My Pastes
Public Pastes
Layout Width
Share Pastebin
Guest
Public paste!

Untitled

By: a guest | Mar 20th, 2010 | Syntax: None | Size: 32.71 KB | Hits: 113 | Expires: Never
Download | Raw | Embed | Report abuse
Copy text to clipboard
  1. OTL logfile created on: 20.3.2010 15:55:46 - Run 2
  2. OTL by OldTimer - Version 3.1.37.3     Folder = C:\Documents and Settings\pc\My Documents\Downloads
  3. Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
  4. Internet Explorer (Version = 8.0.6001.18702)
  5. Locale: 0000041A | Country: Croatia | Language: HRV | Date Format: d.M.yyyy
  6.  
  7. 3,00 Gb Total Physical Memory | 2,00 Gb Available Physical Memory | 82,00% Memory free
  8. 5,00 Gb Paging File | 4,00 Gb Available in Paging File | 90,00% Paging File free
  9. Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\windows | %ProgramFiles% = C:\Program Files
  12. Drive C: | 298,08 Gb Total Space | 250,79 Gb Free Space | 84,14% Space Free | Partition Type: NTFS
  13. D: Drive not present or media not loaded
  14. E: Drive not present or media not loaded
  15. F: Drive not present or media not loaded
  16. Drive G: | 931,51 Gb Total Space | 371,69 Gb Free Space | 39,90% Space Free | Partition Type: NTFS
  17. H: Drive not present or media not loaded
  18. I: Drive not present or media not loaded
  19.  
  20. Computer Name: PP-A0BE2901EF56
  21. Current User Name: pc
  22. Logged in as Administrator.
  23.  
  24. Current Boot Mode: Normal
  25. Scan Mode: Current user
  26. Company Name Whitelist: On
  27. Skip Microsoft Files: On
  28. File Age = 14 Days
  29. Output = Standard
  30. Quick Scan
  31.  
  32. [color=#E56717]========== Processes (SafeList) ==========[/color]
  33.  
  34. PRC - [2010.03.20 15:24:20 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\pc\My Documents\Downloads\OTL.exe
  35. PRC - [2010.03.18 16:13:13 | 000,136,176 | ---- | M] (Google Inc.) -- C:\Documents and Settings\pc\Local Settings\Application Data\Google\Update\1.2.183.23\GoogleCrashHandler.exe
  36. PRC - [2010.03.13 16:58:34 | 000,530,928 | ---- | M] (Google Inc.) -- C:\Documents and Settings\pc\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  37. PRC - [2010.02.19 21:45:16 | 000,202,256 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
  38. PRC - [2009.09.25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
  39. PRC - [2009.09.25 23:31:32 | 000,185,640 | ---- | M] (Seagate LLC) -- C:\Program Files\Seagate\SeagateManager\FreeAgent Status\stxmenumgr.exe
  40. PRC - [2008.04.14 04:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
  41. PRC - [2006.05.10 12:26:42 | 000,278,528 | ---- | M] () -- C:\Program Files\Philips\Philips SPC315NC Webcam\TrayMin315.exe
  42. PRC - [2005.10.28 15:25:44 | 000,094,208 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
  43. PRC - [2004.06.16 06:03:04 | 000,081,920 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
  44. PRC - [2004.06.09 14:37:02 | 000,040,960 | ---- | M] (BIGDOG) -- C:\WINDOWS\VM_STI.EXE
  45.  
  46.  
  47. [color=#E56717]========== Modules (SafeList) ==========[/color]
  48.  
  49. MOD - [2010.03.20 15:24:20 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\pc\My Documents\Downloads\OTL.exe
  50. MOD - [2010.02.19 21:45:43 | 000,118,784 | ---- | M] (RealPlayer) -- C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Hook\rpchromebrowserrecordhelper.dll
  51. MOD - [2010.02.19 21:45:17 | 000,499,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcp71.dll
  52. MOD - [2010.02.19 21:45:17 | 000,348,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\msvcr71.dll
  53. MOD - [2009.08.13 14:55:04 | 001,748,992 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
  54.  
  55.  
  56. [color=#E56717]========== Win32 Services (SafeList) ==========[/color]
  57.  
  58. SRV - [2009.09.25 23:32:18 | 000,189,736 | ---- | M] (Seagate Technology LLC) [Auto | Running] -- C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe -- (FreeAgentGoNext Service)
  59.  
  60.  
  61. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  62.  
  63.  
  64. [color=#E56717]========== Internet Explorer ==========[/color]
  65.  
  66. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
  67.  
  68. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://eu.ask.com?o=15015&l=dis [binary data]
  69. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
  70. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/defaultc.aspx
  71. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = hr
  72. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 32 14 57 51 A0 2C CA 01  [binary data]
  73. IE - HKCU\..\URLSearchHook: {e802027b-1f2b-40bd-b307-0bd96d036835} - C:\Program Files\AstroburnBar\tbAstr.dll (Conduit Ltd.)
  74. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  75.  
  76. [color=#E56717]========== FireFox ==========[/color]
  77.  
  78. FF - prefs.js..browser.search.defaultengine: "Ask.com"
  79. FF - prefs.js..browser.search.defaultenginename: "Ask.com"
  80. FF - prefs.js..browser.search.defaultthis.engineName: "4shared Web Search"
  81. FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&SearchSource=3&q={searchTerms}"
  82. FF - prefs.js..browser.search.order.1: "Ask.com"
  83. FF - prefs.js..browser.search.selectedEngine: "Ask.com"
  84. FF - prefs.js..browser.search.useDBForOrder: true
  85. FF - prefs.js..browser.startup.homepage: "http://eu.ask.com?o=15015&l=dis"
  86. FF - prefs.js..extensions.enabledItems: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7}:2.1.0.19
  87. FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.4.4.118
  88. FF - prefs.js..extensions.enabledItems: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}:2.2.0.9
  89. FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
  90. FF - prefs.js..extensions.enabledItems: m3ffxtbr@mywebsearch.com:1.1
  91. FF - prefs.js..extensions.enabledItems: {72ae8426-3b8d-4ead-b191-8d0ad1c62158}:2.2.0.9
  92. FF - prefs.js..extensions.enabledItems: {930f1200-f5f1-4870-bac6-e233ec8e7023}:2.3.0.4
  93.  
  94. FF - HKLM\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG8\Firefox
  95. FF - HKLM\software\mozilla\Firefox\Extensions\\m3ffxtbr@mywebsearch.com: C:\Program Files\MyWebSearch\bar\firefox\
  96. FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010.02.19 21:45:43 | 000,000,000 | ---D | M]
  97.  
  98. [2009.07.06 18:23:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Mozilla\Extensions
  99. [2009.07.06 18:23:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Mozilla\Extensions\mozswing@mozswing.org
  100. [2010.02.19 00:47:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\55389k32.default\extensions
  101. [2009.10.06 18:54:38 | 000,000,000 | ---D | M] (4shared.com Toolbar) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\55389k32.default\extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}
  102. [2009.07.01 17:54:24 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\55389k32.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
  103. [2010.02.19 00:47:41 | 000,000,000 | ---D | M] (XfireXO Toolbar) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\55389k32.default\extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3}
  104. [2009.08.22 19:04:38 | 000,000,000 | ---D | M] (P2P Max Toolbar) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\55389k32.default\extensions\{72ae8426-3b8d-4ead-b191-8d0ad1c62158}
  105. [2009.09.26 18:23:19 | 000,000,000 | ---D | M] (Softonic English Toolbar) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\55389k32.default\extensions\{930f1200-f5f1-4870-bac6-e233ec8e7023}
  106. [2009.08.22 19:04:37 | 000,000,000 | ---D | M] (BS Player Toolbar) -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\55389k32.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}
  107. [2010.02.01 11:08:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\55389k32.default\extensions\DTToolbar@toolbarnet.com
  108. [2010.02.10 21:08:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\55389k32.default\extensions\firefox@tvunetworks.com
  109. [2009.11.22 22:35:14 | 000,002,236 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\55389k32.default\searchplugins\askcom.xml
  110. [2009.09.03 14:18:17 | 000,002,163 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\55389k32.default\searchplugins\bing.xml
  111. [2009.10.06 22:53:36 | 000,000,897 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\55389k32.default\searchplugins\conduit.xml
  112. [2009.06.01 21:05:55 | 000,002,399 | ---- | M] () -- C:\Documents and Settings\pc\Application Data\Mozilla\Firefox\Profiles\55389k32.default\searchplugins\daemon-search.xml
  113. [2010.01.19 19:04:55 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
  114.  
  115. O1 HOSTS File: ([2010.01.28 14:46:38 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
  116. O1 - Hosts: 127.0.0.1       localhost
  117. O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
  118. O2 - BHO: (4shared.com Toolbar) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\tb4sh0.dll (Conduit Ltd.)
  119. O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
  120. O2 - BHO: (AstroburnBar Toolbar) - {e802027b-1f2b-40bd-b307-0bd96d036835} - C:\Program Files\AstroburnBar\tbAstr.dll (Conduit Ltd.)
  121. O3 - HKLM\..\Toolbar: (4shared.com Toolbar) - {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - C:\Program Files\4shared.com\tb4sh0.dll (Conduit Ltd.)
  122. O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
  123. O3 - HKLM\..\Toolbar: (AstroburnBar Toolbar) - {e802027b-1f2b-40bd-b307-0bd96d036835} - C:\Program Files\AstroburnBar\tbAstr.dll (Conduit Ltd.)
  124. O3 - HKCU\..\Toolbar\WebBrowser: (4shared.com Toolbar) - {09EC805C-CB2E-4D53-B0D3-A75A428B81C7} - C:\Program Files\4shared.com\tb4sh0.dll (Conduit Ltd.)
  125. O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
  126. O3 - HKCU\..\Toolbar\WebBrowser: (AstroburnBar Toolbar) - {E802027B-1F2B-40BD-B307-0BD96D036835} - C:\Program Files\AstroburnBar\tbAstr.dll (Conduit Ltd.)
  127. O4 - HKLM..\Run: [4shared Update] C:\Program Files\4shared Desktop\checkUpdate.exe (New IT Solutions)
  128. O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
  129. O4 - HKLM..\Run: [BigDogPath] C:\windows\VM_STI.EXE %;USB\VID_0AC8&PID_0302.Dev File not found
  130. O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
  131. O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
  132. O4 - HKLM..\Run: [MaxMenuMgr] C:\Program Files\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe (Seagate LLC)
  133. O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Ahead Software Gmbh)
  134. O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
  135. O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
  136. O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe (Nero AG)
  137. O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
  138. O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\TrayMin315.exe.lnk = C:\Program Files\Philips\Philips SPC315NC Webcam\TrayMin315.exe ()
  139. O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe (Microsoft Corporation)
  140. O4 - Startup: C:\Documents and Settings\pc\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files\Xfire\Xfire.exe (Xfire Inc.)
  141. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
  142. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
  143. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
  144. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
  145. O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
  146. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
  147. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
  148. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
  149. O8 - Extra context menu item: &Download all 4shared files - C:\Program Files\4shared Desktop\down_all.htm ()
  150. O8 - Extra context menu item: &Download using 4shared Desktop - C:\Program Files\4shared Desktop\down_link.htm ()
  151. O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1243604888031 (WUWebControl Class)
  152. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
  153. O16 - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
  154. O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab (Java Plug-in 1.6.0_17)
  155. O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
  156. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
  157. O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll File not found
  158. O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
  159. O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\windows\explorer.exe (Microsoft Corporation)
  160. O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\windows\System32\ati2evxx.dll (ATI Technologies Inc.)
  161. O24 - Desktop Components:0 () - http://www.hercegovina.info/img/repository/2009/12/web_image/pametni-hrvati-su-nepozeljni.jpg
  162. O24 - Desktop Components:1 (My Current Home Page) - About:Home
  163. O24 - Desktop WallPaper: C:\Documents and Settings\pc\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
  164. O24 - Desktop BackupWallPaper: C:\Documents and Settings\pc\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
  165. O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
  166. O32 - HKLM CDRom: AutoRun - 1
  167. O32 - AutoRun File - [2010.03.20 15:30:35 | 000,000,067 | ---- | M] () - G:\autorun.inf -- [ NTFS ]
  168. O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
  169. O35 - HKLM\..comfile [open] -- "%1" %*
  170. O35 - HKLM\..exefile [open] -- "%1" %*
  171. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  172. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  173.  
  174. NetSvcs: 6to4 -  File not found
  175. NetSvcs: Ias - C:\WINDOWS\system32\ias [2009.05.29 15:46:24 | 000,000,000 | ---D | M]
  176. NetSvcs: Iprip -  File not found
  177. NetSvcs: Irmon -  File not found
  178. NetSvcs: NWCWorkstation -  File not found
  179. NetSvcs: Nwsapagent -  File not found
  180. NetSvcs: WmdmPmSp -  File not found
  181.  
  182. CREATERESTOREPOINT
  183. Restore point Set: OTL Restore Point (55453963436163072)
  184.  
  185. [color=#E56717]========== Files/Folders - Created Within 14 Days ==========[/color]
  186.  
  187. [2010.03.20 15:29:12 | 000,000,000 | -HSD | C] -- C:\RECYCLER
  188. [2010.03.20 15:28:44 | 000,000,000 | ---D | C] -- C:\_OTL
  189. [2010.03.20 10:20:32 | 000,000,000 | ---D | C] -- C:\Program Files\AstroburnBar
  190. [2010.03.20 10:20:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\Local Settings\Application Data\AstroburnBar
  191. [2010.03.20 10:20:22 | 000,000,000 | ---D | C] -- C:\Program Files\Astroburn Lite
  192. [2010.03.20 10:20:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\Application Data\Astroburn Lite
  193. [2010.03.20 10:20:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Astroburn Lite
  194. [2010.03.20 01:37:10 | 000,000,000 | ---D | C] -- C:\Program Files\Teamspeak2_RC2
  195. [2010.03.15 20:05:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\Application Data\JLC's Software
  196. [2010.03.15 20:05:01 | 000,000,000 | ---D | C] -- C:\Program Files\JLC's Software
  197. [2010.03.15 20:05:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\pc\Application Data\Desktopicon
  198. [2010.03.15 19:57:44 | 000,000,000 | ---D | C] -- C:\Program Files\Readon Technology
  199. [2010.03.13 23:40:42 | 000,000,000 | ---D | C] -- C:\Program Files\VSO
  200. [2010.03.13 22:14:23 | 000,000,000 | ---D | C] -- C:\Program Files\PDF Image Magic
  201. [2010.03.13 18:10:31 | 000,000,000 | --SD | C] -- C:\Program Files\HLSW
  202. [2010.03.13 03:32:42 | 000,000,000 | ---D | C] -- C:\Program Files\Boilsoft Video Joiner
  203. [2010.03.13 03:24:24 | 000,000,000 | ---D | C] -- C:\Program Files\Easy Video Joiner
  204. [2010.02.27 01:41:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Adobe
  205. [2010.01.21 23:29:19 | 000,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft
  206. [2010.01.21 23:29:19 | 000,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft
  207. [2010.01.21 23:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft
  208. [2010.01.21 23:29:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft
  209. [2010.01.19 21:19:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\4shared.com
  210. [2010.01.19 21:19:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Apple
  211. [2009.09.26 18:41:24 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\pc\Application Data\pcouffin.sys
  212. [2009.09.02 00:37:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe
  213. [2009.08.29 02:59:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google
  214. [2009.08.29 02:42:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
  215. [2009.06.25 15:40:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ESET
  216.  
  217. [color=#E56717]========== Files - Modified Within 14 Days ==========[/color]
  218.  
  219. [2010.03.20 15:49:17 | 000,000,280 | ---- | M] () -- C:\windows\tasks\RealUpgradeScheduledTaskS-1-5-21-823518204-1614895754-682003330-1003.job
  220. [2010.03.20 15:49:17 | 000,000,272 | ---- | M] () -- C:\windows\tasks\RealUpgradeLogonTaskS-1-5-21-823518204-1614895754-682003330-1003.job
  221. [2010.03.20 15:31:37 | 000,000,006 | -H-- | M] () -- C:\windows\tasks\SA.DAT
  222. [2010.03.20 15:31:32 | 000,002,048 | --S- | M] () -- C:\windows\bootstat.dat
  223. [2010.03.20 15:31:31 | 000,069,112 | ---- | M] () -- C:\windows\System32\ativvaxx.cap
  224. [2010.03.20 15:29:19 | 010,747,904 | -H-- | M] () -- C:\Documents and Settings\pc\NTUSER.DAT
  225. [2010.03.20 15:29:19 | 000,000,278 | -HS- | M] () -- C:\Documents and Settings\pc\ntuser.ini
  226. [2010.03.20 15:18:00 | 000,001,016 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-823518204-1614895754-682003330-1003UA.job
  227. [2010.03.20 11:04:32 | 000,000,116 | ---- | M] () -- C:\windows\NeroDigital.ini
  228. [2010.03.20 10:20:23 | 000,001,637 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Astroburn Lite.lnk
  229. [2010.03.20 09:50:09 | 000,000,416 | -H-- | M] () -- C:\windows\tasks\User_Feed_Synchronization-{06AC2AE6-5611-4E8B-8D74-1DB69288D72F}.job
  230. [2010.03.20 01:37:11 | 000,000,665 | ---- | M] () -- C:\Documents and Settings\pc\Desktop\Teamspeak 2 RC2.lnk
  231. [2010.03.19 21:07:30 | 000,134,656 | ---- | M] () -- C:\Documents and Settings\pc\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
  232. [2010.03.19 17:20:35 | 000,002,206 | ---- | M] () -- C:\windows\System32\wpa.dbl
  233. [2010.03.18 16:18:00 | 000,000,964 | ---- | M] () -- C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-823518204-1614895754-682003330-1003Core.job
  234. [2010.03.18 11:17:48 | 000,002,261 | ---- | M] () -- C:\Documents and Settings\pc\Desktop\Google Chrome.lnk
  235. [2010.03.16 21:19:06 | 000,000,284 | ---- | M] () -- C:\windows\tasks\AppleSoftwareUpdate.job
  236. [2010.03.15 20:05:01 | 000,001,777 | ---- | M] () -- C:\Documents and Settings\pc\Desktop\JLC's Internet TV.lnk
  237. [2010.03.15 19:57:45 | 000,002,068 | ---- | M] () -- C:\Documents and Settings\pc\Desktop\Readon TV Movie Radio Player.lnk
  238. [2010.03.14 04:00:50 | 000,000,704 | -H-- | M] () -- C:\Documents and Settings\All Users\Documents\os848618.bin
  239. [2010.03.13 22:14:25 | 000,005,007 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\cdjuscuc.sqp
  240. [2010.03.13 18:10:35 | 000,000,626 | ---- | M] () -- C:\Documents and Settings\pc\Desktop\HLSW.lnk
  241. [2010.03.11 02:28:00 | 000,000,746 | ---- | M] () -- C:\windows\win.ini
  242. [2010.03.07 22:07:42 | 000,000,056 | -H-- | M] () -- C:\windows\System32\ezsidmv.dat
  243.  
  244. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  245.  
  246. [2010.03.20 10:20:23 | 000,001,637 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Astroburn Lite.lnk
  247. [2010.03.20 01:30:47 | 000,000,665 | ---- | C] () -- C:\Documents and Settings\pc\Desktop\Teamspeak 2 RC2.lnk
  248. [2010.03.15 20:05:01 | 000,001,777 | ---- | C] () -- C:\Documents and Settings\pc\Desktop\JLC's Internet TV.lnk
  249. [2010.03.15 19:57:45 | 000,002,068 | ---- | C] () -- C:\Documents and Settings\pc\Desktop\Readon TV Movie Radio Player.lnk
  250. [2010.03.13 22:14:25 | 000,005,007 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\cdjuscuc.sqp
  251. [2010.03.13 18:10:35 | 000,000,626 | ---- | C] () -- C:\Documents and Settings\pc\Desktop\HLSW.lnk
  252. [2010.03.07 22:07:42 | 000,000,056 | -H-- | C] () -- C:\windows\System32\ezsidmv.dat
  253. [2010.03.05 01:11:22 | 000,041,872 | ---- | C] () -- C:\windows\System32\xfcodec.dll
  254. [2010.02.19 21:46:29 | 000,000,025 | ---- | C] () -- C:\windows\cdplayer.ini
  255. [2010.02.06 14:56:38 | 000,002,516 | -HS- | C] () -- C:\windows\System32\KGyGaAvL.sys
  256. [2010.02.04 03:39:15 | 000,137,464 | ---- | C] () -- C:\windows\System32\drivers\PnkBstrK.sys
  257. [2010.02.04 03:39:14 | 000,138,056 | ---- | C] () -- C:\Documents and Settings\pc\Application Data\PnkBstrK.sys
  258. [2009.12.03 20:11:02 | 000,000,394 | ---- | C] () -- C:\windows\capture.ini
  259. [2009.12.01 01:07:43 | 000,000,000 | ---- | C] () -- C:\windows\CorelDrw.INI
  260. [2009.09.26 18:41:41 | 000,001,044 | ---- | C] () -- C:\Documents and Settings\pc\Application Data\vso_ts_preview.xml
  261. [2009.09.26 18:41:29 | 000,000,033 | ---- | C] () -- C:\Documents and Settings\pc\Application Data\pcouffin.log
  262. [2009.09.26 18:41:24 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\pc\Application Data\pcouffin.cat
  263. [2009.09.26 18:41:24 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\pc\Application Data\pcouffin.inf
  264. [2009.09.26 18:38:27 | 000,000,107 | ---- | C] () -- C:\windows\VobEdit.INI
  265. [2009.09.01 17:16:06 | 000,015,392 | ---- | C] () -- C:\Documents and Settings\pc\Local Settings\Application Data\zarymyhiqo.db
  266. [2009.09.01 17:16:05 | 000,013,047 | ---- | C] () -- C:\Documents and Settings\pc\Local Settings\Application Data\setimuh.db
  267. [2009.06.21 15:21:49 | 000,000,151 | ---- | C] () -- C:\windows\PhotoSnapViewer.INI
  268. [2009.06.19 19:06:22 | 000,197,912 | ---- | C] () -- C:\windows\System32\physxcudart_20.dll
  269. [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelTraditionalChinese.dll
  270. [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelSwedish.dll
  271. [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelSpanish.dll
  272. [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelSimplifiedChinese.dll
  273. [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelPortugese.dll
  274. [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelKorean.dll
  275. [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelJapanese.dll
  276. [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelGerman.dll
  277. [2009.06.19 19:06:22 | 000,058,648 | ---- | C] () -- C:\windows\System32\AgCPanelFrench.dll
  278. [2009.06.07 22:05:21 | 000,134,656 | ---- | C] () -- C:\Documents and Settings\pc\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
  279. [2009.06.01 21:04:33 | 000,691,696 | ---- | C] () -- C:\windows\System32\drivers\sptd.sys
  280. [2009.05.31 22:49:43 | 000,000,116 | ---- | C] () -- C:\windows\NeroDigital.ini
  281. [2009.05.29 14:32:01 | 000,000,394 | ---- | C] () -- C:\windows\ODBC.INI
  282. [2009.05.29 14:20:05 | 000,354,816 | ---- | C] () -- C:\windows\System32\psisdecd.dll
  283. [2007.09.27 09:51:02 | 000,020,698 | ---- | C] () -- C:\windows\System32\idxcntrs.ini
  284. [2007.09.27 09:48:48 | 000,030,628 | ---- | C] () -- C:\windows\System32\gsrvctr.ini
  285. [2007.09.27 09:48:28 | 000,031,698 | ---- | C] () -- C:\windows\System32\gthrctr.ini
  286. [2003.07.01 08:36:02 | 000,005,373 | ---- | C] () -- C:\windows\System32\OUTLPERF.INI
  287.  
  288. [color=#E56717]========== LOP Check ==========[/color]
  289.  
  290. [2010.03.20 10:20:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Astroburn Lite
  291. [2010.01.21 23:33:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\avg9
  292. [2009.08.17 02:12:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CCP
  293. [2010.02.01 11:07:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
  294. [2009.05.29 14:40:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
  295. [2009.09.12 23:24:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Readon
  296. [2009.12.25 15:52:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Seagate
  297. [2010.02.06 15:01:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
  298. [2010.03.13 03:33:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
  299. [2009.10.06 18:54:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\4shared Desktop
  300. [2010.03.20 10:20:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Astroburn Lite
  301. [2009.09.26 18:28:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\avidemux
  302. [2010.02.24 19:41:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Bioshock2
  303. [2009.06.29 12:52:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\BSplayer
  304. [2009.06.15 22:08:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\BSplayer Pro
  305. [2009.12.08 22:01:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\CoreFTP
  306. [2009.06.01 21:07:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\DAEMON Tools Lite
  307. [2010.03.20 15:13:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Desktopicon
  308. [2009.05.29 14:41:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\ESET
  309. [2010.03.13 18:29:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\HLSW
  310. [2010.03.15 20:05:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\JLC's Software
  311. [2009.12.25 15:48:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Leadertech
  312. [2009.07.07 09:54:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\LimeWire
  313. [2009.09.13 16:04:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Octoshape
  314. [2010.02.06 15:03:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Publish Providers
  315. [2009.09.21 00:57:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Screaming Bee
  316. [2010.02.06 15:02:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Sony
  317. [2009.09.30 21:32:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Tropico 3
  318. [2010.03.10 16:02:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\TS3Client
  319. [2010.03.20 15:13:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\uTorrent
  320. [2010.03.13 23:41:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Vso
  321. [2009.05.29 15:34:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Windows Desktop Search
  322. [2009.05.31 15:09:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\pc\Application Data\Windows Search
  323. [2010.03.20 09:50:09 | 000,000,416 | -H-- | M] () -- C:\windows\Tasks\User_Feed_Synchronization-{06AC2AE6-5611-4E8B-8D74-1DB69288D72F}.job
  324.  
  325. [color=#E56717]========== Purity Check ==========[/color]
  326.  
  327.  
  328.  
  329. [color=#E56717]========== Custom Scans ==========[/color]
  330.  
  331.  
  332. [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
  333.  
  334.  
  335. [color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
  336. [2008.04.14 04:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
  337.  
  338. [color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
  339. [2008.04.14 04:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
  340. [2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ERDNT\cache\atapi.sys
  341. [2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
  342.  
  343. [color=#A23BEC]< MD5 for: EVENTLOG.DLL  >[/color]
  344. [2008.04.14 04:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ERDNT\cache\eventlog.dll
  345. [2008.04.14 04:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\dllcache\eventlog.dll
  346. [2008.04.14 04:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
  347.  
  348. [color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
  349. [2008.04.14 04:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ERDNT\cache\netlogon.dll
  350. [2008.04.14 04:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\dllcache\netlogon.dll
  351. [2008.04.14 04:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
  352.  
  353. [color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
  354. [2008.04.14 04:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ERDNT\cache\scecli.dll
  355. [2008.04.14 04:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\dllcache\scecli.dll
  356. [2008.04.14 04:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
  357.  
  358. [color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
  359.  
  360. [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
  361. [2008.12.01 21:52:52 | 000,425,984 | R--- | M] (Advanced Micro Devices, Inc.)[b] Unable to obtain MD5[/b] -- C:\WINDOWS\system32\ATIDEMGX.dll
  362.  
  363. [color=#E56717]========== Alternate Data Streams ==========[/color]
  364.  
  365. @Alternate Data Stream - 128 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:4BF2F6B5
  366. @Alternate Data Stream - 123 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:08948D52
  367. @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
  368. < End of report >
create new paste | create new version of this paste RAW Paste Data