API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 10th, 2013
38
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 26.89 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 2013-08-10 11:12:07 - Run 2
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\DELL\Downloads
  3. Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
  4. Internet Explorer (Version = 9.0.8112.16421)
  5. Locale: 00000415 | Country: Polska | Language: PLK | Date Format: yyyy-MM-dd
  6.  
  7. 1,97 Gb Total Physical Memory | 1,13 Gb Available Physical Memory | 57,44% Memory free
  8. 3,93 Gb Paging File | 2,67 Gb Available in Paging File | 67,82% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
  12. Drive C: | 50,26 Gb Total Space | 33,42 Gb Free Space | 66,49% Space Free | Partition Type: NTFS
  13. Drive D: | 49,43 Gb Total Space | 42,93 Gb Free Space | 86,85% Space Free | Partition Type: NTFS
  14. Drive E: | 49,22 Gb Total Space | 47,48 Gb Free Space | 96,46% Space Free | Partition Type: NTFS
  15.  
  16. Computer Name: DELL-KOMPUTER | User Name: DELL | Logged in as Administrator.
  17. Boot Mode: Normal | Scan Mode: All users
  18. Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
  19.  
  20. [color=#E56717]========== Processes (SafeList) ==========[/color]
  21.  
  22. PRC - [2013-08-10 10:34:05 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\DELL\Downloads\OTL.exe
  23. PRC - [2013-08-07 11:42:31 | 004,466,016 | ---- | M] (TeamViewer GmbH) -- c:\Program Files\TeamViewer\Version8\TeamViewer_Desktop.exe
  24. PRC - [2013-08-07 11:42:30 | 004,308,320 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
  25. PRC - [2013-08-07 11:42:29 | 011,737,952 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\TeamViewer.exe
  26. PRC - [2013-08-07 11:28:08 | 000,195,936 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version8\tv_w32.exe
  27. PRC - [2013-06-12 12:34:37 | 000,814,472 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe
  28. PRC - [2013-05-11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
  29. PRC - [2012-11-23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
  30. PRC - [2012-10-10 22:15:04 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
  31. PRC - [2012-10-02 21:29:14 | 000,864,616 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
  32. PRC - [2012-10-02 21:28:55 | 001,820,520 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
  33. PRC - [2012-10-02 14:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
  34. PRC - [2012-05-31 19:00:26 | 000,218,880 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe
  35. PRC - [2011-02-25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
  36.  
  37.  
  38. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  39.  
  40. MOD - [2013-07-23 10:53:08 | 000,475,696 | ---- | M] () -- C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll
  41. MOD - [2010-11-20 23:29:12 | 000,232,448 | ---- | M] () -- \\.\globalroot\systemroot\system32\mswsock.dll
  42.  
  43.  
  44. [color=#E56717]========== Services (SafeList) ==========[/color]
  45.  
  46. SRV - [2013-08-07 11:42:30 | 004,308,320 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
  47. SRV - [2013-06-21 10:57:12 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
  48. SRV - [2013-06-12 13:34:40 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
  49. SRV - [2013-05-11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
  50. SRV - [2012-11-23 07:11:44 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
  51. SRV - [2012-10-10 22:15:04 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
  52. SRV - [2012-10-02 14:15:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
  53. SRV - [2012-05-31 19:00:26 | 000,218,880 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe -- (AVP)
  54. SRV - [2009-07-14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
  55. SRV - [2009-07-14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
  56.  
  57.  
  58. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  59.  
  60. DRV - [2012-12-09 19:32:08 | 000,242,240 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\System32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
  61. DRV - [2012-10-10 22:14:28 | 010,837,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
  62. DRV - [2012-05-29 15:55:40 | 000,584,536 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\System32\drivers\klif.sys -- (KLIF)
  63. DRV - [2012-05-25 19:38:48 | 000,025,432 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klkbdflt.sys -- (klkbdflt)
  64. DRV - [2012-05-25 19:30:34 | 000,025,944 | ---- | M] (Kaspersky Lab) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\klmouflt.sys -- (klmouflt)
  65. DRV - [2012-05-24 11:34:46 | 000,140,120 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kneps.sys -- (kneps)
  66. DRV - [2012-05-12 17:13:34 | 000,043,696 | ---- | M] (Kaspersky Lab) [Kernel | System | Running] -- C:\Windows\System32\drivers\kltdi.sys -- (kltdi)
  67. DRV - [2012-04-13 13:54:06 | 000,135,984 | ---- | M] (Kaspersky Lab ZAO) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\kl1.sys -- (KL1)
  68. DRV - [2012-03-27 18:34:24 | 000,023,856 | ---- | M] (Kaspersky Lab ZAO) [Kernel | System | Running] -- C:\Windows\System32\drivers\klim6.sys -- (KLIM6)
  69. DRV - [2010-11-20 23:29:24 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
  70. DRV - [2010-11-20 23:29:03 | 000,027,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
  71. DRV - [2009-07-14 00:02:50 | 000,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
  72. DRV - [2006-08-11 15:47:13 | 000,059,776 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfsync04.sys -- (sfsync04)
  73. DRV - [2006-07-05 14:46:06 | 000,063,352 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\sfdrv01a.sys -- (sfdrv01a)
  74. DRV - [2006-06-14 16:56:56 | 000,013,680 | ---- | M] (Protection Technology (StarForce)) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\sfhlp02.sys -- (sfhlp02)
  75.  
  76.  
  77. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  78.  
  79.  
  80. [color=#E56717]========== Internet Explorer ==========[/color]
  81.  
  82. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
  83. IE - HKLM\..\URLSearchHook: - No CLSID value found
  84. IE - HKLM\..\SearchScopes,DefaultScope =
  85. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  86.  
  87.  
  88. IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
  89. IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  90.  
  91. IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
  92. IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  93.  
  94. IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =
  95.  
  96. IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =
  97.  
  98. IE - HKU\S-1-5-21-167559960-3465654773-2650742890-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
  99. IE - HKU\S-1-5-21-167559960-3465654773-2650742890-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
  100. IE - HKU\S-1-5-21-167559960-3465654773-2650742890-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
  101. IE - HKU\S-1-5-21-167559960-3465654773-2650742890-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
  102. IE - HKU\S-1-5-21-167559960-3465654773-2650742890-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
  103. IE - HKU\S-1-5-21-167559960-3465654773-2650742890-1000\..\URLSearchHook: - No CLSID value found
  104. IE - HKU\S-1-5-21-167559960-3465654773-2650742890-1000\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
  105. IE - HKU\S-1-5-21-167559960-3465654773-2650742890-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  106. IE - HKU\S-1-5-21-167559960-3465654773-2650742890-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  107. IE - HKU\S-1-5-21-167559960-3465654773-2650742890-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  108.  
  109. IE - HKU\S-1-5-21-167559960-3465654773-2650742890-1001\..\SearchScopes,DefaultScope =
  110.  
  111.  
  112. [color=#E56717]========== FireFox ==========[/color]
  113.  
  114. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
  115. FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
  116. FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  117. FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
  118. FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
  119. FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
  120. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
  121. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
  122. FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
  123. FF - HKLM\Software\MozillaPlugins\@vividas.com/npVividasPlayer: E:\Player\npVividasPlayer.dll File not found
  124. FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
  125.  
  126. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\url_advisor@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\url_advisor@kaspersky.com [2013-06-20 20:39:19 | 000,000,000 | ---D | M]
  127. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\virtual_keyboard@kaspersky.com: C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\FFExt\virtual_keyboard@kaspersky.com [2013-06-20 20:39:19 | 000,000,000 | ---D | M]
  128.  
  129. [2012-11-24 16:59:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\DELL\AppData\Roaming\mozilla\Firefox\extensions
  130. [2012-11-24 16:59:34 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\DELL\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
  131. [2012-11-24 23:27:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
  132.  
  133. [color=#E56717]========== Chrome ==========[/color]
  134.  
  135. CHR - default_search_provider: Ask.com (Enabled)
  136. CHR - default_search_provider: search_url = http://dts.search.ask.com/sr?src=crb&gct=ds&appid=0&systemid=421&v=n8463-56&apn_uid=1467853302254144&apn_dtid=BND421&o=APN10649&apn_ptnrs=AGA&q={searchTerms}
  137. CHR - default_search_provider: suggest_url =
  138. CHR - Extension: Kaspersky URL Advisor = C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.0.3370_0\
  139. CHR - Extension: Klawiatura wirtualna = C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.0.3370_0\
  140.  
  141. O1 HOSTS File: ([2009-06-10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
  142. O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
  143. O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
  144. O3 - HKU\S-1-5-21-167559960-3465654773-2650742890-1000\..\Toolbar\WebBrowser: (no name) - {7473B6BD-4691-4744-A82B-7854EB3D70B6} - No CLSID value found.
  145. O4 - HKLM..\Run: [] File not found
  146. O4 - HKLM..\Run: [AVP] C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\avp.exe (Kaspersky Lab ZAO)
  147. O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
  148. O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
  149. O4 - HKU\S-1-5-21-167559960-3465654773-2650742890-1001..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
  150. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
  151. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
  152. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  153. O9 - Extra Button: &Klawiatura wirtualna - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
  154. O9 - Extra Button: &Sprawdzanie adresów internetowych - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
  155. O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - %SystemRoot%\System32\winrnr.dll File not found
  156. O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - %SystemRoot%\System32\winrnr.dll File not found
  157. O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - %SystemRoot%\System32\winrnr.dll File not found
  158. O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - %SystemRoot%\System32\winrnr.dll File not found
  159. O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - %SystemRoot%\System32\winrnr.dll File not found
  160. O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - %SystemRoot%\System32\winrnr.dll File not found
  161. O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - %SystemRoot%\System32\winrnr.dll File not found
  162. O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - %SystemRoot%\System32\winrnr.dll File not found
  163. O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - %SystemRoot%\System32\winrnr.dll File not found
  164. O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - %SystemRoot%\System32\winrnr.dll File not found
  165. O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - %SystemRoot%\System32\winrnr.dll File not found
  166. O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - %SystemRoot%\System32\winrnr.dll File not found
  167. O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - %SystemRoot%\System32\winrnr.dll File not found
  168. O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - %SystemRoot%\System32\winrnr.dll File not found
  169. O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - %SystemRoot%\System32\winrnr.dll File not found
  170. O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - %SystemRoot%\System32\winrnr.dll File not found
  171. O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - %SystemRoot%\System32\winrnr.dll File not found
  172. O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - %SystemRoot%\System32\winrnr.dll File not found
  173. O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - %SystemRoot%\System32\winrnr.dll File not found
  174. O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - %SystemRoot%\System32\winrnr.dll File not found
  175. O13 - gopher Prefix: missing
  176. O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
  177. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
  178. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B6353E95-1AC8-40C2-BC33-82273CC85053}: DhcpNameServer = 192.168.1.1
  179. O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
  180. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  181. O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
  182. O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
  183. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  184. O32 - HKLM CDRom: AutoRun - 0
  185. O32 - AutoRun File - [2009-06-10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
  186. O34 - HKLM BootExecute: (autocheck autochk *)
  187. O35 - HKLM\..comfile [open] -- "%1" %*
  188. O35 - HKLM\..exefile [open] -- "%1" %*
  189. O36 - AppCertDlls: x86 - (C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll) - C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll ()
  190. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  191. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  192. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  193. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
  194. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  195.  
  196. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  197.  
  198. [2013-08-10 10:33:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
  199. [2013-08-10 10:33:24 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
  200. [2013-08-10 09:24:45 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer
  201. [2013-08-10 09:17:48 | 000,000,000 | ---D | C] -- C:\Users\DELL\AppData\Roaming\Malwarebytes
  202. [2013-08-10 09:17:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
  203. [2013-08-10 09:17:43 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
  204. [2013-08-10 09:17:43 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
  205. [2013-08-10 09:17:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
  206. [2013-08-09 19:31:17 | 000,000,000 | ---D | C] -- C:\Users\DELL\AppData\Roaming\ERS G-Studio
  207. [2013-08-09 09:54:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Intenium
  208. [2013-08-06 16:47:38 | 000,000,000 | ---D | C] -- C:\Users\DELL\AppData\Roaming\Aisle 5 Games, Inc
  209. [2013-08-06 16:22:43 | 000,000,000 | ---D | C] -- C:\Users\DELL\AppData\Local\LostKing
  210. [2013-08-06 11:21:45 | 000,000,000 | ---D | C] -- C:\Users\DELL\AppData\Roaming\Canneverbe Limited
  211. [2013-08-06 11:21:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
  212. [2013-07-27 09:11:07 | 000,000,000 | ---D | C] -- C:\Users\DELL\AppData\Local\Torch
  213. [2013-07-27 09:10:51 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mscomctl.ocx
  214. [2013-07-27 09:10:51 | 000,152,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\COMDLG32.OCX
  215. [2013-07-27 09:10:51 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSCMCFR.DLL
  216. [2013-07-27 09:10:51 | 000,119,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6FR.DLL
  217. [2013-07-27 09:10:51 | 000,115,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msinet.OCX
  218. [2013-07-27 09:10:51 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\VB6STKIT.DLL
  219. [2013-07-27 09:10:51 | 000,040,960 | ---- | C] (vbAccelerator) -- C:\Windows\System32\SSubTmr6.dll
  220. [2013-07-27 09:10:51 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\CMDLGFR.DLL
  221. [2013-07-27 09:10:51 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetfr.DLL
  222. [2013-07-27 09:10:51 | 000,000,000 | ---D | C] -- C:\Users\DELL\AppData\Roaming\FreeBurner
  223. [2013-07-27 09:10:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Wincert
  224. [2013-07-27 09:09:55 | 000,000,000 | ---D | C] -- C:\Program Files\Movies Toolbar
  225. [2013-07-27 09:09:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Datamngr
  226. [2013-07-27 09:09:34 | 000,000,000 | ---D | C] -- C:\Program Files\Free Easy CD DVD Burner
  227. [2013-07-25 13:33:39 | 000,000,000 | ---D | C] -- C:\freetvapps
  228. [2013-07-25 13:33:39 | 000,000,000 | ---D | C] -- C:\__MACOSX
  229. [2013-07-24 10:03:21 | 000,000,000 | ---D | C] -- C:\Users\DELL\AppData\Roaming\Awem
  230. [2013-07-23 07:02:30 | 000,000,000 | ---D | C] -- C:\Windows\Portal of Evil - Stolen Runes Collectors Edition
  231. [2013-07-18 09:53:39 | 000,000,000 | ---D | C] -- C:\Users\DELL\Documents\AdoreGames
  232. [2013-07-16 09:28:17 | 000,000,000 | ---D | C] -- C:\Users\DELL\AppData\Roaming\Mad Head Games
  233. [2013-07-16 09:26:09 | 000,000,000 | ---D | C] -- C:\Windows\Rite of Passage 2- Child of the Forest CE
  234. [2013-07-15 06:44:37 | 000,000,000 | ---D | C] -- C:\Users\DELL\AppData\Roaming\GameMill Entertainment
  235. [2013-07-12 09:04:13 | 000,000,000 | ---D | C] -- C:\Users\DELL\AppData\Local\Chronicles of Albian
  236.  
  237. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  238.  
  239. [2013-08-10 11:07:31 | 000,022,064 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  240. [2013-08-10 11:07:31 | 000,022,064 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  241. [2013-08-10 11:07:24 | 006,897,844 | ---- | M] () -- C:\Windows\System32\perfh015.dat
  242. [2013-08-10 11:07:24 | 002,791,504 | ---- | M] () -- C:\Windows\System32\perfh009.dat
  243. [2013-08-10 11:07:24 | 002,284,146 | ---- | M] () -- C:\Windows\System32\perfc015.dat
  244. [2013-08-10 11:07:24 | 002,184,838 | ---- | M] () -- C:\Windows\System32\perfc009.dat
  245. [2013-08-10 11:00:17 | 000,001,028 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  246. [2013-08-10 11:00:11 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  247. [2013-08-10 11:00:09 | 1583,566,848 | -HS- | M] () -- C:\hiberfil.sys
  248. [2013-08-10 10:51:00 | 000,001,032 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  249. [2013-08-10 10:34:00 | 000,000,930 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
  250. [2013-08-10 10:27:27 | 000,269,256 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
  251. [2013-08-10 09:24:48 | 000,001,120 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
  252. [2013-08-10 09:17:45 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
  253. [2013-08-10 09:11:04 | 000,000,217 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
  254. [2013-08-09 09:06:22 | 000,001,108 | ---- | M] () -- C:\Users\DELL\Desktop\Dark Tales Edgar Allan Poes The Masque of the Red Death CE.lnk
  255. [2013-08-06 11:29:00 | 000,000,676 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
  256. [2013-07-31 08:13:54 | 000,000,688 | ---- | M] () -- C:\Users\DELL\Desktop\NapiProjekt — skrót.lnk
  257.  
  258. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  259.  
  260. [2013-08-10 09:24:48 | 000,001,132 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
  261. [2013-08-10 09:24:48 | 000,001,120 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
  262. [2013-08-10 09:17:45 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
  263. [2013-08-10 09:10:48 | 000,000,217 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
  264. [2013-08-09 09:06:22 | 000,001,108 | ---- | C] () -- C:\Users\DELL\Desktop\Dark Tales Edgar Allan Poes The Masque of the Red Death CE.lnk
  265. [2013-08-06 11:21:26 | 000,000,676 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
  266. [2013-08-06 11:21:26 | 000,000,608 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
  267. [2013-07-31 08:13:54 | 000,000,688 | ---- | C] () -- C:\Users\DELL\Desktop\NapiProjekt — skrót.lnk
  268. [2013-05-12 20:44:13 | 000,000,445 | ---- | C] () -- C:\Windows\wininit.ini
  269. [2013-01-09 20:21:15 | 000,122,884 | ---- | C] () -- C:\Windows\UnGins.exe
  270. [2012-11-23 07:10:51 | 003,536,817 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
  271. [2011-12-07 21:32:24 | 000,216,064 | ---- | C] ( ) -- C:\Windows\System32\Lagarith.dll
  272.  
  273. [color=#E56717]========== ZeroAccess Check ==========[/color]
  274.  
  275. [2013-04-01 10:32:35 | 000,000,082 | ---- | M] () -- C:\Windows\$NtUninstallKB20325$\systemprofile\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\KVHBYRWM\t.cxt.ms\lso.swf\u.sol
  276. [2009-07-14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
  277.  
  278. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  279.  
  280. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  281.  
  282. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  283. "" = %SystemRoot%\system32\shell32.dll -- [2012-06-09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
  284. "ThreadingModel" = Apartment
  285.  
  286. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  287. "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-20 23:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
  288. "ThreadingModel" = Free
  289.  
  290. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  291. "" = %systemroot%\system32\wbem\wbemess.dll -- [2009-07-14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
  292. "ThreadingModel" = Both
  293.  
  294. [color=#E56717]========== LOP Check ==========[/color]
  295.  
  296.  
  297. [color=#E56717]========== Purity Check ==========[/color]
  298.  
  299.  
  300.  
  301. [color=#E56717]========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========[/color]
  302. [C:\Windows\$NtUninstallKB20325$] -> Error: Cannot create file handle -> Unknown point type
  303.  
  304. [color=#E56717]========== Alternate Data Streams ==========[/color]
  305.  
  306. @Alternate Data Stream - 143 bytes -> C:\ProgramData\TEMP:48C205FE
  307. @Alternate Data Stream - 139 bytes -> C:\ProgramData\TEMP:DBE05F87
  308. @Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:57B2B96C
  309. @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:72C99D4E
  310.  
  311. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!