My Pastes
Public Pastes
Layout Width
Share Pastebin
Guest
Public paste!

Untitled

By: a guest | Mar 22nd, 2010 | Syntax: None | Size: 22.84 KB | Hits: 76 | Expires: Never
Download | Raw | Embed | Report abuse
Copy text to clipboard
  1. OTL logfile created on: 3/22/2010 10:41:41 - Run 3
  2. OTL by OldTimer - Version 3.1.37.3     Folder = C:\Users\pezo\Desktop
  3.  Ultimate Edition  (Version = 6.1.7600) - Type = NTWorkstation
  4. Internet Explorer (Version = 8.0.7600.16385)
  5. Locale: 0000041a | Country: Hrvatska | Language: HRV | Date Format: M/d/yyyy
  6.  
  7. 1.014,00 Mb Total Physical Memory | 414,00 Mb Available Physical Memory | 41,00% Memory free
  8. 2,00 Gb Paging File | 1,00 Gb Available in Paging File | 61,00% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
  12. Drive C: | 74,52 Gb Total Space | 56,52 Gb Free Space | 75,85% Space Free | Partition Type: NTFS
  13. Drive D: | 73,06 Gb Total Space | 44,15 Gb Free Space | 60,43% Space Free | Partition Type: NTFS
  14. E: Drive not present or media not loaded
  15. F: Drive not present or media not loaded
  16. G: Drive not present or media not loaded
  17. H: Drive not present or media not loaded
  18. I: Drive not present or media not loaded
  19.  
  20. Computer Name: PEZO-PC
  21. Current User Name: pezo
  22. Logged in as Administrator.
  23.  
  24. Current Boot Mode: Normal
  25. Scan Mode: Current user
  26. Company Name Whitelist: On
  27. Skip Microsoft Files: On
  28. File Age = 14 Days
  29. Output = Standard
  30. Quick Scan
  31.  
  32. [color=#E56717]========== Processes (SafeList) ==========[/color]
  33.  
  34. PRC - [2010/03/20 22:23:11 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\pezo\Desktop\OTL.exe
  35. PRC - [2010/02/22 16:50:16 | 000,810,120 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe
  36. PRC - [2010/02/22 16:49:56 | 002,140,880 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\egui.exe
  37. PRC - [2009/10/31 06:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
  38. PRC - [2009/07/14 02:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
  39. PRC - [2008/06/20 07:14:00 | 000,200,704 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynToshiba.exe
  40.  
  41.  
  42. [color=#E56717]========== Modules (SafeList) ==========[/color]
  43.  
  44. MOD - [2010/03/20 22:23:11 | 000,555,520 | ---- | M] (OldTimer Tools) -- C:\Users\pezo\Desktop\OTL.exe
  45. MOD - [2009/07/14 02:16:15 | 000,099,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sspicli.dll
  46. MOD - [2009/07/14 02:16:13 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\sechost.dll
  47. MOD - [2009/07/14 02:16:13 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\samcli.dll
  48. MOD - [2009/07/14 02:16:12 | 000,031,744 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\profapi.dll
  49. MOD - [2009/07/14 02:16:03 | 000,022,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\netutils.dll
  50. MOD - [2009/07/14 02:15:35 | 000,288,256 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\KernelBase.dll
  51. MOD - [2009/07/14 02:15:13 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dwmapi.dll
  52. MOD - [2009/07/14 02:15:11 | 000,064,512 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\devobj.dll
  53. MOD - [2009/07/14 02:15:07 | 000,036,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cryptbase.dll
  54. MOD - [2009/07/14 02:15:02 | 000,145,920 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\cfgmgr32.dll
  55. MOD - [2009/07/14 02:03:50 | 001,680,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
  56.  
  57.  
  58. [color=#E56717]========== Win32 Services (SafeList) ==========[/color]
  59.  
  60. SRV - File not found [On_Demand | Stopped] --  -- (LcAgent)
  61. SRV - [2010/03/12 10:01:56 | 001,334,568 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
  62. SRV - [2010/02/22 16:52:52 | 000,033,560 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe -- (EhttpSrv)
  63. SRV - [2010/02/22 16:50:16 | 000,810,120 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\ekrn.exe -- (ekrn)
  64. SRV - [2009/07/14 02:16:21 | 000,185,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wwansvc.dll -- (WwanSvc)
  65. SRV - [2009/07/14 02:16:17 | 000,151,552 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\wbiosrvc.dll -- (WbioSrvc)
  66. SRV - [2009/07/14 02:16:17 | 000,119,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\umpo.dll -- (Power)
  67. SRV - [2009/07/14 02:16:16 | 000,037,376 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\themeservice.dll -- (Themes)
  68. SRV - [2009/07/14 02:16:15 | 000,053,760 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sppuinotify.dll -- (sppuinotify)
  69. SRV - [2009/07/14 02:16:13 | 000,043,520 | ---- | M] (Microsoft Corporation) [Unknown | Running] -- C:\Windows\System32\RpcEpMap.dll -- (RpcEptMapper)
  70. SRV - [2009/07/14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
  71. SRV - [2009/07/14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
  72. SRV - [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (PNRPsvc)
  73. SRV - [2009/07/14 02:16:12 | 000,269,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\pnrpsvc.dll -- (p2pimsvc)
  74. SRV - [2009/07/14 02:16:12 | 000,165,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\provsvc.dll -- (HomeGroupProvider)
  75. SRV - [2009/07/14 02:16:12 | 000,020,480 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\pnrpauto.dll -- (PNRPAutoReg)
  76. SRV - [2009/07/14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
  77. SRV - [2009/07/14 02:15:36 | 000,194,560 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\System32\ListSvc.dll -- (HomeGroupListener)
  78. SRV - [2009/07/14 02:15:21 | 000,797,696 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\FntCache.dll -- (FontCache)
  79. SRV - [2009/07/14 02:15:11 | 000,253,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\System32\dhcpcore.dll -- (Dhcp)
  80. SRV - [2009/07/14 02:15:10 | 000,218,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\defragsvc.dll -- (defragsvc)
  81. SRV - [2009/07/14 02:14:59 | 000,076,800 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\bdesvc.dll -- (BDESVC)
  82. SRV - [2009/07/14 02:14:58 | 000,088,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\AxInstSv.dll -- (AxInstSV) ActiveX Installer (AxInstSV)
  83. SRV - [2009/07/14 02:14:53 | 000,027,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\appidsvc.dll -- (AppIDSvc)
  84. SRV - [2009/07/14 02:14:29 | 003,179,520 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\System32\sppsvc.exe -- (sppsvc)
  85. SRV - [2005/11/14 01:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
  86.  
  87.  
  88. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  89.  
  90.  
  91. [color=#E56717]========== Internet Explorer ==========[/color]
  92.  
  93.  
  94. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
  95. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  96.  
  97. FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/02/01 14:55:38 | 000,000,000 | ---D | M]
  98. FF - HKLM\software\mozilla\Mozilla Firefox 3.6\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/02/16 20:43:07 | 000,000,000 | ---D | M]
  99. FF - HKLM\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2010/03/12 23:29:50 | 000,000,000 | ---D | M]
  100.  
  101. [2010/01/21 20:38:30 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
  102. [2010/01/13 23:46:00 | 000,063,488 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
  103. [2010/01/16 02:12:59 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
  104. [2010/01/16 02:12:59 | 000,000,769 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
  105. [2010/01/16 02:12:59 | 000,000,786 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eudict.xml
  106. [2010/01/16 02:12:59 | 000,001,193 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\wikipedia-hr.xml
  107.  
  108. O1 HOSTS File: ([2010/03/05 22:01:59 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
  109. O1 - Hosts: 127.0.0.1       localhost
  110. O1 - Hosts: ::1       localhost
  111. O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
  112. O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
  113. O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
  114. O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
  115. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
  116. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  117. O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
  118. O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
  119. O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
  120. O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
  121. O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
  122. O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
  123. O13 - gopher Prefix: missing
  124. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
  125. O16 - DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
  126. O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab (Java Plug-in 1.6.0_18)
  127. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
  128. O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
  129. O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
  130. O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
  131. O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
  132. O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
  133. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  134. O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
  135. O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\System32\igfxdev.dll (Intel Corporation)
  136. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
  137. O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
  138. O32 - HKLM CDRom: AutoRun - 1
  139. O32 - AutoRun File - [2009/06/10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
  140. O34 - HKLM BootExecute: (autocheck autochk *) -  File not found
  141. O35 - HKLM\..comfile [open] -- "%1" %*
  142. O35 - HKLM\..exefile [open] -- "%1" %*
  143. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  144. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  145.  
  146. NetSvcs: FastUserSwitchingCompatibility -  File not found
  147. NetSvcs: Ias - C:\Windows\System32\ias [2009/07/14 03:37:08 | 000,000,000 | ---D | M]
  148. NetSvcs: Nla -  File not found
  149. NetSvcs: Ntmssvc -  File not found
  150. NetSvcs: NWCWorkstation -  File not found
  151. NetSvcs: Nwsapagent -  File not found
  152. NetSvcs: SRService -  File not found
  153. NetSvcs: Wmi - C:\Windows\System32\wmi.dll (Microsoft Corporation)
  154. NetSvcs: WmdmPmSp -  File not found
  155. NetSvcs: LogonHours -  File not found
  156. NetSvcs: PCAudit -  File not found
  157. NetSvcs: helpsvc -  File not found
  158. NetSvcs: uploadmgr -  File not found
  159. NetSvcs: Themes - C:\Windows\System32\themeservice.dll (Microsoft Corporation)
  160. NetSvcs: BDESVC - C:\Windows\System32\bdesvc.dll (Microsoft Corporation)
  161.  
  162. [color=#E56717]========== Files/Folders - Created Within 14 Days ==========[/color]
  163.  
  164. [2010/03/22 10:18:48 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
  165. [2010/03/22 10:18:45 | 000,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
  166. [2010/03/22 10:18:43 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
  167. [2010/03/12 23:29:49 | 000,000,000 | ---D | C] -- C:\ProgramData\ESET
  168. [2010/03/12 23:29:49 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
  169. [2010/03/12 10:01:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\Wat
  170. [2010/03/12 09:30:45 | 000,000,000 | ---D | C] -- C:\ProgramData\TEMP
  171. [2010/03/10 11:51:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Trymedia
  172. [2010/03/10 10:06:31 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
  173. [2010/03/09 20:31:42 | 000,000,000 | ---D | C] -- C:\Program Files\QS
  174. [2010/03/09 20:31:27 | 000,000,000 | ---D | C] -- C:\Users\pezo\temp
  175.  
  176. [color=#E56717]========== Files - Modified Within 14 Days ==========[/color]
  177.  
  178. [2010/03/22 10:43:44 | 003,670,016 | -HS- | M] () -- C:\Users\pezo\ntuser.dat
  179. [2010/03/22 10:22:06 | 000,013,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  180. [2010/03/22 10:22:06 | 000,013,760 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  181. [2010/03/22 10:14:57 | 000,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT
  182. [2010/03/22 10:14:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  183. [2010/03/22 10:14:48 | 797,777,920 | -HS- | M] () -- C:\hiberfil.sys
  184. [2010/03/21 22:29:13 | 000,731,366 | ---- | M] () -- C:\Windows\System32\PerfStringBackup.INI
  185. [2010/03/21 22:29:13 | 000,618,862 | ---- | M] () -- C:\Windows\System32\perfh009.dat
  186. [2010/03/21 22:29:13 | 000,108,438 | ---- | M] () -- C:\Windows\System32\perfc009.dat
  187. [2010/03/12 19:59:06 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\SmartDefrag.job
  188.  
  189. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  190.  
  191. [2010/03/12 11:16:21 | 000,000,382 | ---- | C] () -- C:\Windows\tasks\SmartDefrag.job
  192. [2010/02/17 17:42:49 | 000,000,406 | RHS- | C] () -- C:\ProgramData\ntuser.pol
  193. [2010/01/28 21:46:46 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
  194. [2010/01/21 10:11:37 | 000,168,448 | ---- | C] () -- C:\Windows\System32\unrar.dll
  195. [2010/01/21 10:11:36 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
  196. [2010/01/21 10:11:27 | 000,881,664 | ---- | C] () -- C:\Windows\System32\xvidcore.dll
  197. [2010/01/21 10:11:27 | 000,205,824 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll
  198. [2010/01/21 10:11:26 | 003,596,288 | ---- | C] () -- C:\Windows\System32\qt-dx331.dll
  199. [2010/01/21 10:11:15 | 000,000,547 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll.manifest
  200. [2010/01/21 10:11:14 | 000,085,504 | ---- | C] () -- C:\Windows\System32\ff_vfw.dll
  201. [2010/01/21 09:22:39 | 000,721,904 | ---- | C] () -- C:\Windows\System32\drivers\sptd.sys
  202. [2010/01/21 08:35:35 | 000,004,767 | ---- | C] () -- C:\Windows\Irremote.ini
  203. [2010/01/21 05:33:39 | 000,008,192 | RHS- | C] () -- \BOOTSECT.BAK
  204. [2010/01/21 05:33:37 | 000,383,562 | RHS- | C] () -- \bootmgr
  205. [2010/01/21 05:33:23 | 000,203,836 | RHS- | C] () -- \grldr
  206. [2010/01/20 20:34:49 | 1073,741,824 | -HS- | C] () --
  207. [2010/01/20 20:34:46 | 797,777,920 | -HS- | C] () --
  208. [2009/07/14 03:04:04 | 000,000,024 | ---- | C] () -- \autoexec.bat
  209. [2009/07/14 03:04:04 | 000,000,010 | ---- | C] () -- \config.sys
  210. [2009/07/14 00:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
  211. [2009/07/14 00:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
  212. [2006/03/09 00:58:00 | 001,060,424 | ---- | C] () -- C:\Windows\System32\WdfCoInstaller01000.dll
  213. [2001/08/29 19:57:40 | 000,155,648 | ---- | C] () -- C:\Windows\System32\addurl41.DLL
  214. [2001/07/10 14:43:16 | 000,018,432 | ---- | C] () -- C:\Windows\System32\winwatch.DLL
  215.  
  216. [color=#E56717]========== LOP Check ==========[/color]
  217.  
  218. [2010/03/01 12:56:49 | 000,032,620 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
  219. [2010/03/12 19:59:06 | 000,000,382 | ---- | M] () -- C:\Windows\Tasks\SmartDefrag.job
  220.  
  221. [color=#E56717]========== Purity Check ==========[/color]
  222.  
  223.  
  224.  
  225. [color=#E56717]========== Custom Scans ==========[/color]
  226.  
  227.  
  228. [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
  229.  
  230.  
  231. [color=#A23BEC]< MD5 for: AGP440.SYS  >[/color]
  232. [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
  233. [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
  234. [2009/07/14 02:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
  235.  
  236. [color=#A23BEC]< MD5 for: ATAPI.SYS  >[/color]
  237. [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
  238. [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
  239. [2009/07/14 02:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
  240.  
  241. [color=#A23BEC]< MD5 for: CNGAUDIT.DLL  >[/color]
  242. [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\System32\cngaudit.dll
  243. [2009/07/14 02:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
  244.  
  245. [color=#A23BEC]< MD5 for: IASTORV.SYS  >[/color]
  246. [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\drivers\iaStorV.sys
  247. [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\System32\DriverStore\FileRepository\iastorv.inf_x86_neutral_18cccb83b34e1453\iaStorV.sys
  248. [2009/07/14 02:20:36 | 000,332,352 | ---- | M] (Intel Corporation) MD5=934AF4D7C5F457B9F0743F4299B77B67 -- C:\Windows\winsxs\x86_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_aee7a89be91b9000\iaStorV.sys
  249.  
  250. [color=#A23BEC]< MD5 for: NETLOGON.DLL  >[/color]
  251. [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
  252. [2009/07/14 02:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll
  253.  
  254. [color=#A23BEC]< MD5 for: NVSTOR.SYS  >[/color]
  255. [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\drivers\nvstor.sys
  256. [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
  257. [2009/07/14 02:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys
  258.  
  259. [color=#A23BEC]< MD5 for: SCECLI.DLL  >[/color]
  260. [2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\System32\scecli.dll
  261. [2009/07/14 02:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\x86_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_37e4387f3a6f0483\scecli.dll
  262.  
  263. [color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
  264.  
  265. [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
  266. [2009/07/14 02:15:13 | 000,346,112 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\dxtmsft.dll
  267. [2009/07/14 02:15:13 | 000,215,552 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\dxtrans.dll
  268. [2009/07/14 02:15:36 | 000,226,816 | ---- | M] (Microsoft Corporation)[b] Unable to obtain MD5[/b] -- C:\Windows\System32\LocationApi.dll
  269.  
  270. [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
  271.  
  272. [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
  273. [2010/01/21 09:22:39 | 000,721,904 | ---- | M] ()[b] Unable to obtain MD5[/b] -- C:\Windows\System32\drivers\sptd.sys
  274.  
  275. [color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
  276.  
  277. [color=#E56717]========== Alternate Data Streams ==========[/color]
  278.  
  279. @Alternate Data Stream - 126 bytes -> C:\ProgramData\TEMP:E0258CAE
  280.  
  281. < End of report >
create new paste | create new version of this paste RAW Paste Data