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
  330. NetSvcs:[b]64bit:[/b] DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
  331. NetSvcs:[b]64bit:[/b] NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
  332. NetSvcs:[b]64bit:[/b] SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
  333. NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
  334.  
  335. Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
  336. Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
  337. Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
  338.  
  339. CREATERESTOREPOINT
  340. Restore point Set: OTL Restore Point
  341.  
  342. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  343.  
  344. [2014.09.21 22:15:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Denis\Desktop\OTL.exe
  345. [2014.09.21 20:59:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
  346. [2014.09.21 20:59:15 | 000,021,040 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
  347. [2014.09.21 20:59:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
  348. [2014.09.21 20:59:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
  349. [2014.09.19 23:04:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
  350. [2014.09.19 22:46:18 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
  351. [2014.09.19 22:46:16 | 000,000,000 | ---D | C] -- C:\sh4ldr
  352. [2014.09.19 22:46:16 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
  353. [2014.09.19 22:45:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Wise Installation Wizard
  354. [2014.09.17 21:26:52 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacije sustava Chrome
  355. [2014.09.17 21:25:38 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
  356. [2014.09.15 22:28:33 | 000,000,000 | ---D | C] -- C:\Users\Denis\.replicatorg
  357. [2014.09.15 22:28:23 | 000,000,000 | ---D | C] -- C:\Users\Denis\.replicatorg-backup-269364315136529
  358. [2014.09.15 22:27:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 3.3
  359. [2014.09.15 22:21:41 | 000,000,000 | ---D | C] -- C:\Users\Denis\AppData\Roaming\WebExtend
  360. [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  361.  
  362. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  363.  
  364. [2014.09.21 22:15:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Denis\Desktop\OTL.exe
  365. [2014.09.21 22:03:00 | 000,000,958 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  366. [2014.09.21 21:28:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
  367. [2014.09.21 20:59:21 | 000,001,383 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
  368. [2014.09.21 09:03:00 | 000,000,954 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  369. [2014.09.19 22:46:57 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
  370. [2014.09.19 22:46:19 | 000,002,218 | ---- | M] () -- C:\Users\Denis\Desktop\SpyHunter.lnk
  371. [2014.09.19 20:09:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  372. [2014.09.17 21:25:38 | 000,002,333 | ---- | M] () -- C:\Users\Denis\Desktop\Pokretač aplikacija sustava Chrome.lnk
  373. [2014.09.15 22:20:22 | 021,086,208 | ---- | M] () -- C:\Users\Denis\Desktop\python-3-3-3-amd64.msi
  374. [2014.09.15 19:09:57 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize 4.job
  375. [2014.09.12 19:40:13 | 000,305,688 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
  376. [2014.09.12 19:39:13 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
  377. [2014.09.12 19:39:11 | 642,707,455 | -HS- | M] () -- C:\hiberfil.sys
  378. [2014.09.11 14:30:11 | 000,002,179 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
  379. [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  380.  
  381. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  382.  
  383. [2014.09.21 20:59:21 | 000,001,395 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
  384. [2014.09.21 20:59:21 | 000,001,383 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
  385. [2014.09.19 22:46:57 | 000,000,000 | ---- | C] () -- C:\autoexec.bat
  386. [2014.09.19 22:46:22 | 000,022,704 | ---- | C] () -- C:\Windows\SysNative\drivers\EsgScanner.sys
  387. [2014.09.19 22:46:19 | 000,002,218 | ---- | C] () -- C:\Users\Denis\Desktop\SpyHunter.lnk
  388. [2014.09.17 21:25:38 | 000,002,333 | ---- | C] () -- C:\Users\Denis\Desktop\Pokretač aplikacija sustava Chrome.lnk
  389. [2014.09.15 22:19:28 | 021,086,208 | ---- | C] () -- C:\Users\Denis\Desktop\python-3-3-3-amd64.msi
  390. [2014.04.17 20:27:46 | 000,405,881 | ---- | C] () -- C:\Windows\KJ.exe
  391. [2013.12.09 19:07:07 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
  392. [2013.09.11 20:01:46 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
  393. [2013.03.23 12:01:32 | 000,000,410 | ---- | C] () -- C:\Windows\BRWMARK.INI
  394. [2013.03.23 12:01:32 | 000,000,034 | ---- | C] () -- C:\Windows\SysWow64\BD7320.DAT
  395. [2013.01.29 12:16:17 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
  396.  
  397. [color=#E56717]========== ZeroAccess Check ==========[/color]
  398.  
  399.  
  400. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  401.  
  402. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  403.  
  404. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
  405.  
  406. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  407.  
  408. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  409. "" = C:\Windows\SysNative\shell32.dll -- [2014.03.28 10:23:06 | 019,759,104 | ---- | M] (Microsoft Corporation)
  410. "ThreadingModel" = Apartment
  411.  
  412. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  413. "" = %SystemRoot%\system32\shell32.dll -- [2014.03.28 08:18:26 | 017,562,112 | ---- | M] (Microsoft Corporation)
  414. "ThreadingModel" = Apartment
  415.  
  416. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
  417. "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
  418. "ThreadingModel" = Free
  419.  
  420. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  421. "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
  422. "ThreadingModel" = Free
  423.  
  424. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
  425. "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
  426. "ThreadingModel" = Both
  427.  
  428. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  429.  
  430. [color=#E56717]========== LOP Check ==========[/color]
  431.  
  432. [2014.07.09 22:15:27 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\Autodesk
  433. [2013.12.06 20:44:39 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\AVAST Software
  434. [2014.04.25 21:24:28 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\Bitcoin
  435. [2013.11.24 02:07:33 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\BitTorrent Sync
  436. [2014.08.15 10:43:14 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\Dropbox
  437. [2014.08.15 10:43:13 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\DropboxMaster
  438. [2014.05.04 22:04:21 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\DVDVideoSoft
  439. [2013.10.30 20:46:40 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\fltk.org
  440. [2013.11.26 21:47:26 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\Glarysoft
  441. [2014.09.10 21:59:10 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\GmailNotifierPro
  442. [2014.06.18 22:46:46 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\iFunbox_UserCache
  443. [2013.10.23 20:31:35 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\IsolatedStorage
  444. [2013.12.20 15:19:05 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\lonesock software
  445. [2013.10.30 15:48:51 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\OpenOffice.org
  446. [2013.07.11 23:30:23 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\redsn0w
  447. [2014.05.24 10:44:52 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\TeamViewer
  448. [2014.03.28 20:05:54 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\Thunderbird
  449. [2014.04.20 15:56:44 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\TomTom
  450. [2013.10.02 12:43:45 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\TuneUp Software
  451. [2014.05.02 21:46:59 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\uTorrent
  452. [2014.09.15 19:10:09 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\ViberPC
  453. [2014.09.15 22:21:41 | 000,000,000 | ---D | M] -- C:\Users\Denis\AppData\Roaming\WebExtend
  454.  
  455. [color=#E56717]========== Purity Check ==========[/color]
  456.  
  457.  
  458.  
  459. [color=#E56717]========== Custom Scans ==========[/color]
  460.  
  461. [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
  462. [2014.09.19 22:46:57 | 000,000,000 | ---- | M] () -- C:\autoexec.bat
  463. [2012.07.26 05:44:30 | 000,398,156 | RHS- | M] () -- C:\bootmgr
  464. [2012.06.02 16:30:55 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
  465. [2014.04.17 20:29:02 | 000,203,316 | ---- | M] () -- C:\grldr.bak
  466. [2014.09.12 19:39:11 | 642,707,455 | -HS- | M] () -- C:\hiberfil.sys
  467. [2014.09.12 19:39:13 | 1006,632,960 | -HS- | M] () -- C:\pagefile.sys
  468. [2014.09.12 19:39:13 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
  469. [2014.04.17 20:29:30 | 000,000,003 | RHS- | M] () -- C:\win7ldr
  470. [2013.12.09 19:12:27 | 000,007,452 | ---- | M] () -- C:\zoek-results.log
  471.  
  472. [color=#A23BEC]< %systemroot%\Fonts\*.com >[/color]
  473. [2013.01.29 16:37:54 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
  474. [2013.01.29 16:37:54 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
  475. [2013.01.29 16:37:54 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
  476. [2013.01.29 16:37:54 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
  477.  
  478. [color=#A23BEC]< %systemroot%\Fonts\*.dll >[/color]
  479.  
  480. [color=#A23BEC]< %systemroot%\Fonts\*.ini >[/color]
  481. [2012.07.26 10:11:41 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
  482.  
  483. [color=#A23BEC]< %systemroot%\Fonts\*.ini2 >[/color]
  484.  
  485. [color=#A23BEC]< %systemroot%\Fonts\*.exe >[/color]
  486.  
  487. [color=#A23BEC]< %systemroot%\system32\spool\prtprocs\w32x86\*.* >[/color]
  488.  
  489. [color=#A23BEC]< %systemroot%\REPAIR\*.bak1 >[/color]
  490.  
  491. [color=#A23BEC]< %systemroot%\REPAIR\*.ini >[/color]
  492.  
  493. [color=#A23BEC]< %systemroot%\system32\*.jpg >[/color]
  494.  
  495. [color=#A23BEC]< %systemroot%\*.jpg >[/color]
  496.  
  497. [color=#A23BEC]< %systemroot%\*.png >[/color]
  498.  
  499. [color=#A23BEC]< %systemroot%\*.scr >[/color]
  500. [2014.08.02 10:25:00 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
  501. [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  502.  
  503. [color=#A23BEC]< %systemroot%\*._sy >[/color]
  504.  
  505. [color=#A23BEC]< %APPDATA%\Adobe\Update\*.* >[/color]
  506.  
  507. [color=#A23BEC]< %ALLUSERSPROFILE%\Favorites\*.* >[/color]
  508.  
  509. [color=#A23BEC]< %APPDATA%\Microsoft\*.* >[/color]
  510.  
  511. [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color]
  512. [2012.07.26 10:11:35 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
  513.  
  514. [color=#A23BEC]< %APPDATA%\Update\*.* >[/color]
  515.  
  516. [color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
  517.  
  518. [color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
  519.  
  520. [color=#A23BEC]< %PROGRAMFILES%\bak. /s >[/color]
  521.  
  522. [color=#A23BEC]< %systemroot%\system32\bak. /s >[/color]
  523.  
  524. [color=#A23BEC]< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >[/color]
  525.  
  526. [color=#A23BEC]< %systemroot%\system32\config\systemprofile\*.dat /x >[/color]
  527.  
  528. [color=#A23BEC]< %systemroot%\*.config >[/color]
  529.  
  530. [color=#A23BEC]< %systemroot%\system32\*.db >[/color]
  531.  
  532. [color=#A23BEC]< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >[/color]
  533. [2013.01.29 12:24:51 | 000,000,223 | -HS- | M] () -- C:\Users\Denis\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
  534.  
  535. [color=#A23BEC]< %USERPROFILE%\Desktop\*.exe >[/color]
  536. [2014.09.21 22:15:45 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Denis\Desktop\OTL.exe
  537.  
  538. [color=#A23BEC]< %PROGRAMFILES%\Common Files\*.* >[/color]
  539.  
  540. [color=#A23BEC]< %systemroot%\*.src >[/color]
  541.  
  542. [color=#A23BEC]< %systemroot%\install\*.* >[/color]
  543.  
  544. [color=#A23BEC]< %systemroot%\system32\DLL\*.* >[/color]
  545.  
  546. [color=#A23BEC]< %systemroot%\system32\HelpFiles\*.* >[/color]
  547.  
  548. [color=#A23BEC]< %systemroot%\system32\rundll\*.* >[/color]
  549.  
  550. [color=#A23BEC]< %systemroot%\winn32\*.* >[/color]
  551.  
  552. [color=#A23BEC]< %systemroot%\Java\*.* >[/color]
  553.  
  554. [color=#A23BEC]< %systemroot%\system32\test\*.* >[/color]
  555.  
  556. [color=#A23BEC]< %systemroot%\system32\Rundll32\*.* >[/color]
  557.  
  558. [color=#A23BEC]< %systemroot%\AppPatch\Custom\*.* >[/color]
  559.  
  560. [color=#A23BEC]< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >[/color]
  561.  
  562. [color=#A23BEC]< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >[/color]
  563.  
  564. [color=#A23BEC]< %PROGRAMFILES%\Internet Explorer\*.tmp >[/color]
  565.  
  566. [color=#A23BEC]< %PROGRAMFILES%\Internet Explorer\*.dat >[/color]
  567.  
  568. [color=#A23BEC]< %USERPROFILE%\My Documents\*.exe >[/color]
  569.  
  570. [color=#A23BEC]< %USERPROFILE%\*.exe >[/color]
  571.  
  572. [color=#A23BEC]< %systemroot%\ADDINS\*.* >[/color]
  573. [2012.06.02 16:31:36 | 000,000,802 | ---- | M] () -- C:\Windows\ADDINS\FXSEXT.ecf
  574.  
  575. [color=#A23BEC]< %systemroot%\assembly\*.bak2 >[/color]
  576.  
  577. [color=#A23BEC]< %systemroot%\Config\*.* >[/color]
  578.  
  579. [color=#A23BEC]< %systemroot%\REPAIR\*.bak2 >[/color]
  580.  
  581. [color=#A23BEC]< %systemroot%\SECURITY\Database\*.sdb /x >[/color]
  582.  
  583. [color=#A23BEC]< %systemroot%\SYSTEM\*.bak2 >[/color]
  584.  
  585. [color=#A23BEC]< %systemroot%\Web\*.bak2 >[/color]
  586.  
  587. [color=#A23BEC]< %systemroot%\Driver Cache\*.* >[/color]
  588.  
  589. [color=#A23BEC]< %PROGRAMFILES%\Mozilla Firefox\0*.exe >[/color]
  590.  
  591. [color=#A23BEC]< %ProgramFiles%\Microsoft Common\*.* >[/color]
  592.  
  593. [color=#A23BEC]< %ProgramFiles%\TinyProxy. >[/color]
  594.  
  595. [color=#A23BEC]< %USERPROFILE%\Favorites\*.url /x >[/color]
  596. [2014.05.17 09:01:50 | 000,000,402 | -HS- | M] () -- C:\Users\Denis\Favorites\desktop.ini
  597.  
  598. [color=#A23BEC]< %systemroot%\System32\Wbem\*.exe >[/color]
  599. [2012.07.26 05:20:50 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\mofcomp.exe
  600. [2012.07.26 05:21:01 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\WinMgmt.exe
  601. [2012.07.26 05:21:02 | 000,124,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\WMIADAP.exe
  602. [2012.07.26 05:21:02 | 000,385,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\WMIC.exe
  603. [2013.02.02 10:40:58 | 000,375,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\WmiPrvSE.exe
  604.  
  605. [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color]
  606.  
  607. [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color]
  608.  
  609. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!