API tools faq
paste
Guest User

RSIT log

a guest
May 7th, 2013
73
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 30.92 KB | None | 0 0
raw download clone embed print report
  1. Logfile of random's system information tool 1.09 (written by random/random)
  2. Run by Daniela at 2013-05-07 22:01:17
  3. Microsoft Windows 7 Home Premium Service Pack 1
  4. System drive C: has 205 GB (71%) free of 288 GB
  5. Total RAM: 1979 MB (43% free)
  6.  
  7. Logfile of Trend Micro HijackThis v2.0.4
  8. Scan saved at 22:01:21, on 7. 5. 2013
  9. Platform: Windows 7 SP1 (WinNT 6.00.3505)
  10. MSIE: Internet Explorer v10.0 (10.00.9200.16537)
  11. Boot mode: Normal
  12.  
  13. Running processes:
  14. C:\ProgramData\DatacardService\DCSHelper.exe
  15. C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
  16. C:\Users\Daniela\AppData\Roaming\QipGuard\QipGuard.exe
  17. C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
  18. C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
  19. C:\Program Files\Motorola\Bluetooth\btplayerctrl.exe
  20. C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
  21. C:\Program Files (x86)\Opera\opera.exe
  22. C:\Users\Daniela\AppData\Local\Opera\Opera\temporary_downloads\RSIT.exe
  23. C:\Program Files (x86)\trend micro\Daniela.exe
  24.  
  25. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
  26. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  27. R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  28. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
  29. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  30. R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  31. R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  32. R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  33. R3 - URLSearchHook: (no name) - - (no file)
  34. F2 - REG:system.ini: UserInit=userinit.exe
  35. O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
  36. O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
  37. O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
  38. O2 - BHO: Pomocník pri prihlasovaní v sieti Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
  39. O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
  40. O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
  41. O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
  42. O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
  43. O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
  44. O4 - HKLM\..\Run: [B2C_AGENT] C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe
  45. O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
  46. O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
  47. O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
  48. O4 - HKCU\..\Run: [QIP Internet Guardian] C:\Users\Daniela\AppData\Roaming\QipGuard\QipGuard.exe /p
  49. O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
  50. O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
  51. O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
  52. O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
  53. O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
  54. O4 - Startup: My_AutoWarkey_Script.lnk = C:\Program Files (x86)\Warkeys\AutoWarkey\AutoHotkey\AutoHotkey.exe
  55. O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
  56. O9 - Extra button: Pridať do blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
  57. O9 - Extra 'Tools' menuitem: &Pridať do blogu v programe Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
  58. O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
  59. O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
  60. O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
  61. O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
  62. O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
  63. O9 - Extra button: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
  64. O9 - Extra 'Tools' menuitem: @C:\Program Files\Motorola\Bluetooth\btmshell.dll,-137 - {bd707fe6-39f6-4bda-9265-86a76719bdc5} - C:\Program Files\Motorola\Bluetooth\btmiesend.htm
  65. O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
  66. O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
  67. O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
  68. O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
  69. O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
  70. O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
  71. O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
  72. O23 - Service: Bluetooth Device Manager - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
  73. O23 - Service: Bluetooth Media Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\audiosrv.exe
  74. O23 - Service: Bluetooth OBEX Service - Motorola, Inc. - C:\Program Files\Motorola\Bluetooth\obexsrv.exe
  75. O23 - Service: DCService.exe - Unknown owner - C:\ProgramData\DatacardService\DCService.exe
  76. O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
  77. O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
  78. O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
  79. O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
  80. O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
  81. O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
  82. O23 - Service: FLEXnet Licensing Service 64 - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
  83. O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  84. O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  85. O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
  86. O23 - Service: HPWMISVC - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
  87. O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  88. O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
  89. O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
  90. O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
  91. O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  92. O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  93. O23 - Service: QipGuard - QIP.ru - C:\Program Files (x86)\QipGuard\QipGuard.exe
  94. O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
  95. O23 - Service: RtVOsdService Installer (RtVOsdService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
  96. O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  97. O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
  98. O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
  99. O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
  100. O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
  101. O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
  102. O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
  103. O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
  104. O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
  105. O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
  106. O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
  107. O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
  108. O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
  109.  
  110. --
  111. End of file - 11194 bytes
  112.  
  113. ======Scheduled tasks folder======
  114.  
  115. C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  116. C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  117. C:\Windows\tasks\HPCeeScheduleForDaniela.job
  118.  
  119. =========Mozilla firefox=========
  120.  
  121. ProfilePath - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\rf8t6gmc.default
  122.  
  123. prefs.js - "browser.startup.homepage" - "http://www.centrum.sk/"
  124.  
  125. [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
  126. "Description"=Adobe® Flash® Player 11.4.402.265 Plugin
  127. "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
  128.  
  129. [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
  130. "Description"=Adobe Shockwave Player
  131. "Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
  132.  
  133. [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
  134. "Description"=Google Earth in your browser
  135. "Path"=C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
  136.  
  137. [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.17.2]
  138. "Description"=Java™ Deployment Toolkit
  139. "Path"=C:\Windows\SysWOW64\npDeployJava1.dll
  140.  
  141. [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2]
  142. "Description"=Oracle® Next Generation Java™ Plug-In
  143. "Path"=C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
  144.  
  145. [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
  146. "Description"=
  147. "Path"=disabled
  148.  
  149. [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
  150. "Description"=Ag Player Plugin
  151. "Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
  152.  
  153. [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416]
  154. "Description"=WLPG Install MIME type
  155. "Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
  156.  
  157. [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@pandonetworks.com/PandoWebPlugin]
  158. "Description"=This plugin detects and launches Pando Media Booster
  159. "Path"=C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
  160.  
  161. [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
  162. "Description"=Google Update
  163. "Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
  164.  
  165. [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
  166. "Description"=Google Update
  167. "Path"=C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
  168.  
  169. [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18]
  170. "Description"=Veetle TV Core
  171. "Path"=C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
  172.  
  173. [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18]
  174. "Description"=Veetle TV Player
  175. "Path"=C:\Program Files (x86)\Veetle\Player\npvlc.dll
  176.  
  177. [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
  178. "Description"=Handles PDFs in-place in Firefox
  179. "Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
  180.  
  181. C:\Program Files (x86)\Mozilla Firefox\extensions\
  182. {972ce4c6-7e08-4474-a285-3208198ce6fd}
  183.  
  184. C:\Program Files (x86)\Mozilla Firefox\components\
  185. binary.manifest
  186. browsercomps.dll
  187.  
  188. C:\Program Files (x86)\Mozilla Firefox\searchplugins\
  189. amazondotcom.xml
  190. bing.xml
  191. eBay.xml
  192. google.xml
  193. twitter.xml
  194. wikipedia.xml
  195. yahoo.xml
  196.  
  197. C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\rf8t6gmc.default\extensions\
  198. {2458abc0-f443-11dd-87af-0800200c9a66}
  199. {b9db16a4-6edc-47ec-a1f4-b86292ed211d}
  200.  
  201. ======Registry dump======
  202.  
  203. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
  204. Adobe PDF Link Helper - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18 66280]
  205.  
  206. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
  207. Groove GFS Browser Helper - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
  208.  
  209. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
  210. Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-03-06 461216]
  211.  
  212. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
  213. Pomocník pri prihlasovaní v sieti Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]
  214.  
  215. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
  216. Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]
  217.  
  218. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
  219. Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-03-06 170912]
  220.  
  221. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
  222. "HP Quick Launch"=C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [2010-07-02 602680]
  223. "Easybits Recovery"=C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [2010-06-02 61112]
  224. "GrooveMonitor"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [2009-02-26 30040]
  225. "B2C_AGENT"=C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [2012-03-28 404568]
  226. "Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-12-03 946352]
  227. "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2012-07-03 252848]
  228.  
  229. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  230. "LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-05-19 2736128]
  231. "QIP Internet Guardian"=C:\Users\Daniela\AppData\Roaming\QipGuard\QipGuard.exe [2011-02-01 187776]
  232. "DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2011-01-20 1305408]
  233.  
  234. C:\Users\Daniela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
  235. My_AutoWarkey_Script.lnk - C:\Program Files (x86)\Warkeys\AutoWarkey\AutoHotkey\AutoHotkey.exe
  236.  
  237. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
  238. WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
  239.  
  240. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
  241. "{E54729E8-BB3D-4270-9D49-7389EA579090}"=C:\Windows\SysWow64\EZUPBH~1.DLL [2010-08-14 52920]
  242. "UPB:{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"= []
  243. "{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26 2217832]
  244.  
  245. [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
  246. "SecurityProviders"=credssp.dll
  247.  
  248. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
  249.  
  250. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
  251. "DisableLockWorkstation"=0
  252. "DisableTaskMgr"=0
  253. "DisableChangePassword"=0
  254.  
  255. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
  256. "ConsentPromptBehaviorAdmin"=5
  257. "ConsentPromptBehaviorUser"=3
  258. "EnableUIADesktopToggle"=0
  259. "dontdisplaylastusername"=0
  260. "legalnoticecaption"=
  261. "legalnoticetext"=
  262. "shutdownwithoutlogon"=1
  263. "undockwithoutlogon"=1
  264. "HideFastUserSwitching"=0
  265.  
  266. [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
  267. "NoActiveDesktop"=1
  268. "NoActiveDesktopChanges"=1
  269. "ForceActiveDesktopOn"=0
  270. "EnableShellExecuteHooks"=1
  271.  
  272. [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
  273.  
  274. [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
  275.  
  276. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
  277. "vidc.mrle"=msrle32.dll
  278. "vidc.msvc"=msvidc32.dll
  279. "msacm.imaadpcm"=imaadp32.acm
  280. "msacm.msg711"=msg711.acm
  281. "msacm.msgsm610"=msgsm32.acm
  282. "msacm.msadpcm"=msadp32.acm
  283. "midimapper"=midimap.dll
  284. "wavemapper"=msacm32.drv
  285. "vidc.uyvy"=msyuv.dll
  286. "vidc.yuy2"=msyuv.dll
  287. "vidc.yvyu"=msyuv.dll
  288. "vidc.iyuv"=iyuv_32.dll
  289. "vidc.i420"=iyuv_32.dll
  290. "vidc.yvu9"=tsbyuv.dll
  291. "msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
  292. "vidc.cvid"=iccvid.dll
  293. "wave"=wdmaud.drv
  294. "midi"=wdmaud.drv
  295. "mixer"=wdmaud.drv
  296. "aux"=wdmaud.drv
  297. "msacm.siren"=sirenacm.dll
  298. "msacm.vorbis"=vorbis.acm
  299.  
  300. ======File associations======
  301.  
  302. .js - edit - C:\Windows\System32\Notepad.exe %1
  303. .js - open - C:\Windows\System32\WScript.exe "%1" %*
  304.  
  305. ======List of files/folders created in the last 1 month======
  306.  
  307. 2013-05-07 18:56:24 ----A---- C:\AdwCleaner[S2].txt
  308. 2013-05-07 17:27:34 ----A---- C:\AdwCleaner[S1].txt
  309. 2013-05-07 17:24:37 ----A---- C:\AdwCleaner[R1].txt
  310. 2013-05-07 17:12:09 ----D---- C:\Program Files (x86)\trend micro
  311. 2013-05-07 17:12:08 ----D---- C:\rsit
  312. 2013-05-07 17:07:39 ----D---- C:\Windows\pss
  313. 2013-05-07 13:52:55 ----A---- C:\Windows\wininit.ini
  314. 2013-05-06 17:35:18 ----AD---- C:\Kaspersky Rescue Disk 10.0
  315. 2013-04-22 17:37:48 ----D---- C:\Program Files (x86)\Mozilla Firefox
  316. 2013-04-10 22:30:00 ----A---- C:\Windows\SysWOW64\ieui.dll
  317. 2013-04-10 22:29:57 ----A---- C:\Windows\SysWOW64\iesetup.dll
  318. 2013-04-10 22:29:56 ----A---- C:\Windows\SysWOW64\RegisterIEPKEYs.exe
  319. 2013-04-10 22:29:56 ----A---- C:\Windows\SysWOW64\msfeeds.dll
  320. 2013-04-10 22:29:56 ----A---- C:\Windows\SysWOW64\iesysprep.dll
  321. 2013-04-10 22:29:56 ----A---- C:\Windows\SysWOW64\iernonce.dll
  322. 2013-04-10 22:29:55 ----A---- C:\Windows\SysWOW64\iertutil.dll
  323. 2013-04-10 22:29:52 ----A---- C:\Windows\SysWOW64\urlmon.dll
  324. 2013-04-10 22:29:51 ----A---- C:\Windows\SysWOW64\jscript.dll
  325. 2013-04-10 22:29:49 ----A---- C:\Windows\SysWOW64\jscript9.dll
  326. 2013-04-10 22:29:47 ----A---- C:\Windows\SysWOW64\jsproxy.dll
  327. 2013-04-10 22:29:46 ----A---- C:\Windows\SysWOW64\wininet.dll
  328. 2013-04-10 22:29:41 ----A---- C:\Windows\SysWOW64\ieframe.dll
  329. 2013-04-10 22:29:34 ----A---- C:\Windows\SysWOW64\mshtml.dll
  330. 2013-04-10 21:04:02 ----A---- C:\Windows\SysWOW64\mstscax.dll
  331. 2013-04-10 21:04:00 ----A---- C:\Windows\SysWOW64\aaclient.dll
  332. 2013-04-10 21:03:59 ----A---- C:\Windows\SysWOW64\tsgqec.dll
  333. 2013-04-10 21:03:42 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
  334. 2013-04-10 21:03:41 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
  335. 2013-04-10 21:03:39 ----A---- C:\Windows\SysWOW64\apisetschema.dll
  336.  
  337. ======List of files/folders modified in the last 1 month======
  338.  
  339. 2013-05-07 22:01:22 ----D---- C:\Windows\Prefetch
  340. 2013-05-07 22:01:21 ----D---- C:\Windows\Temp
  341. 2013-05-07 19:13:30 ----D---- C:\Windows\System32
  342. 2013-05-07 19:13:23 ----D---- C:\Windows\inf
  343. 2013-05-07 18:56:51 ----D---- C:\Program Files (x86)
  344. 2013-05-07 18:56:45 ----HD---- C:\ProgramData
  345. 2013-05-07 18:49:29 ----D---- C:\Program Files (x86)\Opera
  346. 2013-05-07 18:45:47 ----A---- C:\Windows\SysWOW64\lgAxconfig.ini
  347. 2013-05-07 17:58:21 ----AD---- C:\Windows
  348. 2013-05-07 14:58:27 ----D---- C:\Users\Daniela\AppData\Roaming\DAEMON Tools Pro
  349. 2013-05-07 14:58:27 ----D---- C:\Users\Daniela\AppData\Roaming\DAEMON Tools Lite
  350. 2013-05-07 14:58:20 ----D---- C:\Users\Daniela\AppData\Roaming\uTorrent
  351. 2013-05-07 14:58:20 ----D---- C:\Users\Daniela\AppData\Roaming\Skype
  352. 2013-05-07 14:57:55 ----D---- C:\Windows\Panther
  353. 2013-05-07 14:57:55 ----D---- C:\Windows\ModemLogs
  354. 2013-05-07 14:57:55 ----D---- C:\Windows\Minidump
  355. 2013-05-07 14:57:55 ----D---- C:\Windows\Logs
  356. 2013-05-07 14:57:55 ----D---- C:\Windows\debug
  357. 2013-05-07 14:00:20 ----RD---- C:\Program Files
  358. 2013-05-07 06:40:42 ----D---- C:\Windows\winsxs
  359. 2013-05-07 06:22:12 ----SHD---- C:\System Volume Information
  360. 2013-05-06 21:03:43 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
  361. 2013-05-06 15:31:14 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
  362. 2013-04-29 21:20:09 ----D---- C:\Program Files (x86)\Mozilla Firefox.bak
  363. 2013-04-22 12:00:44 ----D---- C:\Users\Daniela\AppData\Roaming\vlc
  364. 2013-04-11 15:14:04 ----D---- C:\Windows\SysWOW64
  365. 2013-04-11 15:14:02 ----D---- C:\Program Files (x86)\Internet Explorer
  366. 2013-04-10 22:31:17 ----SHD---- C:\Windows\Installer
  367. 2013-04-10 22:31:07 ----D---- C:\ProgramData\Microsoft Help
  368.  
  369. ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
  370.  
  371. R0 iaStor;Intel AHCI Controller; C:\Windows\system32\DRIVERS\iaStor.sys []
  372. R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
  373. R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys []
  374. R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys []
  375. R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys []
  376. R2 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys []
  377. R2 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys []
  378. R2 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys []
  379. R2 lirsgt;lirsgt; C:\Windows\system32\DRIVERS\lirsgt.sys []
  380. R3 BTMUSB;Motorola Bluetooth Radio Service; C:\Windows\System32\Drivers\btmusb.sys []
  381. R3 Epfwndis;Eset Personal Firewall; C:\Windows\system32\DRIVERS\Epfwndis.sys []
  382. R3 huawei_enumerator;huawei_enumerator; C:\Windows\system32\DRIVERS\ew_jubusenum.sys []
  383. R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys []
  384. R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
  385. R3 netr28x;Ralink 802.11n Extensible Wireless Driver; C:\Windows\system32\DRIVERS\netr28x.sys []
  386. R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys []
  387. R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys []
  388. S2 atksgt;atksgt; C:\Windows\system32\DRIVERS\atksgt.sys []
  389. S3 Andbus;LGE Android Platform Composite USB Device; C:\Windows\system32\DRIVERS\lgandbus64.sys []
  390. S3 AndDiag;LGE Android Platform USB Serial Port; C:\Windows\system32\DRIVERS\lganddiag64.sys []
  391. S3 AndGps;LGE Android Platform USB GPS NMEA Port; C:\Windows\system32\DRIVERS\lgandgps64.sys []
  392. S3 ANDModem;LGE Android Platform USB Modem; C:\Windows\system32\DRIVERS\lgandmodem64.sys []
  393. S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\drivers\BthEnum.sys []
  394. S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\DRIVERS\bthpan.sys []
  395. S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys []
  396. S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys []
  397. S3 BTMCOM;Bluetooth Serial Port; C:\Windows\System32\Drivers\btmcom.sys []
  398. S3 busenum;SteelBusSvc; C:\Windows\system32\DRIVERS\SteelBus64.sys []
  399. S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device; C:\Windows\system32\DRIVERS\ew_hwusbdev.sys []
  400. S3 GGSAFERDriver;GGSAFER Driver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys []
  401. S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys []
  402. S3 KMWDFILTER;HIDServiceDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys []
  403. S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit; C:\Windows\system32\DRIVERS\netw5v64.sys []
  404. S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
  405. S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
  406. S3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
  407. S3 SAlphamHid;SteelHIDSvc; C:\Windows\system32\DRIVERS\SAlpham64.sys []
  408. S3 sdbus;sdbus; C:\Windows\system32\drivers\sdbus.sys []
  409. S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL6.SYS []
  410. S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV6.SYS []
  411. S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT6.SYS []
  412. S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
  413. S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys []
  414.  
  415. ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
  416.  
  417. R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-12-18 65192]
  418. R2 AERTFilters;Andrea RT Filters Service; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-18 98208]
  419. R2 Bluetooth OBEX Service;Bluetooth OBEX Service; C:\Program Files\Motorola\Bluetooth\obexsrv.exe [2010-05-20 677128]
  420. R2 DCService.exe;DCService.exe; C:\ProgramData\DatacardService\DCService.exe [2010-05-08 229376]
  421. R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-01-12 810144]
  422. R2 ezSharedSvc;Easybits Services for Windows; C:\Windows\System32\ezSharedSvcHost.exe [2010-04-23 514232]
  423. R2 HPWMISVC;HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-07-02 27192]
  424. R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-05-19 73728]
  425. R2 QipGuard;QipGuard; C:\Program Files (x86)\QipGuard\QipGuard.exe [2011-02-01 187776]
  426. R2 RtVOsdService;RtVOsdService Installer; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [2010-04-19 315392]
  427. R3 Bluetooth Device Manager;Bluetooth Device Manager; C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe [2010-06-29 4181256]
  428. R3 Bluetooth Media Service;Bluetooth Media Service; C:\Program Files\Motorola\Bluetooth\audiosrv.exe [2010-05-20 1096968]
  429. R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2010-08-17 1028096]
  430. R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [2011-03-28 799800]
  431. S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
  432. S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
  433. S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-18 136176]
  434. S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
  435. S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2010-03-18 44376]
  436. S3 EhttpSrv;ESET HTTP Server; C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe [2011-01-12 42360]
  437. S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2010-08-17 647680]
  438. S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-10-18 136176]
  439. S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [2009-02-26 64856]
  440. S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-22 115608]
  441. S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
  442. S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
  443. S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe []
  444. S4 msvsmon90;Visual Studio 2008 Remote Debugger; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [2008-07-29 4737024]
  445. S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
  446. S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
  447. S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]
  448.  
  449. -----------------EOF-----------------
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!