API tools faq
paste
Advertisement
Guest User

miki19611

a guest
Apr 18th, 2012
102
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 40.35 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 18.4.2012 9:19:26 - Run 1
  2. OTL by OldTimer - Version 3.2.40.0 Folder = C:\Documents and Settings\Administrator\Desktop
  3. Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
  4. Internet Explorer (Version = 7.0.5730.13)
  5. Locale: 0000141A | Country: Bosnia and Herzegovina | Language: BSB | Date Format: d.M.yyyy
  6.  
  7. 1023,47 Mb Total Physical Memory | 391,26 Mb Available Physical Memory | 38,23% Memory free
  8. 2,40 Gb Paging File | 1,84 Gb Available in Paging File | 76,49% Paging File free
  9. Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
  12. Drive C: | 39,06 Gb Total Space | 19,38 Gb Free Space | 49,61% Space Free | Partition Type: NTFS
  13. Drive D: | 35,46 Gb Total Space | 8,01 Gb Free Space | 22,59% Space Free | Partition Type: NTFS
  14.  
  15. Computer Name: MIRZA | User Name: Administrator | Logged in as Administrator.
  16. Boot Mode: Normal | Scan Mode: Current user | Quick Scan
  17. Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
  18.  
  19. [color=#E56717]========== Processes (SafeList) ==========[/color]
  20.  
  21. PRC - [2012.04.18 09:15:25 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
  22. PRC - [2012.03.18 19:27:29 | 000,924,600 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
  23. PRC - [2012.02.19 19:02:03 | 000,185,896 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
  24. PRC - [2012.01.12 12:50:10 | 000,920,576 | ---- | M] () -- C:\Program Files\WGA Remover\wgaremover.exe
  25. PRC - [2009.10.07 10:16:50 | 000,472,280 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
  26. PRC - [2009.10.07 10:15:42 | 001,461,080 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
  27. PRC - [2008.04.14 12:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
  28. PRC - [2007.04.05 10:29:28 | 000,208,896 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Mouse Driver\KMWDSrv.exe
  29. PRC - [2007.04.04 11:30:40 | 000,327,680 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Mouse Driver\KMProcess.exe
  30. PRC - [2007.03.28 00:38:48 | 000,397,312 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Mouse Driver\KMCONFIG.exe
  31. PRC - [2007.03.06 14:51:14 | 000,212,992 | ---- | M] (UASSOFT.COM) -- C:\Program Files\Mouse Driver\StartAutorun.exe
  32. PRC - [2006.05.03 11:48:46 | 000,307,200 | ---- | M] (ta2027) -- C:\Program Files\Styler\Styler.exe
  33. PRC - [2004.09.19 20:27:44 | 000,065,536 | ---- | M] () -- C:\Program Files\LClock\LClock.exe
  34.  
  35.  
  36. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  37.  
  38. MOD - [2012.04.17 18:55:22 | 000,085,288 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qbreaqmx.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\components\RadioWMPCoreGecko11.dll
  39. MOD - [2012.04.13 22:57:26 | 008,797,344 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll
  40. MOD - [2012.03.18 19:27:28 | 001,969,080 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
  41. MOD - [2012.01.30 18:00:53 | 011,808,768 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\14634aa365ed184dafe26b8a07da62d3\System.Web.ni.dll
  42. MOD - [2012.01.30 17:59:41 | 000,962,560 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\91c6e72142859b4cb386a7e1c5394108\System.Configuration.ni.dll
  43. MOD - [2012.01.30 17:58:50 | 000,026,624 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\6bdd97a6a4ccf74b8a794ab6235afb0b\Accessibility.ni.dll
  44. MOD - [2012.01.30 17:56:10 | 005,640,192 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\0711a6c796f04f409affb31ad4b3cbf0\System.Xml.ni.dll
  45. MOD - [2012.01.30 17:56:00 | 013,107,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f0425ed1a6aca542b7ddcad36f2578f4\System.Windows.Forms.ni.dll
  46. MOD - [2012.01.30 17:55:33 | 001,626,112 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\993919d565f078419ba03dd6c83093a3\System.Drawing.ni.dll
  47. MOD - [2012.01.30 17:55:27 | 008,093,696 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\7d4c22f0d7294441a81fade328295518\System.ni.dll
  48. MOD - [2012.01.30 17:54:53 | 011,415,552 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\5c19cb4e7c789b4592b713840a10ddfb\mscorlib.ni.dll
  49. MOD - [2012.01.30 17:53:39 | 000,299,008 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
  50. MOD - [2012.01.12 12:50:10 | 000,920,576 | ---- | M] () -- C:\Program Files\WGA Remover\wgaremover.exe
  51. MOD - [2011.12.05 22:45:14 | 000,270,336 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
  52. MOD - [2010.03.16 13:22:12 | 000,014,848 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll
  53. MOD - [2008.04.14 12:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
  54. MOD - [2008.04.14 12:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
  55. MOD - [2007.09.20 19:34:58 | 000,129,024 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
  56. MOD - [2007.03.29 12:17:42 | 000,106,496 | ---- | M] () -- C:\Program Files\Mouse Driver\keydll.dll
  57. MOD - [2005.05.04 19:12:46 | 000,028,672 | ---- | M] () -- C:\Program Files\Mouse Driver\MouseHook.dll
  58. MOD - [2005.05.01 13:10:10 | 000,159,744 | ---- | M] () -- C:\Program Files\Styler\UNRAR\unrar.dll
  59. MOD - [2004.09.19 20:27:44 | 000,065,536 | ---- | M] () -- C:\Program Files\LClock\LClock.exe
  60. MOD - [2004.09.19 20:27:34 | 000,069,632 | ---- | M] () -- C:\Program Files\LClock\LC.dll
  61. MOD - [2004.09.19 20:27:30 | 000,081,920 | ---- | M] () -- C:\Program Files\LClock\Calendar.dll
  62.  
  63.  
  64. [color=#E56717]========== Win32 Services (SafeList) ==========[/color]
  65.  
  66. SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
  67. SRV - [2012.04.13 22:57:30 | 000,253,088 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
  68. SRV - [2012.02.29 08:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
  69. SRV - [2009.10.07 10:21:14 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
  70. SRV - [2009.10.07 10:16:50 | 000,472,280 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
  71. SRV - [2007.04.05 10:29:28 | 000,208,896 | ---- | M] (UASSOFT.COM) [Auto | Running] -- C:\Program Files\Mouse Driver\KMWDSrv.exe -- (KMWDSERVICE)
  72.  
  73.  
  74. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  75.  
  76. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
  77. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
  78. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
  79. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
  80. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
  81. DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
  82. DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
  83. DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
  84. DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
  85. DRV - [2011.12.20 09:39:28 | 000,100,368 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
  86. DRV - [2011.12.06 05:42:18 | 007,490,560 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
  87. DRV - [2011.08.17 10:56:32 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
  88. DRV - [2011.08.17 10:56:30 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
  89. DRV - [2011.08.17 10:56:26 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
  90. DRV - [2011.08.17 10:56:22 | 000,018,176 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
  91. DRV - [2009.10.07 10:18:36 | 000,035,168 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
  92. DRV - [2009.10.07 10:12:22 | 000,054,184 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv)
  93. DRV - [2009.10.07 10:11:10 | 000,040,824 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
  94. DRV - [2009.07.24 08:56:16 | 000,009,472 | ---- | M] (Primax Ltd) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NMgamingms.sys -- (NMgamingmsFltr)
  95. DRV - [2008.04.14 02:15:30 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
  96. DRV - [2008.02.12 05:46:51 | 000,392,704 | ---- | M] (Sensaura) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
  97. DRV - [2007.05.14 10:12:28 | 003,526,464 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\RtHDMI.sys -- (RTHDMIAzAudService)
  98. DRV - [2007.01.30 19:12:06 | 000,045,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
  99. DRV - [2006.07.19 13:29:08 | 000,027,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidKE.Sys -- (LHidKE)
  100. DRV - [2006.07.19 13:28:56 | 000,071,936 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LMouKE.Sys -- (LMouKE)
  101. DRV - [2006.07.19 13:28:04 | 000,036,736 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\LHidUsbK.sys -- (LHidUsbK)
  102. DRV - [2006.07.19 13:27:26 | 000,013,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\L8042Kbd.sys -- (L8042Kbd)
  103. DRV - [2004.09.29 22:36:29 | 000,015,360 | RH-- | M] (Motorola Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\NetMotCM.sys -- (ndiscm)
  104.  
  105.  
  106. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  107.  
  108.  
  109. [color=#E56717]========== Internet Explorer ==========[/color]
  110.  
  111. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
  112. IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  113. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
  114.  
  115. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2790392
  116. IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\G, = http://www.google.com/search?q=%s
  117. IE - HKCU\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
  118. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
  119. IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2790392
  120. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  121.  
  122. [color=#E56717]========== FireFox ==========[/color]
  123.  
  124. FF - prefs.js..browser.search.defaultthis.engineName: "BitTorrentBar Customized Web Search"
  125. FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=3&q={searchTerms}"
  126. FF - prefs.js..browser.search.suggest.enabled: false
  127. FF - prefs.js..browser.search.useDBForOrder: true
  128. FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?ctid=CT2790392&SearchSource=13"
  129. FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
  130. FF - prefs.js..keyword.URL: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q="
  131. FF - user.js - File not found
  132.  
  133. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll ()
  134. FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
  135. FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
  136. FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
  137. FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.11.2897: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
  138. FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.2.2955: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
  139. FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.1675: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
  140. FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
  141. FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Documents and Settings\Administrator\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
  142. FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
  143. FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
  144. FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
  145.  
  146. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.03.18 19:27:31 | 000,000,000 | ---D | M]
  147. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.02.19 19:02:32 | 000,000,000 | ---D | M]
  148.  
  149. [2012.01.30 17:00:50 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Extensions
  150. [2012.04.17 20:17:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qbreaqmx.default\extensions
  151. [2012.04.17 20:17:42 | 000,000,000 | ---D | M] (BitTorrentBar Community Toolbar) -- C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qbreaqmx.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}
  152. [2012.03.18 19:27:34 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
  153. [2012.04.02 17:56:48 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
  154. [2012.03.18 19:27:30 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
  155. [2012.02.19 05:23:39 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
  156. [2012.02.19 00:03:34 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
  157. [2012.02.19 00:03:34 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
  158. [2012.02.19 00:03:34 | 000,000,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
  159. [2012.02.19 00:03:34 | 000,000,786 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eudict.xml
  160. [2012.02.19 00:03:34 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
  161. [2012.02.19 00:03:34 | 000,001,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-hr.xml
  162.  
  163. [color=#E56717]========== Chrome ==========[/color]
  164.  
  165. CHR - default_search_provider: Conduit (Enabled)
  166. CHR - default_search_provider: search_url = http://search.conduit.com/Results.aspx?q={searchTerms}&hl=en&SelfSearch=1&SearchSource=49&ctid=CT2790392
  167. CHR - default_search_provider: suggest_url = http://search.conduit.com/
  168. CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
  169. CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\ppGoogleNaClPluginChrome.dll
  170. CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\pdf.dll
  171. CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\18.0.1025.162\gcswf32.dll
  172. CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_2_202_233.dll
  173. CHR - plugin: Skype Toolbars (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll
  174. CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
  175. CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
  176. CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
  177. CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
  178. CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
  179. CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
  180. CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
  181. CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
  182. CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
  183. CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll
  184. CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.3.21.111\npGoogleUpdate3.dll
  185. CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll
  186. CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
  187. CHR - Extension: YouTube = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
  188. CHR - Extension: Google pretra\u017Eivanje = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
  189. CHR - Extension: General Crawler = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel\2.5_0\
  190. CHR - Extension: Skype Click to Call = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
  191. CHR - Extension: BitTorrentBar = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mhfdcmehmjcclgopdodkjdicohagipid\2.3.7.1_0\
  192. CHR - Extension: Gmail = C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
  193.  
  194. O1 HOSTS File: ([2012.04.16 12:02:00 | 000,000,833 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
  195. O1 - Hosts: 127.0.0.1 localhost
  196. O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
  197. O1 - Hosts: 127.0.0.1 www.igre123.net
  198. O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
  199. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
  200. O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
  201. O2 - BHO: (Help the General-Search Project) - {CA4520F3-AE13-4FB1-A513-58E23991C86D} - C:\Documents and Settings\Administrator\Application Data\Media Finder\Extensions\gencrawler_gc.dll ()
  202. O3 - HKLM\..\Toolbar: (StylerToolBar) - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll (StyleFantasist)
  203. O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
  204. O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\WINDOWS\KHALMNPR.Exe (Logitech Inc.)
  205. O4 - HKLM..\Run: [KMCONFIG] C:\Program Files\Mouse Driver\StartAutorun.exe KMConfig.exe File not found
  206. O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe (Nero AG)
  207. O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
  208. O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
  209. O4 - HKLM..\Run: [WGA Remover] C:\Program Files\WGA Remover\wgaremover.exe ()
  210. O4 - HKCU..\Run: [Facebook Update] C:\Documents and Settings\Administrator\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
  211. O4 - HKCU..\Run: [LClock] C:\Program Files\LClock\LClock.exe ()
  212. O4 - HKCU..\Run: [Media Finder] "C:\Program Files\Media Finder\MF.exe" /opentotray File not found
  213. O4 - Startup: C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Styler.lnk = C:\Documents and Settings\Administrator\Application Data\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe ()
  214. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoInternetOpenWith = 1
  215. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
  216. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
  217. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
  218. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: Start_NotifyNewApps = 0
  219. O8 - Extra context menu item: Download with &Media Finder - C:\Program Files\Media Finder\hook.html File not found
  220. O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
  221. O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
  222. O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1328000885468 (WUWebControl Class)
  223. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
  224. O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
  225. O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
  226. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 77.77.192.10 77.78.192.10 94.140.66.194
  227. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9286C6F4-D226-41C1-B4D1-1D95018D1BAC}: DhcpNameServer = 77.77.192.10 77.78.192.10 94.140.66.194
  228. O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
  229. O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
  230. O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
  231. O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
  232. O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
  233. O24 - Desktop WallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
  234. O24 - Desktop BackupWallPaper: C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
  235. O32 - HKLM CDRom: AutoRun - 1
  236. O32 - AutoRun File - [2012.01.30 16:06:45 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
  237. O34 - HKLM BootExecute: (autocheck autochk *)
  238. O35 - HKLM\..comfile [open] -- "%1" %*
  239. O35 - HKLM\..exefile [open] -- "%1" %*
  240. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  241. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  242.  
  243. NetSvcs: 6to4 - File not found
  244. NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
  245. NetSvcs: Ias - File not found
  246. NetSvcs: Iprip - File not found
  247. NetSvcs: Irmon - File not found
  248. NetSvcs: NWCWorkstation - File not found
  249. NetSvcs: Nwsapagent - File not found
  250. NetSvcs: WmdmPmSp - File not found
  251.  
  252. CREATERESTOREPOINT
  253. Restore point Set: OTL Restore Point
  254.  
  255. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  256.  
  257. [2012.04.18 09:14:58 | 000,595,968 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
  258. [2012.04.16 14:10:34 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Coma
  259. [2012.04.16 14:04:29 | 000,000,000 | ---D | C] -- C:\Program Files\BitTorrent
  260. [2012.04.16 14:02:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\BitTorrent
  261. [2012.04.16 11:47:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\Download
  262. [2012.04.16 11:47:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Media Finder
  263. [2012.04.16 11:47:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Application Data\Media Finder
  264. [2012.04.14 10:01:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\TeamViewer 7
  265. [2012.04.10 10:15:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Desktop\MSI PM8PM-V
  266. [2012.04.06 21:37:34 | 000,015,360 | RH-- | C] (Motorola Inc.) -- C:\WINDOWS\System32\drivers\NetMotCM.sys
  267. [2012.04.06 13:57:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Mouse Driver
  268. [2012.04.06 13:57:28 | 000,000,000 | ---D | C] -- C:\Program Files\Mouse Driver
  269. [2012.04.04 07:29:12 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Administrator\Start Menu\Programs\Administrative Tools
  270. [2012.04.02 17:56:24 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Skype
  271. [2012.04.02 17:56:21 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype
  272. [2012.03.19 18:17:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
  273. [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
  274.  
  275. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  276.  
  277. [2012.04.18 09:15:25 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Administrator\Desktop\OTL.exe
  278. [2012.04.18 09:14:47 | 000,000,069 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\kako napraviti OTL logove - Forum.hr.URL
  279. [2012.04.18 08:57:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
  280. [2012.04.18 08:38:00 | 000,001,010 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-1993962763-1417001333-500UA.job
  281. [2012.04.18 07:27:01 | 000,001,030 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1757981266-1993962763-1417001333-500UA.job
  282. [2012.04.18 06:44:10 | 000,002,261 | ---- | M] () -- C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\Styler.lnk
  283. [2012.04.18 06:44:04 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
  284. [2012.04.18 01:38:00 | 000,000,958 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1757981266-1993962763-1417001333-500Core.job
  285. [2012.04.17 10:27:00 | 000,001,008 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-1757981266-1993962763-1417001333-500Core.job
  286. [2012.04.16 14:33:15 | 000,008,192 | ---- | M] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
  287. [2012.04.16 14:04:58 | 000,000,673 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
  288. [2012.04.16 14:04:58 | 000,000,655 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BitTorrent.lnk
  289. [2012.04.16 12:44:39 | 000,002,349 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Google Chrome.lnk
  290. [2012.04.16 12:44:39 | 000,002,327 | ---- | M] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
  291. [2012.04.16 12:02:00 | 000,000,833 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
  292. [2012.04.16 11:34:28 | 000,000,060 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Besplatni DOWNLOAD filmova visoke kvalitete!.URL
  293. [2012.04.14 17:04:39 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
  294. [2012.04.14 10:01:14 | 000,000,820 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 7.lnk
  295. [2012.04.09 08:02:11 | 000,032,931 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Picture 002.jpg
  296. [2012.04.08 17:09:53 | 000,000,353 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\VEDO POSAO.lnk
  297. [2012.04.05 16:28:14 | 000,000,127 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Printer Centar Diskusije • View topic - pomoc - CANON NP-7161 kopir aparat izbacuje crni list.URL
  298. [2012.04.02 17:56:24 | 000,001,878 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
  299. [2012.03.31 07:39:15 | 000,000,125 | ---- | M] () -- C:\Documents and Settings\Administrator\Desktop\Nogomet Austrija Erste Liga tipovi.URL
  300. [2012.03.30 08:09:47 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
  301. [2012.03.30 00:37:35 | 000,395,530 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
  302. [2012.03.30 00:37:35 | 000,059,644 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
  303. [2012.03.19 23:31:17 | 000,074,240 | ---- | M] () -- C:\Documents and Settings\Administrator\My Documents\Diploma za Ajlich.pub
  304. [2012.03.19 18:18:15 | 000,000,211 | -HS- | M] () -- C:\boot.ini
  305. [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
  306.  
  307. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  308.  
  309. [2012.04.18 09:14:47 | 000,000,069 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\kako napraviti OTL logove - Forum.hr.URL
  310. [2012.04.16 14:04:58 | 000,000,673 | ---- | C] () -- C:\Documents and Settings\Administrator\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
  311. [2012.04.16 14:04:57 | 000,000,655 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\BitTorrent.lnk
  312. [2012.04.16 11:34:28 | 000,000,060 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Besplatni DOWNLOAD filmova visoke kvalitete!.URL
  313. [2012.04.14 10:01:14 | 000,000,820 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\TeamViewer 7.lnk
  314. [2012.04.09 08:02:11 | 000,032,931 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Picture 002.jpg
  315. [2012.04.08 17:09:53 | 000,000,353 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\VEDO POSAO.lnk
  316. [2012.04.05 16:28:14 | 000,000,127 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Printer Centar Diskusije • View topic - pomoc - CANON NP-7161 kopir aparat izbacuje crni list.URL
  317. [2012.04.02 17:56:24 | 000,001,878 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
  318. [2012.03.31 07:38:30 | 000,000,125 | ---- | C] () -- C:\Documents and Settings\Administrator\Desktop\Nogomet Austrija Erste Liga tipovi.URL
  319. [2012.03.29 19:41:34 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
  320. [2012.03.19 23:31:17 | 000,074,240 | ---- | C] () -- C:\Documents and Settings\Administrator\My Documents\Diploma za Ajlich.pub
  321. [2012.03.16 14:11:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\SETUP32.INI
  322. [2012.03.15 14:29:54 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
  323. [2012.03.09 17:48:47 | 000,000,238 | ---- | C] () -- C:\WINDOWS\mafosav.INI
  324. [2012.03.07 13:03:17 | 000,000,641 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
  325. [2012.03.07 12:57:39 | 000,008,192 | ---- | C] () -- C:\Documents and Settings\Administrator\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
  326. [2012.03.07 12:49:42 | 000,000,486 | ---- | C] () -- C:\WINDOWS\Tcsofla.INI
  327. [2012.01.30 19:01:22 | 000,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
  328. [2012.01.30 17:00:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
  329. [2012.01.30 16:57:00 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
  330. [2012.01.30 16:52:26 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
  331. [2012.01.30 16:42:57 | 003,107,788 | ---- | C] () -- C:\WINDOWS\System32\ativvaxx.dat
  332. [2012.01.30 16:42:57 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
  333. [2012.01.30 16:42:57 | 000,608,507 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
  334. [2012.01.30 16:42:57 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
  335. [2012.01.30 16:42:12 | 000,263,024 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
  336. [2012.01.30 16:24:15 | 000,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
  337. [2012.01.30 16:24:11 | 003,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
  338. [2012.01.30 16:24:11 | 000,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
  339. [2012.01.30 16:24:11 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
  340. [2012.01.30 16:24:10 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
  341. [2012.01.30 16:09:52 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
  342. [2012.01.30 16:02:48 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
  343. [2012.01.02 22:20:56 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
  344. [2011.12.05 23:04:00 | 000,059,904 | ---- | C] () -- C:\WINDOWS\System32\OpenVideo.dll
  345. [2011.12.05 23:03:52 | 000,054,784 | ---- | C] () -- C:\WINDOWS\System32\OVDecode.dll
  346.  
  347. [color=#E56717]========== LOP Check ==========[/color]
  348.  
  349. [2012.04.16 14:32:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\BitTorrent
  350. [2012.02.12 03:48:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\com.adobe.downloadassistant.AdobeDownloadAssistant
  351. [2012.02.20 13:17:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Hotdog Hotshot
  352. [2012.02.10 03:44:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\MB-Ruler
  353. [2012.04.16 11:58:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Media Finder
  354. [2012.02.25 12:28:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\PoivY
  355. [2012.01.06 08:06:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\Styler
  356. [2012.04.14 10:01:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\TeamViewer
  357. [2012.02.28 01:44:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\TS3Client
  358. [2012.02.23 21:46:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Administrator\Application Data\YoudaGames
  359. [2012.04.08 17:16:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Big Fish Games
  360. [2012.02.09 13:38:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
  361. [2012.03.17 03:37:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PMB Files
  362. [2012.02.20 16:32:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
  363. [2012.02.23 19:02:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Youdagames
  364. [2012.04.17 10:27:00 | 000,001,008 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1757981266-1993962763-1417001333-500Core.job
  365. [2012.04.18 07:27:01 | 000,001,030 | ---- | M] () -- C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1757981266-1993962763-1417001333-500UA.job
  366.  
  367. [color=#E56717]========== Purity Check ==========[/color]
  368.  
  369.  
  370.  
  371. [color=#E56717]========== Custom Scans ==========[/color]
  372.  
  373. [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
  374. [2009.01.30 14:43:56 | 000,323,169 | ---- | M] () -- C:\DPsFnshr.exe
  375.  
  376. [color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
  377. [2008.04.14 12:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
  378. [2008.04.14 02:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\AGP440.SYS
  379.  
  380. [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
  381. [2008.04.14 12:00:00 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
  382. [2008.04.14 12:00:00 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
  383.  
  384. [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
  385. [2008.04.14 12:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\dllcache\eventlog.dll
  386. [2008.04.14 12:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
  387.  
  388. [color=#A23BEC]< MD5 for: IASTOR.SYS >[/color]
  389. [2008.09.12 19:32:56 | 000,327,192 | ---- | M] (Intel Corporation) MD5=8EF427C54497C5F8A7A645990E4278C7 -- C:\D\M\I4\IaStor.sys
  390. [2007.09.29 23:03:12 | 000,308,248 | ---- | M] (Intel Corporation) MD5=E5A0034847537EAEE3C00349D5C34C5F -- C:\D\M\I3\IASTOR.SYS
  391.  
  392. [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
  393. [2008.04.14 12:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\dllcache\netlogon.dll
  394. [2008.04.14 12:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
  395.  
  396. [color=#A23BEC]< MD5 for: NVATABUS.SYS >[/color]
  397. [2006.02.26 17:21:18 | 000,089,856 | ---- | M] (NVIDIA Corporation) MD5=83F0275A21D9772B51CEF57E35AFAE61 -- C:\D\M\NV123\NVATABUS.sys
  398. [2006.04.24 17:52:28 | 000,100,736 | ---- | M] (NVIDIA Corporation) MD5=C03E15101F6D9E82CD9B0E7D715F5DE3 -- C:\D\M\NVTM\NVATABUS.sys
  399.  
  400. [color=#A23BEC]< MD5 for: NVGTS.SYS >[/color]
  401. [2007.07.27 22:16:02 | 000,105,984 | ---- | M] (NVIDIA Corporation) MD5=4BC4BAAED05161E0D331627E90A10745 -- C:\D\M\NV6\nvgts.sys
  402.  
  403. [color=#A23BEC]< MD5 for: NVRD32.SYS >[/color]
  404. [2007.07.27 22:15:56 | 000,116,736 | ---- | M] (NVIDIA Corporation) MD5=77AC69AC4F07BD9D29528B8FCC71FB49 -- C:\D\M\NV6\nvrd32.sys
  405.  
  406. [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
  407. [2008.04.14 12:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\dllcache\scecli.dll
  408. [2008.04.14 12:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
  409.  
  410. [color=#A23BEC]< MD5 for: VIAMRAID.SYS >[/color]
  411. [2008.07.10 03:19:02 | 000,117,248 | ---- | M] (VIA Technologies inc,.ltd) MD5=00046AA2E396EDC2238556E740A8E5AF -- C:\D\M\V1\viamraid.sys
  412.  
  413. [color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
  414.  
  415. [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
  416. [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
  417.  
  418. [color=#E56717]========== Alternate Data Streams ==========[/color]
  419.  
  420. @Alternate Data Stream - 130 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:04BB186B
  421.  
  422. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!