API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 11th, 2013
79
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 55.46 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 11.7.2013. 22:08:54 - Run 1
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\ivo_kat\Downloads
  3. Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
  4. Internet Explorer (Version = 9.10.9200.16614)
  5. Locale: 0000041a | Country: Hrvatska | Language: HRV | Date Format: d.M.yyyy.
  6.  
  7. 1,99 Gb Total Physical Memory | 1,13 Gb Available Physical Memory | 56,60% Memory free
  8. 3,98 Gb Paging File | 2,59 Gb Available in Paging File | 65,26% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
  12. Drive C: | 149,05 Gb Total Space | 94,07 Gb Free Space | 63,11% Space Free | Partition Type: NTFS
  13. Drive D: | 48,83 Gb Total Space | 28,11 Gb Free Space | 57,57% Space Free | Partition Type: NTFS
  14. Drive F: | 25,69 Gb Total Space | 22,87 Gb Free Space | 89,02% Space Free | Partition Type: NTFS
  15.  
  16. Computer Name: IVO_KAT-PC | User Name: ivo_kat | Logged in as Administrator.
  17. Boot Mode: Normal | Scan Mode: Current user | Quick Scan
  18. Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
  19.  
  20. [color=#E56717]========== Processes (SafeList) ==========[/color]
  21.  
  22. PRC - [2013.07.11 22:07:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\ivo_kat\Downloads\OTL.exe
  23. PRC - [2013.07.07 16:49:28 | 000,607,744 | ---- | M] (MyCity) -- C:\Program Files\MCShield\MCShieldRTM.exe
  24. PRC - [2013.06.08 21:30:57 | 000,202,576 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\RaMaint.exe
  25. PRC - [2013.06.08 21:30:00 | 000,375,120 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
  26. PRC - [2013.05.25 02:47:30 | 027,776,968 | ---- | M] (Dropbox, Inc.) -- C:\Users\ivo_kat\AppData\Roaming\Dropbox\bin\Dropbox.exe
  27. PRC - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
  28. PRC - [2013.05.09 20:12:40 | 000,568,904 | ---- | M] (Copyright 2013 SAMSUNG) -- C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
  29. PRC - [2013.05.09 20:12:08 | 000,407,384 | ---- | M] (Samsung Electronics) -- C:\Program Files\Samsung\Samsung Link\utils\Samsung Link Launcher.exe
  30. PRC - [2013.05.03 14:13:34 | 000,404,360 | ---- | M] (Samsung) -- C:\Program Files\Samsung\AllShare Framework DMS\1.3.09\AllShareFrameworkManagerDMS.exe
  31. PRC - [2013.05.03 14:12:52 | 000,755,080 | ---- | M] (Samsung) -- C:\Program Files\Samsung\AllShare Framework DMS\1.3.09\AllShareFrameworkDMS.exe
  32. PRC - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
  33. PRC - [2013.04.04 14:50:32 | 000,532,040 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
  34. PRC - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
  35. PRC - [2013.01.27 12:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\NisSrv.exe
  36. PRC - [2013.01.27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe
  37. PRC - [2013.01.27 12:11:06 | 000,947,152 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Security Client\msseces.exe
  38. PRC - [2012.11.30 04:55:25 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
  39. PRC - [2012.11.23 04:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
  40. PRC - [2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
  41. PRC - [2010.11.08 13:04:20 | 000,390,528 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeIn.exe
  42. PRC - [2010.09.17 16:40:06 | 000,063,048 | ---- | M] (LogMeIn, Inc.) -- C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
  43. PRC - [2005.09.12 23:22:44 | 000,135,168 | ---- | M] (Primax Electronics Ltd.) -- C:\Windows\System32\PELMICED.EXE
  44. PRC - [2004.07.14 16:36:54 | 000,057,344 | ---- | M] (Primax Electronics Ltd.) -- C:\Windows\System32\ico.exe
  45. PRC - [2003.11.06 16:51:32 | 000,020,480 | ---- | M] () -- C:\Windows\System32\FSRremoS.EXE
  46.  
  47.  
  48. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  49.  
  50. MOD - [2013.07.11 19:00:31 | 000,541,696 | ---- | M] () -- C:\Users\ivo_kat\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
  51. MOD - [2013.06.15 03:28:42 | 000,393,168 | ---- | M] () -- C:\Users\ivo_kat\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
  52. MOD - [2013.06.15 03:28:41 | 013,140,432 | ---- | M] () -- C:\Users\ivo_kat\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
  53. MOD - [2013.06.15 03:28:40 | 004,051,408 | ---- | M] () -- C:\Users\ivo_kat\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll
  54. MOD - [2013.06.15 03:27:51 | 000,599,504 | ---- | M] () -- C:\Users\ivo_kat\AppData\Local\Google\Chrome\Application\27.0.1453.116\libglesv2.dll
  55. MOD - [2013.06.15 03:27:50 | 000,124,368 | ---- | M] () -- C:\Users\ivo_kat\AppData\Local\Google\Chrome\Application\27.0.1453.116\libegl.dll
  56. MOD - [2013.06.15 03:27:48 | 001,597,392 | ---- | M] () -- C:\Users\ivo_kat\AppData\Local\Google\Chrome\Application\27.0.1453.116\ffmpegsumo.dll
  57. MOD - [2013.05.09 20:12:08 | 000,854,016 | ---- | M] () -- C:\Program Files\Samsung\Samsung Link\SecLibJNI.dll
  58. MOD - [2013.05.09 20:12:08 | 000,009,728 | ---- | M] () -- C:\Program Files\Samsung\Samsung Link\JniSys.dll
  59. MOD - [2013.05.03 14:11:22 | 000,589,824 | ---- | M] () -- C:\Program Files\Samsung\AllShare Framework DMS\1.3.09\DMS_Manager.dll
  60. MOD - [2013.05.03 14:10:58 | 000,013,824 | ---- | M] () -- C:\Program Files\Samsung\AllShare Framework DMS\1.3.09\MediaDB_Manager.dll
  61. MOD - [2013.05.03 14:10:00 | 000,119,296 | ---- | M] () -- C:\Program Files\Samsung\AllShare Framework DMS\1.3.09\ASFAPI.dll
  62. MOD - [2013.05.03 14:09:40 | 000,038,912 | ---- | M] () -- C:\Program Files\Samsung\AllShare Framework DMS\1.3.09\JNIInterface.dll
  63. MOD - [2013.04.19 16:38:54 | 000,025,600 | ---- | M] () -- C:\Program Files\Samsung\AllShare Framework DMS\1.3.09\MediaDB.dll
  64. MOD - [2013.04.19 16:37:54 | 000,704,000 | ---- | M] () -- C:\Program Files\Samsung\AllShare Framework DMS\1.3.09\ContentDirectoryPresenter.dll
  65. MOD - [2013.04.15 18:53:12 | 000,046,592 | ---- | M] () -- C:\Windows\System32\boost_thread-vc90-mt-1_47.dll
  66. MOD - [2013.04.15 18:53:00 | 000,038,912 | ---- | M] () -- C:\Windows\System32\boost_date_time-vc90-mt-1_47.dll
  67. MOD - [2013.04.15 18:52:44 | 000,227,840 | ---- | M] () -- C:\Windows\System32\boost_serialization-vc90-mt-1_47.dll
  68. MOD - [2013.04.15 18:52:40 | 000,012,800 | ---- | M] () -- C:\Windows\System32\boost_system-vc90-mt-1_47.dll
  69. MOD - [2013.03.13 22:48:52 | 024,978,944 | ---- | M] () -- C:\Users\ivo_kat\AppData\Roaming\Dropbox\bin\libcef.dll
  70. MOD - [2012.11.14 01:32:50 | 003,558,400 | ---- | M] () -- C:\Users\ivo_kat\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
  71. MOD - [2003.11.06 16:51:32 | 000,020,480 | ---- | M] () -- C:\Windows\System32\FSRremoS.EXE
  72.  
  73.  
  74. [color=#E56717]========== Services (SafeList) ==========[/color]
  75.  
  76. SRV - [2013.06.11 20:55:31 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
  77. SRV - [2013.06.08 21:30:57 | 000,202,576 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\RaMaint.exe -- (LMIMaint)
  78. SRV - [2013.06.08 21:30:00 | 000,375,120 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe -- (LMIGuardianSvc)
  79. SRV - [2013.05.10 09:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
  80. SRV - [2013.05.03 14:13:34 | 000,404,360 | ---- | M] (Samsung) [Auto | Running] -- C:\Program Files\Samsung\AllShare Framework DMS\1.3.09\AllShareFrameworkManagerDMS.exe -- (AllShare Framework DMS)
  81. SRV - [2013.04.04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
  82. SRV - [2013.04.04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
  83. SRV - [2013.01.27 12:11:46 | 000,295,232 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
  84. SRV - [2013.01.27 12:11:46 | 000,020,456 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
  85. SRV - [2013.01.08 13:55:20 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
  86. SRV - [2010.11.08 13:04:20 | 000,390,528 | ---- | M] (LogMeIn, Inc.) [Auto | Running] -- C:\Program Files\LogMeIn\x86\LogMeIn.exe -- (LogMeIn)
  87. SRV - [2009.07.14 03:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
  88. SRV - [2009.07.14 03:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
  89. SRV - [2009.07.14 03:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\mpsvc.dll -- (WinDefend)
  90.  
  91.  
  92. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  93.  
  94. DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
  95. DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
  96. DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
  97. DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\ivo_kat\AppData\Local\Temp\catchme.sys -- (catchme)
  98. DRV - [2013.07.11 18:11:53 | 000,029,904 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{1E87F9F4-4AE6-4C9F-AC2B-49330AC086C2}\MpKsl390b897e.sys -- (MpKsl390b897e)
  99. DRV - [2013.06.08 21:30:09 | 000,086,888 | ---- | M] (LogMeIn, Inc.) [File_System | Disabled | Stopped] -- C:\Windows\System32\LMIRfsClientNP.dll -- (LMIRfsClientNP)
  100. DRV - [2013.05.30 09:19:02 | 000,013,624 | ---- | M] (LogMeIn, Inc.) [Kernel | Auto | Running] -- C:\Program Files\LogMeIn\x86\RaInfo.sys -- (LMIInfo)
  101. DRV - [2013.04.04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
  102. DRV - [2013.02.06 07:42:10 | 000,181,912 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudserd.sys -- (ssudserd)
  103. DRV - [2013.02.06 07:42:10 | 000,083,864 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
  104. DRV - [2013.02.06 07:42:08 | 000,181,784 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
  105. DRV - [2013.01.20 16:59:04 | 000,100,328 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\NisDrvWFP.sys -- (NisDrv)
  106. DRV - [2011.04.05 14:20:50 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
  107. DRV - [2011.04.05 14:20:50 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
  108. DRV - [2010.11.20 14:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
  109. DRV - [2010.11.20 14:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
  110. DRV - [2010.11.20 14:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
  111. DRV - [2010.11.20 12:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
  112. DRV - [2010.11.20 12:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
  113. DRV - [2010.11.20 11:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
  114. DRV - [2010.11.20 11:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
  115. DRV - [2010.11.20 11:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
  116. DRV - [2010.09.17 16:40:06 | 000,047,640 | ---- | M] (LogMeIn, Inc.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\LMIRfsDriver.sys -- (LMIRfsDriver)
  117. DRV - [2010.07.10 06:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
  118. DRV - [2009.08.06 05:59:00 | 000,750,592 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Dnetr28u.sys -- (netr28u)
  119. DRV - [2009.07.14 01:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
  120. DRV - [2008.12.13 17:15:26 | 000,036,608 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\FsUsbExDisk.Sys -- (FsUsbExDisk)
  121. DRV - [2008.10.21 11:22:48 | 000,114,600 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mdm.sys -- (s0017mdm)
  122. DRV - [2008.10.21 11:22:48 | 000,109,736 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017unic.sys -- (s0017unic)
  123. DRV - [2008.10.21 11:22:48 | 000,108,328 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mgmt.sys -- (s0017mgmt)
  124. DRV - [2008.10.21 11:22:48 | 000,104,616 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017obex.sys -- (s0017obex)
  125. DRV - [2008.10.21 11:22:48 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017bus.sys -- (s0017bus)
  126. DRV - [2008.10.21 11:22:48 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0017mdfl.sys -- (s0017mdfl)
  127. DRV - [2008.05.16 13:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016unic.sys -- (s0016unic)
  128. DRV - [2008.05.16 13:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016nd5.sys -- (s0016nd5)
  129. DRV - [2008.05.16 13:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdfl.sys -- (s0016mdfl)
  130. DRV - [2008.05.16 13:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdm.sys -- (s0016mdm)
  131. DRV - [2008.05.16 13:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mgmt.sys -- (s0016mgmt)
  132. DRV - [2008.05.16 13:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016obex.sys -- (s0016obex)
  133. DRV - [2008.05.16 13:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016bus.sys -- (s0016bus)
  134. DRV - [2008.01.09 13:28:34 | 000,027,632 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\seehcri.sys -- (seehcri)
  135. DRV - [2007.04.03 14:57:54 | 000,099,080 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116unic.sys -- (s116unic)
  136. DRV - [2007.04.03 14:57:52 | 000,098,696 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116obex.sys -- (s116obex)
  137. DRV - [2007.04.03 14:57:52 | 000,023,176 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116nd5.sys -- (s116nd5)
  138. DRV - [2007.04.03 14:57:50 | 000,100,488 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116mgmt.sys -- (s116mgmt)
  139. DRV - [2007.04.03 14:57:48 | 000,108,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116mdm.sys -- (s116mdm)
  140. DRV - [2007.04.03 14:57:48 | 000,015,112 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116mdfl.sys -- (s116mdfl)
  141. DRV - [2007.04.03 14:57:42 | 000,083,336 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s116bus.sys -- (s116bus)
  142. DRV - [2003.02.11 14:25:14 | 000,009,216 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pelusblf.sys -- (pelusblf)
  143. DRV - [2003.01.10 14:55:32 | 000,016,384 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\PELMOUSE.SYS -- (pelmouse)
  144.  
  145.  
  146. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  147.  
  148.  
  149. [color=#E56717]========== Internet Explorer ==========[/color]
  150.  
  151. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com
  152. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://www.google.com
  153. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
  154. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
  155. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
  156. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://www.google.com
  157. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com
  158. IE - HKLM\..\SearchScopes,DefaultScope =
  159. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  160. IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
  161.  
  162. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
  163. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = http://www.google.com
  164. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
  165. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Before = http://www.google.hr/
  166. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = hr
  167. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP =
  168. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
  169. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Bar = http://www.google.com
  170. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Search Page = http://www.google.com
  171. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = http://www.google.com
  172. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = http://www.google.com
  173. IE - HKCU\..\SearchScopes,DefaultScope =
  174. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  175. IE - HKCU\..\SearchScopes\{47AE1BA9-0BD1-44F4-88AE-45F8F7B605EF}: "URL" = http://www.basicserve.com/?prt=bscsrvlink1&sp=&keywords={searchTerms}
  176. IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  177. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  178.  
  179. [color=#E56717]========== FireFox ==========[/color]
  180.  
  181. FF - prefs.js..browser.search.defaultengine: "Google"
  182. FF - prefs.js..browser.search.defaultenginename: "Google"
  183. FF - prefs.js..browser.search.useDBForOrder: false
  184. FF - user.js - File not found
  185.  
  186. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
  187. FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
  188. FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
  189. FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
  190. FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
  191. FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
  192. FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
  193. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
  194. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
  195. FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
  196. FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\ivo_kat\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
  197. FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\ivo_kat\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
  198. FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\ivo_kat\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
  199. FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ivo_kat\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
  200. FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ivo_kat\AppData\Local\Google\Update\1.3.21.149\npGoogleUpdate3.dll (Google Inc.)
  201. FF - HKCU\Software\MozillaPlugins\samsung.com/SamsungLinkPCPlugin: C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll (Samsung)
  202.  
  203. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.11.14 22:59:06 | 000,000,000 | ---D | M]
  204. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.18\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.05.23 07:55:48 | 000,000,000 | ---D | M]
  205. FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\ClickPotatoLite@ClickPotatoLite.com: C:\Users\ivo_kat\AppData\Local\ClickPotatoLiteSA\bin\12.0.15.0\firefox\extensions
  206.  
  207. [2013.02.01 20:32:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ivo_kat\AppData\Roaming\mozilla\Extensions
  208. [2013.07.11 17:58:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ivo_kat\AppData\Roaming\mozilla\Firefox\Profiles\humrmflq.default\extensions
  209. [2013.03.27 14:02:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ivo_kat\AppData\Roaming\mozilla\Firefox\Profiles\humrmflq.default\extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}
  210. [2013.03.27 14:02:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ivo_kat\AppData\Roaming\mozilla\Firefox\Profiles\humrmflq.default\extensions\{3b226c18-61b7-47ce-af51-4f83c608aa29}
  211. [2013.06.07 09:13:05 | 000,000,000 | ---D | M] (CoolLinks Addon) -- C:\Users\ivo_kat\AppData\Roaming\mozilla\Firefox\Profiles\humrmflq.default\extensions\toolbarbutton@coollinks.us
  212. [2013.06.07 09:14:51 | 000,000,000 | ---D | M] (ObviousIdea Addon) -- C:\Users\ivo_kat\AppData\Roaming\mozilla\Firefox\Profiles\humrmflq.default\extensions\toolbarbutton@obviousidea.us
  213. [2013.06.07 09:14:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ivo_kat\AppData\Roaming\mozilla\Firefox\Profileshumrmflq.default\extensions
  214. [2013.06.07 09:14:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ivo_kat\AppData\Roaming\mozilla\Firefox\Profileshumrmflq.default\extensions\staged
  215. [2010.09.14 14:48:25 | 000,002,506 | ---- | M] () -- C:\Users\ivo_kat\AppData\Roaming\mozilla\firefox\profiles\humrmflq.default\searchplugins\BearShareWebSearch.xml
  216. [2013.06.07 09:20:40 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\mozilla firefox\extensions
  217. [2013.06.07 09:20:40 | 000,000,000 | ---D | M] (BasicServe) -- C:\Program Files\mozilla firefox\extensions\{740B3FD5-4483-469D-BE7F-8555B153BD04}
  218. [2011.02.02 12:18:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
  219. [2011.03.10 11:23:40 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
  220. [2011.06.22 14:51:32 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
  221. [2012.09.20 09:34:28 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
  222. [2011.07.11 23:48:12 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll
  223. [2010.09.14 14:48:25 | 000,002,506 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\BearShareWebSearch.xml
  224.  
  225. [color=#E56717]========== Chrome ==========[/color]
  226.  
  227. CHR - default_search_provider: Google (Enabled)
  228. CHR - default_search_provider: search_url = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGHP_en
  229. CHR - default_search_provider: suggest_url =
  230. CHR - plugin: Shockwave Flash (Enabled) = C:\Users\ivo_kat\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
  231. CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
  232. CHR - plugin: Native Client (Enabled) = C:\Users\ivo_kat\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
  233. CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\ivo_kat\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll
  234. CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
  235. CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
  236. CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
  237. CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
  238. CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
  239. CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
  240. CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
  241. CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
  242. CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
  243. CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
  244. CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\ivo_kat\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
  245. CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\ivo_kat\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
  246. CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\ivo_kat\AppData\Roaming\Mozilla\plugins\npo1d.dll
  247. CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
  248. CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
  249. CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.149\npGoogleUpdate3.dll
  250. CHR - plugin: Java(TM) Platform SE 7 U13 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
  251. CHR - plugin: Samsung Link PC Plugin (Enabled) = C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll
  252. CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
  253. CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll
  254. CHR - plugin: Java Deployment Toolkit 7.0.130.20 (Enabled) = C:\Windows\system32\npDeployJava1.dll
  255. CHR - Extension: Google disk = C:\Users\ivo_kat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
  256. CHR - Extension: CoolLinks = C:\Users\ivo_kat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfmehijkjmecpggalfkngbpppbfdpdkg\2.0_0\
  257.  
  258. O1 HOSTS File: ([2013.07.11 18:57:59 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
  259. O1 - Hosts: 127.0.0.1 localhost
  260. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
  261. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
  262. O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
  263. O4 - HKLM..\Run: [LogMeIn GUI] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe (LogMeIn, Inc.)
  264. O4 - HKLM..\Run: [Mouse Suite 98 Daemon] C:\Windows\System32\ico.exe (Primax Electronics Ltd.)
  265. O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
  266. O4 - HKLM..\Run: [Samsung Link] C:\Program Files\Samsung\Samsung Link\utils\Samsung Link Launcher.exe (Samsung Electronics)
  267. O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (Google)
  268. O4 - HKCU..\Run: [MCShield Monitor] C:\Program Files\MCShield\mcshieldrtm.exe (MyCity)
  269. O4 - Startup: C:\Users\ivo_kat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\ivo_kat\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
  270. O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
  271. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
  272. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
  273. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  274. O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
  275. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
  276. O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
  277. O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 File not found
  278. O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
  279. O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation)
  280. O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation)
  281. O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (QuickTime Object)
  282. O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
  283. O16 - DPF: {304171C0-65EA-4B51-B5D9-93A311E26EB1} http://212.39.127.254:8010/cgi-bin/MxPEG_ActiveX.cab?dummy=787669 (MxPEG_ActiveX Control)
  284. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Java Plug-in 10.13.2)
  285. O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} http://193.198.171.234/plugin/h263ctrl.cab (VaPgCtrl Class)
  286. O16 - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Java Plug-in 1.7.0_13)
  287. O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Java Plug-in 1.7.0_13)
  288. O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
  289. O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} http://212.92.202.121/activex/AMC.cab (AxisMediaControlEmb Class)
  290. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 212.39.98.164 212.39.98.163
  291. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{81B353C3-4459-4A65-B650-8AF65806FB63}: DhcpNameServer = 212.39.98.164 212.39.98.163
  292. O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
  293. O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
  294. O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
  295. O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
  296. O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  297. O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
  298. O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
  299. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  300. O32 - HKLM CDRom: AutoRun - 1
  301. O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
  302. O32 - AutoRun File - [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
  303. O34 - HKLM BootExecute: (autocheck autochk *)
  304. O35 - HKLM\..comfile [open] -- "%1" %*
  305. O35 - HKLM\..exefile [open] -- "%1" %*
  306. O37 - HKLM\...com [@ = ComFile] -- "%1" %*
  307. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  308. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  309. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
  310. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  311.  
  312. NetSvcs: FastUserSwitchingCompatibility - File not found
  313. NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
  314. NetSvcs: Nla - File not found
  315. NetSvcs: Ntmssvc - File not found
  316. NetSvcs: NWCWorkstation - File not found
  317. NetSvcs: Nwsapagent - File not found
  318. NetSvcs: SRService - File not found
  319. NetSvcs: WmdmPmSp - File not found
  320. NetSvcs: LogonHours - File not found
  321. NetSvcs: PCAudit - File not found
  322. NetSvcs: helpsvc - File not found
  323. NetSvcs: uploadmgr - File not found
  324.  
  325. Drivers32: msacm.ac3acm - C:\Windows\System32\ac3acm.acm (fccHandler)
  326. Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
  327. Drivers32: msacm.lameacm - C:\Windows\System32\lameACM.acm (http://www.mp3dev.org/)
  328. Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
  329. Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
  330. Drivers32: VIDC.XVID - C:\Windows\System32\xvidvfw.dll ()
  331. Drivers32: VIDC.YV12 - C:\Windows\System32\yv12vfw.dll (www.helixcommunity.org)
  332.  
  333. CREATERESTOREPOINT
  334. Restore point Set: OTL Restore Point
  335.  
  336. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  337.  
  338. [2013.07.11 19:06:40 | 000,012,568 | ---- | C] (Sysinternals - www.sysinternals.com) -- C:\Windows\System32\drivers\PROCEXP113.SYS
  339. [2013.07.11 18:58:11 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
  340. [2013.07.11 18:56:04 | 000,000,000 | ---D | C] -- C:\Windows\temp
  341. [2013.07.11 18:42:30 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
  342. [2013.07.11 18:42:30 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
  343. [2013.07.11 18:42:30 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
  344. [2013.07.11 18:18:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
  345. [2013.07.11 18:18:04 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
  346. [2013.07.11 18:18:04 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
  347. [2013.07.11 18:11:51 | 000,000,000 | ---D | C] -- C:\Qoobox
  348. [2013.07.11 17:01:49 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
  349. [2013.06.19 08:37:18 | 000,000,000 | ---D | C] -- C:\Upload
  350. [2013.06.19 08:36:48 | 000,000,000 | ---D | C] -- C:\Users\ivo_kat\.swt
  351. [2013.06.19 08:36:36 | 000,000,000 | ---D | C] -- C:\Samsung Link
  352. [2013.06.19 08:36:36 | 000,000,000 | ---D | C] -- C:\Users\ivo_kat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Samsung
  353. [2013.06.19 08:36:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
  354. [2011.02.02 12:58:59 | 003,722,509 | ---- | C] (New IT Solutions) -- C:\Users\ivo_kat\4shared_Desktop_3.2.0.exe
  355.  
  356. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  357.  
  358. [2013.07.11 21:57:00 | 000,000,966 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-560992438-1326281723-2405471699-1000UA.job
  359. [2013.07.11 21:54:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
  360. [2013.07.11 21:36:00 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  361. [2013.07.11 21:33:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  362. [2013.07.11 19:06:40 | 000,012,568 | ---- | M] (Sysinternals - www.sysinternals.com) -- C:\Windows\System32\drivers\PROCEXP113.SYS
  363. [2013.07.11 19:02:44 | 000,013,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  364. [2013.07.11 19:02:44 | 000,013,728 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  365. [2013.07.11 18:57:59 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
  366. [2013.07.11 18:57:43 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  367. [2013.07.11 18:57:11 | 1601,052,672 | -HS- | M] () -- C:\hiberfil.sys
  368. [2013.07.11 18:18:24 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
  369. [2013.07.11 17:58:59 | 000,001,235 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
  370. [2013.07.10 14:57:00 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-560992438-1326281723-2405471699-1000Core.job
  371. [2013.07.07 20:52:22 | 000,618,714 | ---- | M] () -- C:\Windows\System32\perfh009.dat
  372. [2013.07.07 20:52:22 | 000,107,034 | ---- | M] () -- C:\Windows\System32\perfc009.dat
  373. [2013.06.22 16:35:08 | 002,137,175 | ---- | M] () -- C:\Users\ivo_kat\Desktop\20130622_163508.jpg
  374. [2013.06.20 13:56:51 | 000,002,376 | ---- | M] () -- C:\Users\ivo_kat\Desktop\Google Chrome.lnk
  375. [2013.06.19 16:43:22 | 001,884,296 | ---- | M] () -- C:\Users\ivo_kat\Desktop\20130619_164321.jpg
  376.  
  377. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  378.  
  379. [2013.07.11 18:42:30 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
  380. [2013.07.11 18:42:30 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
  381. [2013.07.11 18:42:30 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
  382. [2013.07.11 18:42:30 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
  383. [2013.07.11 18:42:30 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
  384. [2013.07.11 18:18:24 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
  385. [2013.06.23 10:21:53 | 002,137,175 | ---- | C] () -- C:\Users\ivo_kat\Desktop\20130622_163508.jpg
  386. [2013.06.23 10:19:49 | 001,884,296 | ---- | C] () -- C:\Users\ivo_kat\Desktop\20130619_164321.jpg
  387. [2013.04.15 18:53:12 | 000,046,592 | ---- | C] () -- C:\Windows\System32\boost_thread-vc90-mt-1_47.dll
  388. [2013.04.15 18:53:00 | 000,038,912 | ---- | C] () -- C:\Windows\System32\boost_date_time-vc90-mt-1_47.dll
  389. [2013.04.15 18:52:44 | 000,227,840 | ---- | C] () -- C:\Windows\System32\boost_serialization-vc90-mt-1_47.dll
  390. [2013.04.15 18:52:42 | 000,704,000 | ---- | C] () -- C:\Windows\System32\boost_regex-vc90-mt-1_47.dll
  391. [2013.04.15 18:52:40 | 000,012,800 | ---- | C] () -- C:\Windows\System32\boost_system-vc90-mt-1_47.dll
  392. [2013.04.15 18:52:24 | 000,130,048 | ---- | C] () -- C:\Windows\System32\boost_filesystem-vc90-mt-1_47.dll
  393. [2013.03.07 14:59:31 | 000,024,576 | ---- | C] () -- C:\Windows\System32\FSRremoC.DLL
  394. [2013.03.07 14:59:31 | 000,020,480 | ---- | C] () -- C:\Windows\System32\FSRremoS.EXE
  395. [2013.02.22 06:55:24 | 000,140,288 | ---- | C] () -- C:\Windows\System32\igfxtvcx.dll
  396. [2013.01.15 11:11:37 | 000,004,060 | ---- | C] () -- C:\Users\ivo_kat\AppData\Local\recently-used.xbel
  397. [2013.01.04 17:04:20 | 000,011,264 | ---- | C] () -- C:\Windows\Launcher.exe
  398. [2012.12.18 11:06:06 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
  399. [2012.12.18 11:06:06 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
  400. [2012.12.18 11:06:06 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
  401. [2012.12.18 11:06:06 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
  402. [2012.05.25 23:31:11 | 000,143,360 | ---- | C] () -- C:\Users\ivo_kat\UFile_sunplus_V1.0.4_20080619_1730.exe
  403. [2012.03.27 00:13:52 | 000,098,304 | ---- | C] () -- C:\Windows\System32\redmonnt.dll
  404. [2012.02.23 22:47:42 | 002,525,632 | ---- | C] () -- C:\Users\ivo_kat\versandpreisliste_seite2.pdf
  405. [2012.02.23 22:44:23 | 002,388,796 | ---- | C] () -- C:\Users\ivo_kat\versandpreisliste_seite1.pdf
  406. [2012.01.22 00:09:44 | 000,346,529 | ---- | C] () -- C:\Users\ivo_kat\sadrzaj_br_3.pdf
  407. [2012.01.22 00:07:37 | 000,341,936 | ---- | C] () -- C:\Users\ivo_kat\sadrzaj_br_2.pdf
  408. [2012.01.22 00:04:27 | 002,948,513 | ---- | C] () -- C:\Users\ivo_kat\Pcelarski zurnal_1.pdf
  409. [2012.01.02 23:18:45 | 000,380,000 | ---- | C] () -- C:\Users\ivo_kat\componentbreakdown.pdf
  410. [2012.01.02 16:48:36 | 000,453,580 | ---- | C] () -- C:\Users\ivo_kat\servis za pocetnike.PDF
  411. [2011.12.25 16:29:59 | 007,302,513 | ---- | C] () -- C:\Users\ivo_kat\Slovenski_cebelar_jubilejna_stevilka.pdf
  412. [2011.12.21 11:08:03 | 069,342,087 | ---- | C] () -- C:\Users\ivo_kat\Pcelar Januar 2012 Latinica.pdf
  413. [2011.12.16 00:30:39 | 002,014,653 | ---- | C] () -- C:\Users\ivo_kat\katalog.pdf
  414. [2011.12.12 10:42:35 | 000,073,606 | ---- | C] () -- C:\Users\ivo_kat\novosti11_12_4ede6884cc36c.pdf
  415. [2011.12.09 22:58:14 | 001,169,898 | ---- | C] () -- C:\Users\ivo_kat\Cjenovnik Digitalis Decembar 2011 MPC.pdf
  416. [2011.12.09 00:14:22 | 005,259,054 | ---- | C] () -- C:\Users\ivo_kat\TVRX1.pdf
  417. [2011.11.17 00:24:30 | 011,581,843 | ---- | C] () -- C:\Users\ivo_kat\varroa_unter_kontrolle.pdf
  418. [2011.11.07 20:57:44 | 000,008,232 | ---- | C] () -- C:\Users\ivo_kat\uputstvokori_tenja[1].jpg
  419. [2011.09.16 15:02:15 | 000,024,576 | ---- | C] () -- C:\Windows\System32\ZyDelReg.exe
  420. [2011.09.16 15:02:14 | 000,028,672 | ---- | C] () -- C:\Windows\System32\InsDrvZD.dll
  421. [2011.09.16 15:02:14 | 000,015,872 | ---- | C] () -- C:\Windows\System32\InsDrvZD64.DLL
  422. [2011.05.30 18:35:00 | 000,033,134 | ---- | C] () -- C:\Users\ivo_kat\AppData\Roaming\UserTile.png
  423. [2011.04.30 13:14:53 | 000,010,240 | -H-- | C] () -- C:\Users\ivo_kat\photothumb.db
  424. [2011.02.04 16:09:55 | 000,009,728 | ---- | C] () -- C:\Users\ivo_kat\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
  425. [2011.02.04 12:50:15 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
  426. [2011.02.02 12:59:00 | 004,472,261 | ---- | C] () -- C:\Users\ivo_kat\Humax 5400...[HUMAXTeam vip server]...Upd.1...19.10.2010.rar
  427. [2011.02.02 12:59:00 | 001,812,816 | ---- | C] () -- C:\Users\ivo_kat\NB4001TUSB_p5165_2509.zip
  428. [2011.02.02 12:59:00 | 000,137,527 | ---- | C] () -- C:\Users\ivo_kat\All_Updater_v[1][1].1.00.zip
  429. [2011.02.02 12:59:00 | 000,113,033 | ---- | C] () -- C:\Users\ivo_kat\FTLINK.rar
  430. [2011.02.02 12:59:00 | 000,095,616 | ---- | C] () -- C:\Users\ivo_kat\Cvetni.jpg
  431. [2011.02.02 12:59:00 | 000,046,896 | ---- | C] () -- C:\Users\ivo_kat\motor_lista_75e---30w_12.07.2010.rar
  432. [2011.02.02 12:59:00 | 000,000,916 | ---- | C] () -- C:\Users\ivo_kat\extra5.rar
  433. [2011.02.02 12:58:22 | 001,645,126 | ---- | C] () -- C:\Users\ivo_kat\STB_ManagerRC7.zip
  434. [2011.02.02 12:58:22 | 000,825,670 | ---- | C] () -- C:\Users\ivo_kat\updater_bin_PVR-SDF-SDC_ver[1]._6.00.zip
  435. [2011.02.02 12:58:22 | 000,714,823 | ---- | C] () -- C:\Users\ivo_kat\SRT5200_V9.60607_20100607_EN.zip
  436. [2011.02.02 12:58:21 | 011,528,258 | ---- | C] () -- C:\Users\ivo_kat\spirittv.zip
  437. [2011.02.02 12:58:19 | 047,774,280 | ---- | C] () -- C:\Users\ivo_kat\setup_av_free_cro.exe
  438. [2011.02.02 12:58:18 | 007,241,348 | ---- | C] () -- C:\Users\ivo_kat\NB-6000+USB_all_in_one.rar
  439.  
  440. [color=#E56717]========== ZeroAccess Check ==========[/color]
  441.  
  442. [2009.07.14 06:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
  443.  
  444. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  445.  
  446. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  447.  
  448. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  449. "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
  450. "ThreadingModel" = Apartment
  451.  
  452. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  453. "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
  454. "ThreadingModel" = Free
  455.  
  456. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  457. "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 03:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
  458. "ThreadingModel" = Both
  459.  
  460. [color=#E56717]========== LOP Check ==========[/color]
  461.  
  462. [2011.03.20 14:36:11 | 000,000,000 | ---D | M] -- C:\Users\ivo_kat\AppData\Roaming\Canneverbe Limited
  463. [2013.07.11 19:00:07 | 000,000,000 | ---D | M] -- C:\Users\ivo_kat\AppData\Roaming\Dropbox
  464. [2011.08.08 23:31:49 | 000,000,000 | ---D | M] -- C:\Users\ivo_kat\AppData\Roaming\hold
  465. [2013.06.03 20:42:34 | 000,000,000 | ---D | M] -- C:\Users\ivo_kat\AppData\Roaming\HoolappForAndroid
  466. [2013.01.12 22:18:48 | 000,000,000 | ---D | M] -- C:\Users\ivo_kat\AppData\Roaming\MOBILedit
  467. [2013.06.09 07:55:57 | 000,000,000 | ---D | M] -- C:\Users\ivo_kat\AppData\Roaming\ObviousIdea
  468. [2013.05.15 16:47:43 | 000,000,000 | ---D | M] -- C:\Users\ivo_kat\AppData\Roaming\PhotoScape
  469. [2013.05.30 12:14:35 | 000,000,000 | ---D | M] -- C:\Users\ivo_kat\AppData\Roaming\Samsung
  470. [2012.11.17 20:25:29 | 000,000,000 | ---D | M] -- C:\Users\ivo_kat\AppData\Roaming\TuneUp Software
  471.  
  472. [color=#E56717]========== Purity Check ==========[/color]
  473.  
  474.  
  475.  
  476. [color=#E56717]========== Custom Scans ==========[/color]
  477.  
  478. [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
  479. [2011.02.04 12:59:26 | 000,001,024 | ---- | M] () -- C:\.rnd
  480. [2013.03.25 14:11:38 | 000,053,430 | ---- | M] () -- C:\AdwCleaner[R1].txt
  481. [2013.03.25 14:25:01 | 000,054,298 | ---- | M] () -- C:\AdwCleaner[S1].txt
  482. [2013.04.05 21:13:07 | 000,002,548 | ---- | M] () -- C:\AdwCleaner[S2].txt
  483. [2013.04.07 20:42:02 | 000,001,326 | ---- | M] () -- C:\AdwCleaner[S3].txt
  484. [2013.04.09 12:38:18 | 000,001,386 | ---- | M] () -- C:\AdwCleaner[S4].txt
  485. [2013.07.11 17:58:59 | 000,010,544 | ---- | M] () -- C:\AdwCleaner[S5].txt
  486. [2009.06.10 23:42:20 | 000,000,024 | ---- | M] () -- C:\autoexec.bat
  487. [2010.11.20 14:40:07 | 000,383,786 | RHS- | M] () -- C:\bootmgr
  488. [2010.09.15 09:13:49 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
  489. [2013.07.11 19:06:34 | 000,021,085 | ---- | M] () -- C:\ComboFix.txt
  490. [2009.06.10 23:42:20 | 000,000,010 | ---- | M] () -- C:\config.sys
  491. [2009.08.02 10:59:51 | 000,171,136 | RHS- | M] () -- C:\grldr
  492. [2013.07.11 18:57:11 | 1601,052,672 | -HS- | M] () -- C:\hiberfil.sys
  493. [2011.08.09 11:01:48 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
  494. [2011.08.09 11:01:48 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
  495. [2013.07.11 18:57:13 | 2134,736,896 | -HS- | M] () -- C:\pagefile.sys
  496. [2013.01.16 13:06:23 | 000,000,428 | ---- | M] () -- C:\SetSearchAndHomepageInBrowserLog.txt
  497.  
  498. [color=#A23BEC]< %systemroot%\Fonts\*.com >[/color]
  499. [2009.07.14 06:52:25 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
  500. [2009.07.14 06:52:25 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
  501. [2009.07.14 06:52:25 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
  502. [2009.07.14 06:52:25 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
  503.  
  504. [color=#A23BEC]< %systemroot%\Fonts\*.dll >[/color]
  505.  
  506. [color=#A23BEC]< %systemroot%\Fonts\*.ini >[/color]
  507. [2009.06.10 23:31:19 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
  508.  
  509. [color=#A23BEC]< %systemroot%\Fonts\*.ini2 >[/color]
  510.  
  511. [color=#A23BEC]< %systemroot%\Fonts\*.exe >[/color]
  512.  
  513. [color=#A23BEC]< %systemroot%\system32\spool\prtprocs\w32x86\*.* >[/color]
  514. [2009.07.14 03:15:35 | 000,022,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\jnwppr.dll
  515. [2013.06.08 21:30:08 | 000,053,064 | ---- | M] (LogMeIn, Inc.) -- C:\Windows\system32\spool\prtprocs\w32x86\LMIproc.dll
  516. [2006.10.26 20:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\msonpppr.dll
  517. [2010.11.20 14:21:36 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\spool\prtprocs\w32x86\winprint.dll
  518.  
  519. [color=#A23BEC]< %systemroot%\REPAIR\*.bak1 >[/color]
  520.  
  521. [color=#A23BEC]< %systemroot%\REPAIR\*.ini >[/color]
  522.  
  523. [color=#A23BEC]< %systemroot%\system32\*.jpg >[/color]
  524.  
  525. [color=#A23BEC]< %systemroot%\*.jpg >[/color]
  526.  
  527. [color=#A23BEC]< %systemroot%\*.png >[/color]
  528.  
  529. [color=#A23BEC]< %systemroot%\*.scr >[/color]
  530.  
  531. [color=#A23BEC]< %systemroot%\*._sy >[/color]
  532.  
  533. [color=#A23BEC]< %APPDATA%\Adobe\Update\*.* >[/color]
  534.  
  535. [color=#A23BEC]< %ALLUSERSPROFILE%\Favorites\*.* >[/color]
  536.  
  537. [color=#A23BEC]< %APPDATA%\Microsoft\*.* >[/color]
  538.  
  539. [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color]
  540. [2009.07.14 06:41:57 | 000,000,174 | -HS- | M] () -- C:\Program Files\desktop.ini
  541.  
  542. [color=#A23BEC]< %APPDATA%\Update\*.* >[/color]
  543.  
  544. [color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
  545.  
  546. [color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
  547.  
  548. [color=#A23BEC]< %PROGRAMFILES%\bak. /s >[/color]
  549.  
  550. [color=#A23BEC]< %systemroot%\system32\bak. /s >[/color]
  551.  
  552. [color=#A23BEC]< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >[/color]
  553.  
  554. [color=#A23BEC]< %systemroot%\system32\config\systemprofile\*.dat /x >[/color]
  555.  
  556. [color=#A23BEC]< %systemroot%\*.config >[/color]
  557.  
  558. [color=#A23BEC]< %systemroot%\system32\*.db >[/color]
  559.  
  560. [color=#A23BEC]< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >[/color]
  561. [2011.03.31 09:08:48 | 000,000,221 | -HS- | M] () -- C:\Users\ivo_kat\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
  562.  
  563. [color=#A23BEC]< %USERPROFILE%\Desktop\*.exe >[/color]
  564. [2008.04.26 17:57:00 | 001,433,546 | ---- | M] (Porodica Tot ) -- C:\Users\ivo_kat\Desktop\SetupPcele.exe
  565.  
  566. [color=#A23BEC]< %PROGRAMFILES%\Common Files\*.* >[/color]
  567.  
  568. [color=#A23BEC]< %systemroot%\*.src >[/color]
  569.  
  570. [color=#A23BEC]< %systemroot%\install\*.* >[/color]
  571.  
  572. [color=#A23BEC]< %systemroot%\system32\DLL\*.* >[/color]
  573.  
  574. [color=#A23BEC]< %systemroot%\system32\HelpFiles\*.* >[/color]
  575.  
  576. [color=#A23BEC]< %systemroot%\system32\rundll\*.* >[/color]
  577.  
  578. [color=#A23BEC]< %systemroot%\winn32\*.* >[/color]
  579.  
  580. [color=#A23BEC]< %systemroot%\Java\*.* >[/color]
  581.  
  582. [color=#A23BEC]< %systemroot%\system32\test\*.* >[/color]
  583.  
  584. [color=#A23BEC]< %systemroot%\system32\Rundll32\*.* >[/color]
  585.  
  586. [color=#A23BEC]< %systemroot%\AppPatch\Custom\*.* >[/color]
  587.  
  588. [color=#A23BEC]< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >[/color]
  589.  
  590. [color=#A23BEC]< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >[/color]
  591.  
  592. [color=#A23BEC]< %PROGRAMFILES%\Internet Explorer\*.tmp >[/color]
  593.  
  594. [color=#A23BEC]< %PROGRAMFILES%\Internet Explorer\*.dat >[/color]
  595.  
  596. [color=#A23BEC]< %USERPROFILE%\My Documents\*.exe >[/color]
  597.  
  598. [color=#A23BEC]< %USERPROFILE%\*.exe >[/color]
  599. [2010.06.01 08:30:21 | 003,722,509 | ---- | M] (New IT Solutions) -- C:\Users\ivo_kat\4shared_Desktop_3.2.0.exe
  600. [2010.06.16 14:06:05 | 047,774,280 | ---- | M] () -- C:\Users\ivo_kat\setup_av_free_cro.exe
  601. [2008.06.19 17:28:34 | 000,143,360 | ---- | M] () -- C:\Users\ivo_kat\UFile_sunplus_V1.0.4_20080619_1730.exe
  602.  
  603. [color=#A23BEC]< %systemroot%\ADDINS\*.* >[/color]
  604. [2009.06.10 23:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\ADDINS\FXSEXT.ecf
  605.  
  606. [color=#A23BEC]< %systemroot%\assembly\*.bak2 >[/color]
  607.  
  608. [color=#A23BEC]< %systemroot%\Config\*.* >[/color]
  609.  
  610. [color=#A23BEC]< %systemroot%\REPAIR\*.bak2 >[/color]
  611.  
  612. [color=#A23BEC]< %systemroot%\SECURITY\Database\*.sdb /x >[/color]
  613. [2011.06.30 09:13:25 | 000,008,192 | ---- | M] () -- C:\Windows\SECURITY\Database\edb.chk
  614. [2011.06.30 09:13:25 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edb.log
  615. [2011.06.30 09:13:25 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edbres00001.jrs
  616. [2011.06.30 09:13:25 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edbres00002.jrs
  617. [2011.06.30 09:13:25 | 000,786,432 | ---- | M] () -- C:\Windows\SECURITY\Database\edbtmp.log
  618. [2011.06.30 09:13:25 | 001,056,768 | ---- | M] () -- C:\Windows\SECURITY\Database\tmp.edb
  619.  
  620. [color=#A23BEC]< %systemroot%\SYSTEM\*.bak2 >[/color]
  621.  
  622. [color=#A23BEC]< %systemroot%\Web\*.bak2 >[/color]
  623.  
  624. [color=#A23BEC]< %systemroot%\Driver Cache\*.* >[/color]
  625.  
  626. [color=#A23BEC]< %PROGRAMFILES%\Mozilla Firefox\0*.exe >[/color]
  627.  
  628. [color=#A23BEC]< %ProgramFiles%\Microsoft Common\*.* >[/color]
  629.  
  630. [color=#A23BEC]< %ProgramFiles%\TinyProxy. >[/color]
  631.  
  632. [color=#A23BEC]< %USERPROFILE%\Favorites\*.url /x >[/color]
  633. [2013.05.15 15:37:42 | 000,000,402 | -HS- | M] () -- C:\Users\ivo_kat\Favorites\desktop.ini
  634.  
  635. [color=#A23BEC]< %systemroot%\System32\Wbem\*.exe >[/color]
  636. [2009.07.14 03:14:24 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\mofcomp.exe
  637. [2009.07.14 03:14:35 | 000,042,496 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\scrcons.exe
  638. [2009.07.14 03:14:43 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\unsecapp.exe
  639. [2009.07.14 03:14:44 | 000,174,080 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\wbemtest.exe
  640. [2009.07.14 03:14:45 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\WinMgmt.exe
  641. [2009.07.14 03:14:46 | 000,115,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\WMIADAP.exe
  642. [2009.07.14 03:14:46 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\WmiApSrv.exe
  643. [2009.07.14 03:14:46 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\WMIC.exe
  644. [2010.11.20 14:17:55 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\WmiPrvSE.exe
  645.  
  646. [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color]
  647.  
  648. [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color]
  649. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2013-07-05 09:45:25
  650.  
  651. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!