API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 19th, 2013
391
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 44.36 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 19.7.2013 16:14:28 - Run 1
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Đurić\Desktop
  3. Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
  4. Internet Explorer (Version = 8.0.6001.18702)
  5. Locale: 0000041A | Country: Croatia | Language: HRV | Date Format: d.M.yyyy
  6.  
  7. 1,87 Gb Total Physical Memory | 1,19 Gb Available Physical Memory | 63,42% Memory free
  8. 3,72 Gb Paging File | 3,03 Gb Available in Paging File | 81,43% Paging File free
  9. Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
  12. Drive C: | 97,65 Gb Total Space | 74,85 Gb Free Space | 76,64% Space Free | Partition Type: NTFS
  13. Drive D: | 200,43 Gb Total Space | 111,11 Gb Free Space | 55,44% Space Free | Partition Type: NTFS
  14. Drive G: | 7,39 Gb Total Space | 7,21 Gb Free Space | 97,54% Space Free | Partition Type: FAT32
  15.  
  16. Computer Name: CDT | User Name: Đurić | Logged in as Administrator.
  17. Boot Mode: Normal | Scan Mode: Current user | Quick Scan
  18. Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
  19.  
  20. [color=#E56717]========== Processes (SafeList) ==========[/color]
  21.  
  22. PRC - [2013.07.19 16:12:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Đurić\Desktop\OTL.exe
  23. PRC - [2013.07.19 11:26:16 | 000,182,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
  24. PRC - [2013.07.12 20:49:47 | 000,846,288 | ---- | M] (Google Inc.) -- C:\Documents and Settings\Đurić\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
  25. PRC - [2013.02.16 00:04:53 | 001,352,776 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe
  26. PRC - [2009.10.07 09:16:50 | 000,472,280 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
  27. PRC - [2009.10.07 09:15:42 | 001,461,080 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
  28. PRC - [2008.09.16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
  29. PRC - [2008.04.14 13:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
  30. PRC - [2008.03.20 20:23:22 | 000,083,240 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe
  31. PRC - [2008.03.19 00:18:24 | 000,496,128 | ---- | M] (Beiley Software Inc.) -- C:\Program Files\Remind-Me\RemindMe.exe
  32. PRC - [2007.12.20 14:36:50 | 000,135,168 | ---- | M] (Vimicro Corporation) -- C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe
  33. PRC - [2006.05.12 11:16:50 | 000,072,704 | ---- | M] (Autodata Limited) -- C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
  34. PRC - [2000.01.01 02:00:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
  35.  
  36.  
  37. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  38.  
  39. MOD - [2013.07.12 20:49:44 | 000,396,240 | ---- | M] () -- C:\Documents and Settings\Đurić\Local Settings\Application Data\Google\Chrome\Application\28.0.1500.72\ppgooglenaclpluginchrome.dll
  40. MOD - [2013.07.12 20:49:42 | 004,052,944 | ---- | M] () -- C:\Documents and Settings\Đurić\Local Settings\Application Data\Google\Chrome\Application\28.0.1500.72\pdf.dll
  41. MOD - [2013.07.12 20:48:49 | 001,597,392 | ---- | M] () -- C:\Documents and Settings\Đurić\Local Settings\Application Data\Google\Chrome\Application\28.0.1500.72\ffmpegsumo.dll
  42. MOD - [2008.04.14 13:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
  43. MOD - [2008.04.14 13:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
  44.  
  45.  
  46. [color=#E56717]========== Services (SafeList) ==========[/color]
  47.  
  48. SRV - [2013.07.19 11:26:16 | 000,182,184 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
  49. SRV - [2013.07.05 21:55:37 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
  50. SRV - [2013.06.21 09:53:36 | 000,162,408 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
  51. SRV - [2009.10.07 09:21:14 | 000,020,680 | ---- | M] (ESET) [On_Demand | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe -- (EhttpSrv)
  52. SRV - [2009.10.07 09:16:50 | 000,472,280 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
  53. SRV - [2009.10.01 11:38:01 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
  54. SRV - [2008.09.16 12:03:18 | 000,169,312 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor7.0)
  55. SRV - [2006.05.12 11:16:50 | 000,072,704 | ---- | M] (Autodata Limited) [Auto | Running] -- C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe -- (Autodata Limited License Service)
  56. SRV - [2000.01.01 02:00:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
  57.  
  58.  
  59. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  60.  
  61. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
  62. DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\LV561AV.SYS -- (PID_0928)
  63. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
  64. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
  65. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
  66. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
  67. DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
  68. DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\LVUSBSta.sys -- (LVUSBSta)
  69. DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
  70. DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
  71. DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
  72. DRV - [2010.01.12 17:42:54 | 000,252,928 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\VMUVC.sys -- (VMUVC)
  73. DRV - [2009.10.07 09:18:36 | 000,035,168 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\epfwtdir.sys -- (epfwtdir)
  74. DRV - [2009.10.07 09:12:22 | 000,054,184 | ---- | M] (ESET) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\easdrv.sys -- (easdrv)
  75. DRV - [2009.10.07 09:11:10 | 000,040,824 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\eamon.sys -- (eamon)
  76. DRV - [2009.02.06 13:25:42 | 000,100,736 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\nvatabus.sys -- (nvatabus)
  77. DRV - [2008.07.01 11:12:32 | 000,398,720 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\vvftUVC.sys -- (vvftUVC)
  78. DRV - [2008.02.01 17:24:04 | 000,041,456 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files\CyberLink\PowerDVD8\000.fcl -- ({FE4C91E7-22C2-4D0C-9F6B-82F1B7742054})
  79. DRV - [2006.06.19 05:37:34 | 000,036,864 | ---- | M] (Advanced Micro Devices) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\AmdK8.sys -- (AmdK8)
  80. DRV - [2000.01.01 02:00:00 | 006,141,584 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService)
  81. DRV - [2000.01.01 02:00:00 | 001,691,480 | ---- | M] (Creative) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Ambfilt.sys -- (Ambfilt)
  82. DRV - [2000.01.01 02:00:00 | 001,395,800 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Monfilt.sys -- (Monfilt)
  83. DRV - [2000.01.01 02:00:00 | 000,168,040 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\nvgts.sys -- (nvgts)
  84. DRV - [2000.01.01 02:00:00 | 000,070,912 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NVENETFD.sys -- (NVENETFD)
  85. DRV - [2000.01.01 02:00:00 | 000,013,824 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nvnetbus.sys -- (nvnetbus)
  86. DRV - [1999.09.10 12:06:00 | 000,025,244 | ---- | M] (Adaptec) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\ASPI32.SYS -- (ASPI32)
  87.  
  88.  
  89. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  90.  
  91.  
  92. [color=#E56717]========== Internet Explorer ==========[/color]
  93.  
  94. IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  95. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
  96.  
  97. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/1ewenusDefaultPack/UP97_FRPage
  98. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
  99. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = hr
  100. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 86 4E 75 ED 2B E1 CD 01 [binary data]
  101. IE - HKCU\Software\Microsoft\Internet Explorer\SearchURL\g, = http://www.google.com/search?q=%s
  102. IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  103. IE - HKCU\..\SearchScopes\{00C1499D-5976-463F-BB0F-287EF3F210C0}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
  104. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
  105. IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
  106. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  107.  
  108. [color=#E56717]========== FireFox ==========[/color]
  109.  
  110. FF - prefs.js..browser.search.defaultenginename: "Bing "
  111. FF - prefs.js..browser.search.defaultthis.engineName: " "
  112. FF - prefs.js..browser.search.defaulturl: "http://search.conduit.com/ResultsExt.aspx?ctid=CT2786678&SearchSource=3&q={searchTerms}"
  113. FF - prefs.js..browser.search.order.3: "Bing "
  114. FF - prefs.js..browser.search.selectedEngine: "Bing "
  115. FF - prefs.js..browser.startup.homepage: "http://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=071413"
  116. FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0
  117. FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0
  118. FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
  119. FF - prefs.js..extensions.enabledItems: elemhidehelper@adblockplus.org:1.1.1
  120. FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
  121. FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
  122. FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
  123. FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
  124. FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=UP97DF&PC=UP97&dt=071413&q="
  125. FF - user.js - File not found
  126.  
  127. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
  128. FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
  129. FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
  130. FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
  131. FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
  132. FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
  133. FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpWinExt,version=4.0: C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
  134. FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
  135. FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.69: C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
  136. FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
  137. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
  138. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
  139. FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.3: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
  140. FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
  141. FF - HKLM\Software\MozillaPlugins\yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1: C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
  142. FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Documents and Settings\Đurić\Application Data\Facebook\npfbplugin_1_0_3.dll ( )
  143. FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Đurić\Local Settings\Application Data\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
  144. FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Đurić\Local Settings\Application Data\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
  145.  
  146. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.06.09 16:34:40 | 000,000,000 | ---D | M]
  147. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\msntoolbar@msn.com: C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\Firefox [2011.06.09 16:35:43 | 000,000,000 | ---D | M]
  148. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011.06.09 16:35:46 | 000,000,000 | ---D | M]
  149. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.07.05 21:55:17 | 000,000,000 | ---D | M]
  150. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.07.19 13:45:15 | 000,000,000 | ---D | M]
  151. FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.06.09 16:34:40 | 000,000,000 | ---D | M]
  152.  
  153. [2009.11.06 21:39:42 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Đurić\Application Data\Mozilla\Extensions
  154. [2013.05.10 06:13:59 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Đurić\Application Data\Mozilla\Firefox\Profiles\f1i8eks7.default\extensions
  155. [2012.07.06 16:35:38 | 000,123,385 | ---- | M] () (No name found) -- C:\Documents and Settings\Đurić\Application Data\Mozilla\Firefox\Profiles\f1i8eks7.default\extensions\elemhidehelper@adblockplus.org.xpi
  156. [2013.05.10 06:13:59 | 000,870,680 | ---- | M] () (No name found) -- C:\Documents and Settings\Đurić\Application Data\Mozilla\Firefox\Profiles\f1i8eks7.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
  157. [2013.07.14 20:29:45 | 000,002,402 | ---- | M] () -- C:\Documents and Settings\Đurić\Application Data\Mozilla\Firefox\Profiles\f1i8eks7.default\searchplugins\bingp.xml
  158. [2011.06.20 14:07:48 | 000,000,863 | ---- | M] () -- C:\Documents and Settings\Đurić\Application Data\Mozilla\Firefox\Profiles\f1i8eks7.default\searchplugins\conduit.xml
  159. [2013.07.05 21:55:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
  160. [2013.07.05 21:55:39 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
  161. [2010.05.25 10:15:32 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
  162. [2009.11.06 17:37:19 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
  163. [2009.11.06 17:37:20 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
  164. [2007.03.10 01:16:44 | 000,189,496 | ---- | M] (Yahoo! Inc.) -- C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll
  165.  
  166. [color=#E56717]========== Chrome ==========[/color]
  167.  
  168. CHR - default_search_provider: Google (Enabled)
  169. CHR - default_search_provider: search_url = http://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t
  170. CHR - default_search_provider: suggest_url = http://suggestqueries.google.com/complete/search?q={searchTerms}
  171. CHR - homepage: http://www.msn.com/?pc=UP97&ocid=UP97DHP&dt=071413
  172. CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\\u0110uri\u0107\Local Settings\Application Data\Google\Chrome\User Data\PepperFlash\11.7.700.202\pepflashplayer.dll
  173. CHR - plugin: Chrome Remote Desktop Viewer (Disabled) = internal-remoting-viewer
  174. CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\\u0110uri\u0107\Local Settings\Application Data\Google\Chrome\Application\28.0.1500.72\ppGoogleNaClPluginChrome.dll
  175. CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\\u0110uri\u0107\Local Settings\Application Data\Google\Chrome\Application\28.0.1500.72\pdf.dll
  176. CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
  177. CHR - plugin: Coupons Inc., Coupon Printer Manager (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
  178. CHR - plugin: Coupons Inc., Coupon Printer Manager (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
  179. CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Disabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
  180. CHR - plugin: RealJukebox NS Plugin (Disabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
  181. CHR - plugin: RealPlayer Download Plugin (Disabled) = C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll
  182. CHR - plugin: Yahoo! activeX Plug-in Bridge (Disabled) = C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll
  183. CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
  184. CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Disabled) = C:\Program Files\Windows Media Player\npdsplay.dll
  185. CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
  186. CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) (Disabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
  187. CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Disabled) = C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
  188. CHR - plugin: Facebook Plugin (Disabled) = C:\Documents and Settings\\u0110uri\u0107\Application Data\Facebook\npfbplugin_1_0_3.dll
  189. CHR - plugin: Google Update (Disabled) = C:\Documents and Settings\\u0110uri\u0107\Local Settings\Application Data\Google\Update\1.3.21.145\npGoogleUpdate3.dll
  190. CHR - plugin: Google Earth Plugin (Disabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
  191. CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
  192. CHR - plugin: Java(TM) Platform SE 7 U9 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
  193. CHR - plugin: RealPlayer Version Plugin (Disabled) = C:\Program Files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
  194. CHR - plugin: MSN\u00AE Toolbar (Disabled) = C:\Program Files\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll
  195. CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
  196. CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
  197. CHR - plugin: Windows Presentation Foundation (Enabled) = C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
  198. CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw_1202122.dll
  199. CHR - plugin: Shockwave Flash (Disabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll
  200. CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\WINDOWS\system32\npDeployJava1.dll
  201. CHR - Extension: Google Docs = C:\Documents and Settings\Đurić\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
  202. CHR - Extension: Google Drive = C:\Documents and Settings\Đurić\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
  203. CHR - Extension: YouTube = C:\Documents and Settings\Đurić\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
  204. CHR - Extension: Google Search = C:\Documents and Settings\Đurić\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
  205. CHR - Extension: AdBlock = C:\Documents and Settings\Đurić\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0\
  206. CHR - Extension: Skype Extension = C:\Documents and Settings\Đurić\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.3.0.7550_0\
  207. CHR - Extension: Gmail = C:\Documents and Settings\Đurić\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
  208.  
  209. O1 HOSTS File: ([2012.08.11 16:32:36 | 000,000,098 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\Hosts
  210. O1 - Hosts: 127.0.0.1 localhost
  211. O1 - Hosts: ::1 localhost
  212. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
  213. O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
  214. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
  215. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
  216. O4 - HKLM..\Run: [egui] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (ESET)
  217. O4 - HKLM..\Run: [PDVD8LanguageShortcut] C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe ()
  218. O4 - HKLM..\Run: [RemoteControl8] C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe (Cyberlink Corp.)
  219. O4 - HKLM..\Run: [Vistadrv] C:\Program Files\VistaDrives\vsdrv.exe ()
  220. O4 - HKLM..\Run: [VMonitorVMUVC] C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe (Vimicro Corporation)
  221. O4 - Startup: C:\Documents and Settings\Đurić\Start Menu\Programs\Startup\RemindMe.lnk = C:\Program Files\Remind-Me\RemindMe.exe (Beiley Software Inc.)
  222. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
  223. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
  224. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMConfigurePrograms = 1
  225. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSMHelp = 01 00 00 00 [binary data]
  226. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 01 00 00 00 [binary data]
  227. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogoff = 0
  228. O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
  229. O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
  230. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
  231. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A37DAC44-5023-4478-84AE-31B382D1CB5D}: DhcpNameServer = 192.168.1.1
  232. O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
  233. O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
  234. O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
  235. O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
  236. O24 - Desktop WallPaper: C:\Documents and Settings\Đurić\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
  237. O24 - Desktop BackupWallPaper: C:\Documents and Settings\Đurić\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
  238. O32 - HKLM CDRom: AutoRun - 1
  239. O32 - AutoRun File - [2009.10.01 10:50:19 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
  240. O34 - HKLM BootExecute: (autocheck autochk *)
  241. O35 - HKLM\..comfile [open] -- "%1" %*
  242. O35 - HKLM\..exefile [open] -- "%1" %*
  243. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  244. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  245. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  246. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
  247.  
  248. NetSvcs: 6to4 - File not found
  249. NetSvcs: Ias - File not found
  250. NetSvcs: Iprip - File not found
  251. NetSvcs: Irmon - File not found
  252. NetSvcs: NWCWorkstation - File not found
  253. NetSvcs: Nwsapagent - File not found
  254. NetSvcs: WmdmPmSp - File not found
  255.  
  256. Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
  257. Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
  258. Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
  259. Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
  260. Drivers32: MSVideo - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
  261. Drivers32: MSVideo8 - C:\WINDOWS\System32\vfwwdm32.dll (Microsoft Corporation)
  262. Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
  263. Drivers32: vidc.ffds - C:\WINDOWS\System32\ff_vfw.dll ()
  264. Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
  265. Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
  266. Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
  267. Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
  268.  
  269. CREATERESTOREPOINT
  270. Restore point Set: OTL Restore Point
  271.  
  272. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  273.  
  274. [2013.07.19 16:12:43 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Đurić\Desktop\OTL.exe
  275. [2013.07.19 12:30:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Đurić\Start Menu\Programs\CyberLink PowerDVD 8
  276. [2013.07.19 12:00:09 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Đurić\Recent
  277. [2013.07.05 21:55:17 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
  278. [2009.10.01 13:05:13 | 000,047,360 | ---- | C] (VSO Software) -- C:\Documents and Settings\Đurić\Application Data\pcouffin.sys
  279.  
  280. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  281.  
  282. [2013.07.19 16:13:00 | 000,001,028 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-583907252-1682526488-1801674531-1003UA.job
  283. [2013.07.19 16:12:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Đurić\Desktop\OTL.exe
  284. [2013.07.19 15:44:00 | 000,000,934 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
  285. [2013.07.19 14:15:29 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
  286. [2013.07.19 12:29:53 | 000,000,278 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeLogonTaskS-1-5-21-583907252-1682526488-1801674531-1003.job
  287. [2013.07.19 12:29:52 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\RealUpgradeScheduledTaskS-1-5-21-583907252-1682526488-1801674531-1003.job
  288. [2013.07.19 12:29:24 | 000,000,930 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
  289. [2013.07.19 12:29:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
  290. [2013.07.19 12:29:12 | 2011,680,768 | -HS- | M] () -- C:\hiberfil.sys
  291. [2013.07.19 11:57:04 | 000,000,211 | -HS- | M] () -- C:\boot.ini
  292. [2013.07.19 11:03:46 | 000,000,422 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{851352E7-9810-4FCD-8147-8EEB829A56D0}.job
  293. [2013.07.18 20:13:00 | 000,000,976 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-583907252-1682526488-1801674531-1003Core.job
  294. [2013.07.16 20:16:46 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
  295. [2013.07.13 12:12:07 | 000,002,309 | ---- | M] () -- C:\Documents and Settings\Đurić\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
  296. [2013.07.13 12:12:07 | 000,002,291 | ---- | M] () -- C:\Documents and Settings\Đurić\Desktop\Google Chrome.lnk
  297. [2013.07.11 21:32:44 | 000,463,616 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
  298. [2013.07.11 16:21:12 | 000,435,870 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
  299. [2013.07.11 16:21:12 | 000,068,766 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
  300.  
  301. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  302.  
  303. [2012.10.26 21:30:03 | 000,010,084 | ---- | C] () -- C:\WINDOWS\System32\drivers\nvphy.bin
  304. [2012.10.26 21:24:20 | 000,025,548 | ---- | C] () -- C:\WINDOWS\System32\drivers\RTAIODAT.DAT
  305. [2012.08.11 17:45:27 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
  306. [2012.08.11 17:45:27 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
  307. [2012.08.11 17:45:27 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
  308. [2012.08.11 17:44:48 | 002,816,504 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
  309. [2012.02.16 19:25:34 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
  310. [2009.10.01 13:49:03 | 000,100,352 | ---- | C] () -- C:\Documents and Settings\Đurić\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
  311. [2009.10.01 13:07:52 | 000,001,044 | ---- | C] () -- C:\Documents and Settings\Đurić\Application Data\vso_ts_preview.xml
  312. [2009.10.01 13:05:13 | 000,087,608 | ---- | C] () -- C:\Documents and Settings\Đurić\Application Data\inst.exe
  313. [2009.10.01 13:05:13 | 000,007,887 | ---- | C] () -- C:\Documents and Settings\Đurić\Application Data\pcouffin.cat
  314. [2009.10.01 13:05:13 | 000,001,144 | ---- | C] () -- C:\Documents and Settings\Đurić\Application Data\pcouffin.inf
  315.  
  316. [color=#E56717]========== ZeroAccess Check ==========[/color]
  317.  
  318. [2009.10.01 11:20:03 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
  319.  
  320. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  321.  
  322. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  323.  
  324. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  325. "" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 13:00:00 | 001,499,136 | ---- | M] (Microsoft Corporation)
  326. "ThreadingModel" = Apartment
  327.  
  328. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  329. "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 14:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
  330. "ThreadingModel" = Free
  331.  
  332. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  333. "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
  334. "ThreadingModel" = Both
  335.  
  336. [color=#E56717]========== LOP Check ==========[/color]
  337.  
  338. [2009.10.01 11:58:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Autodesk
  339. [2012.12.23 18:36:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
  340. [2009.10.01 11:25:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ConeXware
  341. [2011.07.27 09:28:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Easybits GO
  342. [2009.10.01 13:47:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
  343. [2011.06.09 21:05:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\espionServerData
  344. [2010.04.04 12:54:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Fallout2
  345. [2009.10.01 12:40:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GrebleSoft
  346. [2011.06.28 21:13:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MAGIX
  347. [2011.06.30 13:20:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MSScanAppDataDir
  348. [2011.06.30 13:20:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
  349. [2012.12.28 15:50:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
  350. [2009.10.01 12:14:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\UDL
  351. [2011.06.28 23:09:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
  352. [2012.08.23 11:26:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Web Installer
  353. [2009.10.01 13:02:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Đurić\Application Data\5imyshow.Ltd
  354. [2009.10.01 11:58:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Đurić\Application Data\Autodesk
  355. [2011.03.06 18:29:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Đurić\Application Data\EPSON
  356. [2012.12.25 22:53:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Đurić\Application Data\EuroTalk
  357. [2010.05.25 21:40:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Đurić\Application Data\Facebook
  358. [2011.07.27 09:28:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Đurić\Application Data\go
  359. [2009.10.01 13:01:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Đurić\Application Data\JLC's Software
  360. [2012.12.28 15:50:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Đurić\Application Data\langmaster.com
  361. [2010.12.29 23:47:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Đurić\Application Data\LimeWire
  362. [2009.10.01 12:47:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Đurić\Application Data\MAGIX
  363. [2012.08.08 23:02:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Đurić\Application Data\Oracle
  364. [2011.09.18 21:17:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Đurić\Application Data\PriceGong
  365. [2009.10.01 12:40:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Đurić\Application Data\Remind-Me
  366. [2011.01.01 12:51:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Đurić\Application Data\Spacejock Software
  367. [2011.06.28 23:09:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Đurić\Application Data\Ulead Systems
  368. [2012.10.26 21:11:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Đurić\Application Data\uTorrent
  369. [2012.05.25 21:52:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Đurić\Application Data\Vso
  370. [2009.10.01 12:28:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Đurić\Application Data\WeatherWatcher
  371.  
  372. [color=#E56717]========== Purity Check ==========[/color]
  373.  
  374.  
  375.  
  376. [color=#E56717]========== Custom Scans ==========[/color]
  377.  
  378. [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
  379. [2003.04.11 19:42:24 | 000,002,366 | ---- | M] () -- C:\1.03readme.txt
  380. [2003.06.15 17:33:42 | 000,005,903 | ---- | M] () -- C:\1.04readme.txt
  381. [2011.06.09 21:05:08 | 000,000,000 | ---- | M] () -- C:\AdobeDebug.txt
  382. [2009.10.01 10:50:19 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
  383. [2013.07.19 11:57:04 | 000,000,211 | -HS- | M] () -- C:\boot.ini
  384. [1999.07.16 02:28:20 | 000,000,615 | ---- | M] () -- C:\Children Readme.txt
  385. [2009.10.01 10:50:19 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
  386. [2009.10.01 12:30:44 | 000,001,961 | ---- | M] () -- C:\ErrLog.txt
  387. [2013.07.19 12:29:12 | 2011,680,768 | -HS- | M] () -- C:\hiberfil.sys
  388. [2009.10.01 10:50:19 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
  389. [2009.10.01 10:50:19 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
  390. [2008.04.14 13:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
  391. [2008.04.14 13:00:00 | 000,250,048 | RHS- | M] () -- C:\ntldr
  392. [2013.07.19 12:29:10 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys
  393.  
  394. [color=#A23BEC]< %systemroot%\Fonts\*.com >[/color]
  395. [2006.04.18 15:39:28 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
  396. [2006.06.29 14:53:56 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
  397. [2006.04.18 15:39:28 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
  398. [2006.06.29 14:58:52 | 000,030,808 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
  399.  
  400. [color=#A23BEC]< %systemroot%\Fonts\*.dll >[/color]
  401.  
  402. [color=#A23BEC]< %systemroot%\Fonts\*.ini >[/color]
  403. [2009.10.01 10:49:59 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
  404.  
  405. [color=#A23BEC]< %systemroot%\Fonts\*.ini2 >[/color]
  406.  
  407. [color=#A23BEC]< %systemroot%\Fonts\*.exe >[/color]
  408.  
  409. [color=#A23BEC]< %systemroot%\system32\spool\prtprocs\w32x86\*.* >[/color]
  410. [2008.07.06 14:06:10 | 000,089,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
  411. [2010.01.06 14:23:24 | 000,319,488 | ---- | M] (Hewlett-Packard Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\hpfpp101.dll
  412. [2006.10.26 19:58:12 | 000,030,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
  413. [2006.10.26 19:56:12 | 000,033,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll
  414. [2008.07.06 12:50:03 | 000,597,504 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\printfilterpipelinesvc.exe
  415.  
  416. [color=#A23BEC]< %systemroot%\REPAIR\*.bak1 >[/color]
  417.  
  418. [color=#A23BEC]< %systemroot%\REPAIR\*.ini >[/color]
  419.  
  420. [color=#A23BEC]< %systemroot%\system32\*.jpg >[/color]
  421.  
  422. [color=#A23BEC]< %systemroot%\*.jpg >[/color]
  423.  
  424. [color=#A23BEC]< %systemroot%\*.png >[/color]
  425.  
  426. [color=#A23BEC]< %systemroot%\*.scr >[/color]
  427.  
  428. [color=#A23BEC]< %systemroot%\*._sy >[/color]
  429.  
  430. [color=#A23BEC]< %APPDATA%\Adobe\Update\*.* >[/color]
  431.  
  432. [color=#A23BEC]< %ALLUSERSPROFILE%\Favorites\*.* >[/color]
  433.  
  434. [color=#A23BEC]< %APPDATA%\Microsoft\*.* >[/color]
  435.  
  436. [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color]
  437.  
  438. [color=#A23BEC]< %APPDATA%\Update\*.* >[/color]
  439.  
  440. [color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
  441.  
  442. [color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
  443. [2009.10.01 12:37:18 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
  444. [2009.10.01 12:37:18 | 001,089,536 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
  445. [2009.10.01 12:37:18 | 000,897,024 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
  446.  
  447. [color=#A23BEC]< %PROGRAMFILES%\bak. /s >[/color]
  448.  
  449. [color=#A23BEC]< %systemroot%\system32\bak. /s >[/color]
  450.  
  451. [color=#A23BEC]< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >[/color]
  452. [2009.10.01 10:50:19 | 000,000,294 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini
  453.  
  454. [color=#A23BEC]< %systemroot%\system32\config\systemprofile\*.dat /x >[/color]
  455.  
  456. [color=#A23BEC]< %systemroot%\*.config >[/color]
  457.  
  458. [color=#A23BEC]< %systemroot%\system32\*.db >[/color]
  459.  
  460. [color=#A23BEC]< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >[/color]
  461. [2009.10.01 10:55:31 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Đurić\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
  462. [2013.03.29 15:25:52 | 000,000,385 | ---- | M] () -- C:\Documents and Settings\Đurić\Application Data\Microsoft\Internet Explorer\Quick Launch\Prečac.txt
  463. [2009.10.01 10:55:30 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Đurić\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
  464.  
  465. [color=#A23BEC]< %USERPROFILE%\Desktop\*.exe >[/color]
  466. [2013.07.19 16:12:33 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Đurić\Desktop\OTL.exe
  467.  
  468. [color=#A23BEC]< %PROGRAMFILES%\Common Files\*.* >[/color]
  469.  
  470. [color=#A23BEC]< %systemroot%\*.src >[/color]
  471.  
  472. [color=#A23BEC]< %systemroot%\install\*.* >[/color]
  473.  
  474. [color=#A23BEC]< %systemroot%\system32\DLL\*.* >[/color]
  475.  
  476. [color=#A23BEC]< %systemroot%\system32\HelpFiles\*.* >[/color]
  477.  
  478. [color=#A23BEC]< %systemroot%\system32\rundll\*.* >[/color]
  479.  
  480. [color=#A23BEC]< %systemroot%\winn32\*.* >[/color]
  481.  
  482. [color=#A23BEC]< %systemroot%\Java\*.* >[/color]
  483.  
  484. [color=#A23BEC]< %systemroot%\system32\test\*.* >[/color]
  485.  
  486. [color=#A23BEC]< %systemroot%\system32\Rundll32\*.* >[/color]
  487.  
  488. [color=#A23BEC]< %systemroot%\AppPatch\Custom\*.* >[/color]
  489.  
  490. [color=#A23BEC]< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >[/color]
  491.  
  492. [color=#A23BEC]< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >[/color]
  493.  
  494. [color=#A23BEC]< %PROGRAMFILES%\Internet Explorer\*.tmp >[/color]
  495.  
  496. [color=#A23BEC]< %PROGRAMFILES%\Internet Explorer\*.dat >[/color]
  497.  
  498. [color=#A23BEC]< %USERPROFILE%\My Documents\*.exe >[/color]
  499.  
  500. [color=#A23BEC]< %USERPROFILE%\*.exe >[/color]
  501.  
  502. [color=#A23BEC]< %systemroot%\ADDINS\*.* >[/color]
  503.  
  504. [color=#A23BEC]< %systemroot%\assembly\*.bak2 >[/color]
  505.  
  506. [color=#A23BEC]< %systemroot%\Config\*.* >[/color]
  507.  
  508. [color=#A23BEC]< %systemroot%\REPAIR\*.bak2 >[/color]
  509.  
  510. [color=#A23BEC]< %systemroot%\SECURITY\Database\*.sdb /x >[/color]
  511.  
  512. [color=#A23BEC]< %systemroot%\SYSTEM\*.bak2 >[/color]
  513.  
  514. [color=#A23BEC]< %systemroot%\Web\*.bak2 >[/color]
  515.  
  516. [color=#A23BEC]< %systemroot%\Driver Cache\*.* >[/color]
  517.  
  518. [color=#A23BEC]< %PROGRAMFILES%\Mozilla Firefox\0*.exe >[/color]
  519.  
  520. [color=#A23BEC]< %ProgramFiles%\Microsoft Common\*.* >[/color]
  521.  
  522. [color=#A23BEC]< %ProgramFiles%\TinyProxy. >[/color]
  523.  
  524. [color=#A23BEC]< %USERPROFILE%\Favorites\*.url /x >[/color]
  525. [2009.10.01 10:55:30 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Đurić\Favorites\Desktop.ini
  526.  
  527. [color=#A23BEC]< %systemroot%\System32\Wbem\*.exe >[/color]
  528. [2008.04.14 13:00:00 | 000,016,384 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Wbem\mofcomp.exe
  529. [2008.04.14 13:00:00 | 000,036,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Wbem\scrcons.exe
  530. [2008.04.14 13:00:00 | 000,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Wbem\unsecapp.exe
  531. [2008.04.14 13:00:00 | 000,116,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Wbem\wbemtest.exe
  532. [2008.04.14 13:00:00 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Wbem\winmgmt.exe
  533. [2008.04.14 13:00:00 | 000,196,608 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Wbem\wmiadap.exe
  534. [2008.04.14 13:00:00 | 000,126,464 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Wbem\wmiapsrv.exe
  535. [2008.04.14 13:00:00 | 000,358,912 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Wbem\wmic.exe
  536. [2009.02.06 12:10:02 | 000,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\Wbem\wmiprvse.exe
  537.  
  538. [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color]
  539.  
  540. [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color]
  541. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2013-07-11 14:21:54
  542.  
  543. [color=#E56717]========== Alternate Data Streams ==========[/color]
  544.  
  545. @Alternate Data Stream - 131 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:004166BE
  546.  
  547. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!