API tools faq
paste
Advertisement
Guest User

OTL LOG

a guest
Oct 10th, 2012
905
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 55.47 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 10.10.2012. 11:11:17 - Run 1
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Hrvoje\Desktop
  3. 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
  4. Internet Explorer (Version = 9.10.9200.16384)
  5. Locale: 0000041a | Country: Hrvatska | Language: HRV | Date Format: d.M.yyyy.
  6.  
  7. 4,00 Gb Total Physical Memory | 2,77 Gb Available Physical Memory | 69,14% Memory free
  8. 7,50 Gb Paging File | 6,10 Gb Available in Paging File | 81,30% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
  12. Drive C: | 298,08 Gb Total Space | 278,92 Gb Free Space | 93,57% Space Free | Partition Type: NTFS
  13.  
  14. Computer Name: HRVOJE-PC | User Name: Hrvoje | Logged in as Administrator.
  15. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
  16. Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
  17.  
  18. [color=#E56717]========== Processes (SafeList) ==========[/color]
  19.  
  20. PRC - [2012.10.10 11:10:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hrvoje\Desktop\OTL.exe
  21. PRC - [2012.10.04 03:16:02 | 001,239,064 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
  22. PRC - [2012.08.27 15:05:06 | 000,306,688 | ---- | M] (Skillbrains) -- C:\Users\Hrvoje\AppData\Local\Skillbrains\lightshot\3.0.0.0\Lightshot.exe
  23. PRC - [2012.08.27 06:21:12 | 026,924,984 | ---- | M] (Dropbox, Inc.) -- C:\Users\Hrvoje\AppData\Roaming\Dropbox\bin\Dropbox.exe
  24. PRC - [2012.01.22 06:05:46 | 004,091,904 | ---- | M] () -- C:\Program Files (x86)\Clipdiary\clipdiary.exe
  25.  
  26.  
  27. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  28.  
  29. MOD - [2012.10.04 03:16:00 | 000,460,312 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.92\ppgooglenaclpluginchrome.dll
  30. MOD - [2012.10.04 03:15:58 | 012,435,992 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.92\PepperFlash\pepflashplayer.dll
  31. MOD - [2012.10.04 03:15:56 | 004,005,912 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.92\pdf.dll
  32. MOD - [2012.10.04 03:14:41 | 000,578,072 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.92\libglesv2.dll
  33. MOD - [2012.10.04 03:14:40 | 000,123,928 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.92\libegl.dll
  34. MOD - [2012.10.04 03:14:29 | 000,156,712 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.92\avutil-51.dll
  35. MOD - [2012.10.04 03:14:27 | 000,275,496 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.92\avformat-54.dll
  36. MOD - [2012.10.04 03:14:26 | 002,168,360 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.92\avcodec-54.dll
  37. MOD - [2012.01.22 06:05:46 | 004,091,904 | ---- | M] () -- C:\Program Files (x86)\Clipdiary\clipdiary.exe
  38. MOD - [2010.08.24 00:57:10 | 000,542,036 | ---- | M] () -- C:\Program Files (x86)\Clipdiary\sqlite3.dll
  39.  
  40.  
  41. [color=#E56717]========== Services (SafeList) ==========[/color]
  42.  
  43. SRV:[b]64bit:[/b] - [2012.07.26 06:46:56 | 002,366,984 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
  44. SRV:[b]64bit:[/b] - [2012.07.26 05:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
  45. SRV:[b]64bit:[/b] - [2012.07.26 05:17:59 | 000,015,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
  46. SRV:[b]64bit:[/b] - [2012.07.26 05:08:04 | 001,968,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
  47. SRV:[b]64bit:[/b] - [2012.07.26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
  48. SRV:[b]64bit:[/b] - [2012.07.26 05:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
  49. SRV:[b]64bit:[/b] - [2012.07.26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
  50. SRV:[b]64bit:[/b] - [2012.07.26 05:07:30 | 000,169,984 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
  51. SRV:[b]64bit:[/b] - [2012.07.26 05:07:27 | 000,178,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
  52. SRV:[b]64bit:[/b] - [2012.07.26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
  53. SRV:[b]64bit:[/b] - [2012.07.26 05:06:36 | 000,463,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
  54. SRV:[b]64bit:[/b] - [2012.07.26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
  55. SRV:[b]64bit:[/b] - [2012.07.26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
  56. SRV:[b]64bit:[/b] - [2012.07.26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
  57. SRV:[b]64bit:[/b] - [2012.07.26 05:06:00 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
  58. SRV:[b]64bit:[/b] - [2012.07.26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
  59. SRV:[b]64bit:[/b] - [2012.07.26 05:05:38 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
  60. SRV:[b]64bit:[/b] - [2012.07.26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
  61. SRV:[b]64bit:[/b] - [2012.07.26 05:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
  62. SRV:[b]64bit:[/b] - [2012.07.26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
  63. SRV:[b]64bit:[/b] - [2012.07.26 05:05:11 | 000,174,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
  64. SRV:[b]64bit:[/b] - [2012.07.26 05:05:08 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
  65. SRV:[b]64bit:[/b] - [2012.07.26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
  66. SRV:[b]64bit:[/b] - [2012.07.26 05:05:04 | 000,187,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
  67. SRV:[b]64bit:[/b] - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
  68. SRV:[b]64bit:[/b] - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
  69. SRV:[b]64bit:[/b] - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
  70. SRV:[b]64bit:[/b] - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
  71. SRV:[b]64bit:[/b] - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
  72. SRV:[b]64bit:[/b] - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
  73. SRV - [2012.10.10 08:41:23 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
  74. SRV - [2012.07.26 05:30:05 | 002,675,200 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
  75. SRV - [2012.07.26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
  76.  
  77.  
  78. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  79.  
  80. DRV:[b]64bit:[/b] - [2012.07.26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
  81. DRV:[b]64bit:[/b] - [2012.07.26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
  82. DRV:[b]64bit:[/b] - [2012.07.26 07:00:58 | 000,445,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
  83. DRV:[b]64bit:[/b] - [2012.07.26 07:00:58 | 000,337,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
  84. DRV:[b]64bit:[/b] - [2012.07.26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
  85. DRV:[b]64bit:[/b] - [2012.07.26 07:00:58 | 000,212,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
  86. DRV:[b]64bit:[/b] - [2012.07.26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
  87. DRV:[b]64bit:[/b] - [2012.07.26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
  88. DRV:[b]64bit:[/b] - [2012.07.26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
  89. DRV:[b]64bit:[/b] - [2012.07.26 07:00:55 | 000,283,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
  90. DRV:[b]64bit:[/b] - [2012.07.26 07:00:55 | 000,120,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
  91. DRV:[b]64bit:[/b] - [2012.07.26 07:00:55 | 000,077,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
  92. DRV:[b]64bit:[/b] - [2012.07.26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
  93. DRV:[b]64bit:[/b] - [2012.07.26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
  94. DRV:[b]64bit:[/b] - [2012.07.26 07:00:55 | 000,028,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
  95. DRV:[b]64bit:[/b] - [2012.07.26 07:00:54 | 000,056,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
  96. DRV:[b]64bit:[/b] - [2012.07.26 07:00:52 | 003,295,984 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
  97. DRV:[b]64bit:[/b] - [2012.07.26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
  98. DRV:[b]64bit:[/b] - [2012.07.26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
  99. DRV:[b]64bit:[/b] - [2012.07.26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
  100. DRV:[b]64bit:[/b] - [2012.07.26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
  101. DRV:[b]64bit:[/b] - [2012.07.26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
  102. DRV:[b]64bit:[/b] - [2012.07.26 07:00:49 | 000,539,376 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
  103. DRV:[b]64bit:[/b] - [2012.07.26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
  104. DRV:[b]64bit:[/b] - [2012.07.26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
  105. DRV:[b]64bit:[/b] - [2012.07.26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
  106. DRV:[b]64bit:[/b] - [2012.07.26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
  107. DRV:[b]64bit:[/b] - [2012.07.26 06:59:35 | 000,193,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
  108. DRV:[b]64bit:[/b] - [2012.07.26 06:59:35 | 000,148,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
  109. DRV:[b]64bit:[/b] - [2012.07.26 06:59:32 | 000,055,024 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
  110. DRV:[b]64bit:[/b] - [2012.07.26 06:58:00 | 000,068,848 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
  111. DRV:[b]64bit:[/b] - [2012.07.26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
  112. DRV:[b]64bit:[/b] - [2012.07.26 06:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
  113. DRV:[b]64bit:[/b] - [2012.07.26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
  114. DRV:[b]64bit:[/b] - [2012.07.26 06:44:30 | 000,258,288 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
  115. DRV:[b]64bit:[/b] - [2012.07.26 06:36:15 | 000,034,216 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
  116. DRV:[b]64bit:[/b] - [2012.07.26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
  117. DRV:[b]64bit:[/b] - [2012.07.26 05:17:38 | 000,027,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
  118. DRV:[b]64bit:[/b] - [2012.07.26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
  119. DRV:[b]64bit:[/b] - [2012.07.26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
  120. DRV:[b]64bit:[/b] - [2012.07.26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
  121. DRV:[b]64bit:[/b] - [2012.07.26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
  122. DRV:[b]64bit:[/b] - [2012.07.26 04:28:27 | 000,031,104 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
  123. DRV:[b]64bit:[/b] - [2012.07.26 04:27:58 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
  124. DRV:[b]64bit:[/b] - [2012.07.26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
  125. DRV:[b]64bit:[/b] - [2012.07.26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
  126. DRV:[b]64bit:[/b] - [2012.07.26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
  127. DRV:[b]64bit:[/b] - [2012.07.26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
  128. DRV:[b]64bit:[/b] - [2012.07.26 04:27:31 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
  129. DRV:[b]64bit:[/b] - [2012.07.26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
  130. DRV:[b]64bit:[/b] - [2012.07.26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
  131. DRV:[b]64bit:[/b] - [2012.07.26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
  132. DRV:[b]64bit:[/b] - [2012.07.26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
  133. DRV:[b]64bit:[/b] - [2012.07.26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
  134. DRV:[b]64bit:[/b] - [2012.07.26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
  135. DRV:[b]64bit:[/b] - [2012.07.26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
  136. DRV:[b]64bit:[/b] - [2012.07.26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
  137. DRV:[b]64bit:[/b] - [2012.07.26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
  138. DRV:[b]64bit:[/b] - [2012.07.26 04:25:54 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
  139. DRV:[b]64bit:[/b] - [2012.07.26 04:25:26 | 000,203,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Vid.sys -- (Vid)
  140. DRV:[b]64bit:[/b] - [2012.07.26 04:25:22 | 000,067,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\storvsp.sys -- (storvsp)
  141. DRV:[b]64bit:[/b] - [2012.07.26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
  142. DRV:[b]64bit:[/b] - [2012.07.26 04:25:12 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmbusr.sys -- (vmbusr)
  143. DRV:[b]64bit:[/b] - [2012.07.26 04:25:12 | 000,066,048 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpcivsp.sys -- (vpcivsp)
  144. DRV:[b]64bit:[/b] - [2012.07.26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
  145. DRV:[b]64bit:[/b] - [2012.07.26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
  146. DRV:[b]64bit:[/b] - [2012.07.26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
  147. DRV:[b]64bit:[/b] - [2012.07.26 00:53:22 | 011,926,528 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
  148. DRV:[b]64bit:[/b] - [2012.06.29 04:00:48 | 000,360,448 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
  149. DRV:[b]64bit:[/b] - [2012.06.02 16:34:38 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\VSTDPV6.SYS -- (SrvHsfV92)
  150. DRV:[b]64bit:[/b] - [2012.06.02 16:34:38 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
  151. DRV:[b]64bit:[/b] - [2012.06.02 16:34:38 | 000,411,136 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\VSTBS26.SYS -- (SrvHsfPCI)
  152. DRV:[b]64bit:[/b] - [2012.06.02 16:31:52 | 000,344,192 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\nvmf6264.sys -- (NVNET)
  153.  
  154. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  155.  
  156.  
  157. [color=#E56717]========== Internet Explorer ==========[/color]
  158.  
  159. IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  160. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  161. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  162. IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  163. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  164.  
  165. IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  166. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
  167. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  168.  
  169.  
  170. [color=#E56717]========== FireFox ==========[/color]
  171.  
  172. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_500_90.dll File not found
  173. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
  174. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_500_90.dll ()
  175. FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
  176. FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
  177. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
  178. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
  179.  
  180.  
  181.  
  182. [color=#E56717]========== Chrome ==========[/color]
  183.  
  184. CHR - homepage: http://www.comodo.com/
  185. CHR - default_search_provider: Google (Enabled)
  186. CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
  187. CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
  188. CHR - homepage: http://www.comodo.com/
  189. CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.92\PepperFlash\pepflashplayer.dll
  190. CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
  191. CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.92\ppGoogleNaClPluginChrome.dll
  192. CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\22.0.1229.92\pdf.dll
  193. CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
  194. CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
  195. CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
  196. CHR - Extension: YouTube = C:\Users\Hrvoje\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
  197. CHR - Extension: Google pretra\u017Eivanje = C:\Users\Hrvoje\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
  198. CHR - Extension: Photo Zoom for Facebook = C:\Users\Hrvoje\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi\1.1208.30.1_0\
  199. CHR - Extension: AdBlock = C:\Users\Hrvoje\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.45_0\
  200. CHR - Extension: Classic = C:\Users\Hrvoje\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkacjpbfdknhflllbcmjibkdeoafencn\1.1_0\
  201. CHR - Extension: EXIF Viewer = C:\Users\Hrvoje\AppData\Local\Google\Chrome\User Data\Default\Extensions\lplmljfembbkocngnlkkdgabpnfokmnl\2.1.9_0\
  202. CHR - Extension: Gmail = C:\Users\Hrvoje\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
  203.  
  204. O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
  205. O4 - HKCU..\Run: [Clipdiary] C:\Program Files (x86)\Clipdiary\clipdiary.exe ()
  206. O4 - HKCU..\Run: [LightShot] C:\Users\Hrvoje\AppData\Local\Skillbrains\lightshot\LightShot.exe ()
  207. O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
  208. O4 - Startup: C:\Users\Hrvoje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Hrvoje\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
  209. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
  210. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
  211. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
  212. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
  213. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  214. O13[b]64bit:[/b] - gopher Prefix: missing
  215. O13 - gopher Prefix: missing
  216. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
  217. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C85974ED-B7B4-49AD-8660-22ADAD9C74AE}: DhcpNameServer = 192.168.1.1
  218. O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
  219. O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  220. O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
  221. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
  222. O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
  223. O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  224. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  225. O30 - LSA: Security Packages - (livessp) - File not found
  226. O32 - HKLM CDRom: AutoRun - 1
  227. O34 - HKLM BootExecute: (autocheck autochk *)
  228. O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
  229. O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
  230. O35 - HKLM\..comfile [open] -- "%1" %*
  231. O35 - HKLM\..exefile [open] -- "%1" %*
  232. O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
  233. O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
  234. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  235. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  236. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  237. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  238.  
  239. NetSvcs:[b]64bit:[/b] wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
  240. NetSvcs:[b]64bit:[/b] DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
  241. NetSvcs:[b]64bit:[/b] NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
  242. NetSvcs:[b]64bit:[/b] SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
  243. NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
  244.  
  245. CREATERESTOREPOINT
  246. Restore point Set: OTL Restore Point
  247.  
  248. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  249.  
  250. [2012.10.10 11:10:50 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Hrvoje\Desktop\OTL.exe
  251. [2012.10.08 15:16:37 | 000,000,000 | ---D | C] -- C:\Users\Hrvoje\AppData\Local\Diagnostics
  252. [2012.10.08 00:42:08 | 000,000,000 | ---D | C] -- C:\Windows\Panther
  253. [2012.10.08 00:41:54 | 000,000,000 | -HSD | C] -- C:\Boot
  254. [2012.10.07 17:28:42 | 000,000,000 | ---D | C] -- C:\Windows\AutoKMS
  255. [2012.10.07 17:22:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
  256. [2012.10.07 17:22:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
  257. [2012.10.07 17:21:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
  258. [2012.10.07 17:21:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
  259. [2012.10.07 17:20:54 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
  260. [2012.10.07 17:20:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Sync Framework
  261. [2012.10.07 17:18:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Visual Studio 8
  262. [2012.10.07 17:18:19 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
  263. [2012.10.07 17:17:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
  264. [2012.10.07 17:17:50 | 000,000,000 | ---D | C] -- C:\Users\Hrvoje\AppData\Local\Microsoft Help
  265. [2012.10.07 17:17:46 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
  266. [2012.10.07 17:17:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
  267. [2012.10.07 17:17:39 | 000,000,000 | RH-D | C] -- C:\MSOCache
  268. [2012.10.07 16:24:24 | 000,000,000 | R--D | C] -- C:\Users\Hrvoje\Dropbox
  269. [2012.10.07 16:23:21 | 000,000,000 | ---D | C] -- C:\Users\Hrvoje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
  270. [2012.10.07 16:22:18 | 000,000,000 | ---D | C] -- C:\Users\Hrvoje\AppData\Roaming\Dropbox
  271. [2012.10.07 16:00:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Clipdiary
  272. [2012.10.07 16:00:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Clipdiary
  273. [2012.10.07 15:54:33 | 000,000,000 | ---D | C] -- C:\Users\Hrvoje\AppData\Roaming\YourFileDownloader
  274. [2012.10.07 15:51:10 | 000,000,000 | ---D | C] -- C:\Users\Hrvoje\AppData\Roaming\Clipdiary
  275. [2012.10.07 15:47:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Skillbrains
  276. [2012.10.07 15:47:52 | 000,000,000 | ---D | C] -- C:\Users\Hrvoje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot
  277. [2012.10.07 15:47:48 | 000,000,000 | ---D | C] -- C:\Users\Hrvoje\AppData\Local\Skillbrains
  278. [2012.10.07 15:45:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent
  279. [2012.10.07 15:44:35 | 000,000,000 | ---D | C] -- C:\Users\Hrvoje\AppData\Roaming\uTorrent
  280. [2012.10.07 15:38:06 | 000,000,000 | ---D | C] -- C:\Users\Hrvoje\AppData\Roaming\Xfire
  281. [2012.10.07 15:38:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xfire
  282. [2012.10.07 15:38:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Xfire
  283. [2012.10.07 15:37:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Xfire
  284. [2012.10.07 15:17:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IZArc
  285. [2012.10.07 15:17:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IZArc
  286. [2012.10.07 15:06:12 | 000,000,000 | ---D | C] -- C:\Users\Hrvoje\AppData\Roaming\Macromedia
  287. [2012.10.07 14:57:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
  288. [2012.10.07 14:55:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
  289. [2012.10.07 14:55:41 | 000,000,000 | ---D | C] -- C:\Users\Hrvoje\AppData\Local\Google
  290. [2012.10.07 14:50:25 | 000,000,000 | R--D | C] -- C:\Users\Hrvoje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
  291. [2012.10.07 14:50:25 | 000,000,000 | R--D | C] -- C:\Users\Hrvoje\Searches
  292. [2012.10.07 14:50:25 | 000,000,000 | R--D | C] -- C:\Users\Hrvoje\Contacts
  293. [2012.10.07 14:50:25 | 000,000,000 | R--D | C] -- C:\Users\Hrvoje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
  294. [2012.10.07 14:50:25 | 000,000,000 | -H-D | C] -- C:\Users\Hrvoje\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
  295. [2012.10.07 14:50:22 | 000,000,000 | ---D | C] -- C:\Users\Hrvoje\AppData\Roaming\Adobe
  296. [2012.10.07 14:49:53 | 000,000,000 | ---D | C] -- C:\Users\Hrvoje\AppData\Local\VirtualStore
  297. [2012.10.07 14:49:44 | 000,000,000 | ---D | C] -- C:\ProgramData\PRICache
  298. [2012.10.07 14:49:44 | 000,000,000 | ---D | C] -- C:\Users\Hrvoje\AppData\Local\Packages
  299. [2012.10.07 14:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Hrvoje\AppData\Local\Temporary Internet Files
  300. [2012.10.07 14:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Hrvoje\Templates
  301. [2012.10.07 14:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Hrvoje\Local Settings
  302. [2012.10.07 14:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Hrvoje\AppData\Local\History
  303. [2012.10.07 14:49:40 | 000,000,000 | -HSD | C] -- C:\Users\Hrvoje\AppData\Local\Application Data
  304. [2012.10.07 14:49:39 | 000,000,000 | --SD | C] -- C:\Users\Hrvoje\AppData\Roaming\Microsoft
  305. [2012.10.07 14:49:39 | 000,000,000 | R--D | C] -- C:\Users\Hrvoje\Videos
  306. [2012.10.07 14:49:39 | 000,000,000 | R--D | C] -- C:\Users\Hrvoje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
  307. [2012.10.07 14:49:39 | 000,000,000 | R--D | C] -- C:\Users\Hrvoje\Saved Games
  308. [2012.10.07 14:49:39 | 000,000,000 | R--D | C] -- C:\Users\Hrvoje\Pictures
  309. [2012.10.07 14:49:39 | 000,000,000 | R--D | C] -- C:\Users\Hrvoje\Music
  310. [2012.10.07 14:49:39 | 000,000,000 | R--D | C] -- C:\Users\Hrvoje\Links
  311. [2012.10.07 14:49:39 | 000,000,000 | R--D | C] -- C:\Users\Hrvoje\Favorites
  312. [2012.10.07 14:49:39 | 000,000,000 | R--D | C] -- C:\Users\Hrvoje\Downloads
  313. [2012.10.07 14:49:39 | 000,000,000 | R--D | C] -- C:\Users\Hrvoje\Documents
  314. [2012.10.07 14:49:39 | 000,000,000 | R--D | C] -- C:\Users\Hrvoje\Desktop
  315. [2012.10.07 14:49:39 | 000,000,000 | R--D | C] -- C:\Users\Hrvoje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
  316. [2012.10.07 14:49:39 | 000,000,000 | R--D | C] -- C:\Users\Hrvoje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
  317. [2012.10.07 14:49:39 | 000,000,000 | -HSD | C] -- C:\Users\Hrvoje\Start Menu
  318. [2012.10.07 14:49:39 | 000,000,000 | -HSD | C] -- C:\Users\Hrvoje\SendTo
  319. [2012.10.07 14:49:39 | 000,000,000 | -HSD | C] -- C:\Users\Hrvoje\Recent
  320. [2012.10.07 14:49:39 | 000,000,000 | -HSD | C] -- C:\Users\Hrvoje\PrintHood
  321. [2012.10.07 14:49:39 | 000,000,000 | -HSD | C] -- C:\Users\Hrvoje\NetHood
  322. [2012.10.07 14:49:39 | 000,000,000 | -HSD | C] -- C:\Users\Hrvoje\Documents\My Videos
  323. [2012.10.07 14:49:39 | 000,000,000 | -HSD | C] -- C:\Users\Hrvoje\Documents\My Pictures
  324. [2012.10.07 14:49:39 | 000,000,000 | -HSD | C] -- C:\Users\Hrvoje\Documents\My Music
  325. [2012.10.07 14:49:39 | 000,000,000 | -HSD | C] -- C:\Users\Hrvoje\My Documents
  326. [2012.10.07 14:49:39 | 000,000,000 | -HSD | C] -- C:\Users\Hrvoje\Cookies
  327. [2012.10.07 14:49:39 | 000,000,000 | -HSD | C] -- C:\Users\Hrvoje\Application Data
  328. [2012.10.07 14:49:39 | 000,000,000 | -H-D | C] -- C:\Users\Hrvoje\AppData
  329. [2012.10.07 14:49:39 | 000,000,000 | ---D | C] -- C:\Users\Hrvoje\AppData\Local\Temp
  330. [2012.10.07 14:49:39 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
  331. [2012.10.07 14:49:39 | 000,000,000 | ---D | C] -- C:\Users\Hrvoje\AppData\Local\Microsoft
  332. [2012.10.07 14:49:39 | 000,000,000 | ---D | C] -- C:\Users\Hrvoje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
  333. [2012.10.07 14:49:39 | 000,000,000 | ---D | C] -- C:\Windows\CSC
  334. [2012.10.07 14:46:55 | 000,000,000 | -HSD | C] -- C:\Recovery
  335. [2012.10.07 14:43:57 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
  336. [2012.10.07 14:43:12 | 000,000,000 | -HSD | C] -- C:\System Volume Information
  337.  
  338. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  339.  
  340. [2012.10.10 11:10:34 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hrvoje\Desktop\OTL.exe
  341. [2012.10.10 11:00:00 | 000,000,968 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  342. [2012.10.10 10:40:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
  343. [2012.10.10 08:40:39 | 000,000,964 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  344. [2012.10.10 08:38:53 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  345. [2012.10.09 19:59:00 | 000,000,410 | ---- | M] () -- C:\Windows\tasks\update-S-1-5-21-4279191772-1735002514-807911598-1001.job
  346. [2012.10.09 19:25:00 | 000,000,410 | ---- | M] () -- C:\Windows\tasks\update-sys.job
  347. [2012.10.09 09:26:06 | 000,803,370 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
  348. [2012.10.09 09:26:06 | 000,674,750 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
  349. [2012.10.09 09:26:06 | 000,124,636 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
  350. [2012.10.09 09:24:39 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
  351. [2012.10.08 00:41:56 | 000,008,192 | RHS- | M] () -- C:\BOOTSECT.BAK
  352. [2012.10.07 17:25:32 | 000,422,160 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
  353. [2012.10.07 17:25:19 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
  354. [2012.10.07 17:25:18 | 3435,593,728 | -HS- | M] () -- C:\hiberfil.sys
  355. [2012.10.07 16:24:24 | 000,001,041 | ---- | M] () -- C:\Users\Hrvoje\Desktop\Dropbox.lnk
  356. [2012.10.07 16:23:41 | 000,001,051 | ---- | M] () -- C:\Users\Hrvoje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
  357. [2012.10.07 16:00:17 | 000,001,045 | ---- | M] () -- C:\Users\Hrvoje\Desktop\Clipdiary.lnk
  358. [2012.10.07 15:47:56 | 000,000,544 | ---- | M] () -- C:\Users\Hrvoje\AppData\Local\UserProducts.xml
  359. [2012.10.07 15:45:16 | 000,000,967 | ---- | M] () -- C:\Users\Hrvoje\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
  360. [2012.10.07 15:45:16 | 000,000,943 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
  361. [2012.10.07 15:38:04 | 000,000,959 | ---- | M] () -- C:\Users\Public\Desktop\Xfire.lnk
  362. [2012.10.07 15:05:11 | 000,000,000 | ---- | M] () -- C:\Users\Hrvoje\slmgr
  363. [2012.10.07 14:57:48 | 000,002,251 | ---- | M] () -- C:\Users\Hrvoje\Desktop\Google Chrome.lnk
  364. [2012.10.07 14:53:01 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
  365. [2012.10.07 14:52:04 | 000,001,424 | ---- | M] () -- C:\Users\Hrvoje\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
  366. [2012.10.07 14:45:46 | 000,040,858 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
  367. [2012.10.07 14:45:46 | 000,040,858 | ---- | M] () -- C:\Windows\SysNative\license.rtf
  368. [2012.10.07 14:44:14 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
  369. [2012.10.07 14:44:14 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\atiicdxx.dat
  370. [2012.10.03 04:29:58 | 000,042,440 | ---- | M] () -- C:\Windows\SysWow64\xfcodec.dll
  371. [2012.10.03 04:29:56 | 000,028,104 | ---- | M] () -- C:\Windows\SysNative\xfcodec64.dll
  372.  
  373. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  374.  
  375. [2012.10.09 09:24:39 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
  376. [2012.10.08 00:41:56 | 000,008,192 | RHS- | C] () -- C:\BOOTSECT.BAK
  377. [2012.10.07 17:42:36 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
  378. [2012.10.07 16:24:24 | 000,001,041 | ---- | C] () -- C:\Users\Hrvoje\Desktop\Dropbox.lnk
  379. [2012.10.07 16:23:41 | 000,001,051 | ---- | C] () -- C:\Users\Hrvoje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
  380. [2012.10.07 16:00:17 | 000,001,045 | ---- | C] () -- C:\Users\Hrvoje\Desktop\Clipdiary.lnk
  381. [2012.10.07 15:47:56 | 000,000,544 | ---- | C] () -- C:\Users\Hrvoje\AppData\Local\UserProducts.xml
  382. [2012.10.07 15:47:56 | 000,000,410 | ---- | C] () -- C:\Windows\tasks\update-S-1-5-21-4279191772-1735002514-807911598-1001.job
  383. [2012.10.07 15:47:55 | 000,000,410 | ---- | C] () -- C:\Windows\tasks\update-sys.job
  384. [2012.10.07 15:45:16 | 000,000,967 | ---- | C] () -- C:\Users\Hrvoje\Application Data\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk
  385. [2012.10.07 15:45:16 | 000,000,943 | ---- | C] () -- C:\Users\Public\Desktop\µTorrent.lnk
  386. [2012.10.07 15:38:04 | 000,000,959 | ---- | C] () -- C:\Users\Public\Desktop\Xfire.lnk
  387. [2012.10.07 15:04:47 | 000,000,000 | ---- | C] () -- C:\Users\Hrvoje\slmgr
  388. [2012.10.07 14:57:32 | 000,002,251 | ---- | C] () -- C:\Users\Hrvoje\Desktop\Google Chrome.lnk
  389. [2012.10.07 14:55:48 | 000,000,968 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  390. [2012.10.07 14:55:48 | 000,000,964 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  391. [2012.10.07 14:53:01 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
  392. [2012.10.07 14:52:04 | 000,001,424 | ---- | C] () -- C:\Users\Hrvoje\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
  393. [2012.10.07 14:50:22 | 000,001,430 | ---- | C] () -- C:\Users\Hrvoje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
  394. [2012.10.07 14:49:39 | 000,000,352 | ---- | C] () -- C:\Users\Hrvoje\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
  395. [2012.10.07 14:49:39 | 000,000,334 | ---- | C] () -- C:\Users\Hrvoje\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
  396. [2012.10.07 14:46:23 | 3435,593,728 | -HS- | C] () -- C:\hiberfil.sys
  397. [2012.10.07 14:44:14 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
  398. [2012.10.07 14:44:14 | 000,000,000 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
  399. [2012.10.07 14:43:15 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
  400. [2012.10.03 04:29:58 | 000,042,440 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
  401. [2012.10.03 04:29:56 | 000,028,104 | ---- | C] () -- C:\Windows\SysNative\xfcodec64.dll
  402. [2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
  403. [2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
  404. [2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
  405. [2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
  406. [2012.07.26 02:48:53 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
  407. [2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
  408. [2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
  409. [2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
  410.  
  411. [color=#E56717]========== ZeroAccess Check ==========[/color]
  412.  
  413.  
  414. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  415.  
  416. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  417.  
  418. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
  419.  
  420. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  421.  
  422. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  423. "" = C:\Windows\SysNative\shell32.dll -- [2012.07.26 05:07:16 | 019,779,584 | ---- | M] (Microsoft Corporation)
  424. "ThreadingModel" = Apartment
  425.  
  426. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  427. "" = %SystemRoot%\system32\shell32.dll -- [2012.07.26 05:19:59 | 017,559,552 | ---- | M] (Microsoft Corporation)
  428. "ThreadingModel" = Apartment
  429.  
  430. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
  431. "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
  432. "ThreadingModel" = Free
  433.  
  434. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  435. "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
  436. "ThreadingModel" = Free
  437.  
  438. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
  439. "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
  440. "ThreadingModel" = Both
  441.  
  442. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  443.  
  444. [color=#E56717]========== Custom Scans ==========[/color]
  445.  
  446. [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
  447.  
  448. [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
  449. [2012.07.26 05:50:01 | 002,114,936 | ---- | M] (Microsoft Corporation) MD5=5B6ED1B57DBFF18D405A0260559B571E -- C:\Windows\SysWOW64\explorer.exe
  450. [2012.07.26 05:50:01 | 002,114,936 | ---- | M] (Microsoft Corporation) MD5=5B6ED1B57DBFF18D405A0260559B571E -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_b4d2f8c937e166b1\explorer.exe
  451. [2012.07.26 06:49:13 | 002,380,440 | ---- | M] (Microsoft Corporation) MD5=928791755FDDEA721B053535EF84FA17 -- C:\Windows\explorer.exe
  452. [2012.07.26 06:49:13 | 002,380,440 | ---- | M] (Microsoft Corporation) MD5=928791755FDDEA721B053535EF84FA17 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_aa7e4e770380a4b6\explorer.exe
  453.  
  454. [color=#A23BEC]< MD5 for: SERVICES >[/color]
  455. [2012.07.26 07:26:47 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\WinSxS\amd64_microsoft-windows-w..ucture-other-minwin_31bf3856ad364e35_6.2.9200.16384_none_8e0944daeed62829\services
  456.  
  457. [color=#A23BEC]< MD5 for: SERVICES.EXE >[/color]
  458. [2012.07.26 07:26:45 | 000,410,624 | ---- | M] (Microsoft Corporation) MD5=754A2CC1F32107EA87CBD305ABE3E618 -- C:\Windows\SysNative\services.exe
  459. [2012.07.26 07:26:45 | 000,410,624 | ---- | M] (Microsoft Corporation) MD5=754A2CC1F32107EA87CBD305ABE3E618 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.16384_none_97e26cd38667756c\services.exe
  460.  
  461. [color=#A23BEC]< MD5 for: SERVICES.EXE.MUI >[/color]
  462. [2012.07.26 09:48:33 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=8BCB19134E995FA62587DCE26E13B36C -- C:\Windows\SysNative\en-US\services.exe.mui
  463. [2012.07.26 09:48:33 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=8BCB19134E995FA62587DCE26E13B36C -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.2.9200.16384_en-us_c2c6ee7bafb963b8\services.exe.mui
  464.  
  465. [color=#A23BEC]< MD5 for: SERVICES.JS >[/color]
  466. [2012.07.26 09:54:06 | 000,056,775 | ---- | M] () MD5=33C1E65B760A9589F6DE37F64941E449 -- C:\Program Files\WindowsApps\Microsoft.BingFinance_1.2.0.135_x64__8wekyb3d8bbwe\platform\js\services.js
  467. [2012.07.26 09:53:58 | 000,056,775 | ---- | M] () MD5=33C1E65B760A9589F6DE37F64941E449 -- C:\Program Files\WindowsApps\Microsoft.BingNews_1.2.0.135_x64__8wekyb3d8bbwe\platform\js\services.js
  468. [2012.07.26 09:53:55 | 000,056,775 | ---- | M] () MD5=33C1E65B760A9589F6DE37F64941E449 -- C:\Program Files\WindowsApps\Microsoft.BingSports_1.2.0.135_x64__8wekyb3d8bbwe\platform\js\services.js
  469. [2012.07.26 09:54:33 | 000,056,775 | ---- | M] () MD5=33C1E65B760A9589F6DE37F64941E449 -- C:\Program Files\WindowsApps\Microsoft.BingTravel_1.2.0.145_x64__8wekyb3d8bbwe\platform\js\services.js
  470. [2012.07.26 09:54:01 | 000,056,775 | ---- | M] () MD5=33C1E65B760A9589F6DE37F64941E449 -- C:\Program Files\WindowsApps\Microsoft.BingWeather_1.2.0.135_x64__8wekyb3d8bbwe\platform\js\services.js
  471.  
  472. [color=#A23BEC]< MD5 for: SERVICES.LNK >[/color]
  473. [2012.07.25 22:19:37 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
  474. [2012.07.25 22:19:37 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
  475. [2012.07.25 22:19:37 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.2.9200.16384_none_282d8a08cf7f1ada\services.lnk
  476.  
  477. [color=#A23BEC]< MD5 for: SERVICES.MOCHIADS.COM.SOL >[/color]
  478. [2012.10.10 10:05:49 | 000,000,351 | ---- | M] () MD5=C2D17BF746539AA90A905319A8D7C83C -- C:\Users\Hrvoje\AppData\Local\Google\Chrome\User Data\Default\Pepper Data\Shockwave Flash\WritableRoot\#SharedObjects\HW2YJ2K7\mochiads.com\services.mochiads.com.sol
  479.  
  480. [color=#A23BEC]< MD5 for: SERVICES.MOF >[/color]
  481. [2012.06.02 16:35:05 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\SysNative\wbem\services.mof
  482. [2012.06.02 16:35:05 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.2.9200.16384_none_282967cc570d3701\services.mof
  483.  
  484. [color=#A23BEC]< MD5 for: SERVICES.MSC >[/color]
  485. [2012.07.26 09:48:57 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysNative\en-US\services.msc
  486. [2012.06.02 16:31:20 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysNative\services.msc
  487. [2012.07.26 09:48:57 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysWOW64\en-US\services.msc
  488. [2012.06.02 16:31:13 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysWOW64\services.msc
  489. [2012.07.26 09:48:57 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.2.9200.16384_en-us_fd08be678622fdab\services.msc
  490. [2012.06.02 16:31:20 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.2.9200.16384_none_282d8a08cf7f1ada\services.msc
  491. [2012.06.02 16:31:13 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\wow64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.2.9200.16384_none_3282345b03dfdcd5\services.msc
  492. [2012.07.26 09:48:57 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.2.9200.16384_en-us_a0ea22e3cdc58c75\services.msc
  493.  
  494. [color=#A23BEC]< MD5 for: SERVICES.PTXML >[/color]
  495. [2012.07.25 22:30:54 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\SysNative\wdi\perftrack\Services.ptxml
  496. [2012.07.25 22:30:54 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.2.9200.16384_none_282967cc570d3701\Services.ptxml
  497.  
  498. [color=#A23BEC]< MD5 for: SVCHOST.EXE >[/color]
  499. [2012.07.26 05:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=0A175AF8B65797BD22C11903A8BFEB2D -- C:\Windows\SysWOW64\svchost.exe
  500. [2012.07.26 05:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation) MD5=0A175AF8B65797BD22C11903A8BFEB2D -- C:\Windows\WinSxS\x86_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_b2666581d6b482a6\svchost.exe
  501. [2012.07.26 05:08:47 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=57350BEDE3834915B6145B67C71C7BDA -- C:\Windows\SysNative\svchost.exe
  502. [2012.07.26 05:08:47 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=57350BEDE3834915B6145B67C71C7BDA -- C:\Windows\WinSxS\amd64_microsoft-windows-services-svchost_31bf3856ad364e35_6.2.9200.16384_none_0e8501058f11f3dc\svchost.exe
  503.  
  504. [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
  505. [2012.07.26 05:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\Windows\SysNative\userinit.exe
  506. [2012.07.26 05:08:49 | 000,025,088 | ---- | M] (Microsoft Corporation) MD5=0E925F7BA032920D58DD284B6181A247 -- C:\Windows\WinSxS\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_34f2617a5b742e02\userinit.exe
  507. [2012.07.26 05:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\SysWOW64\userinit.exe
  508. [2012.07.26 05:21:00 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=9F6289D194A04A09671FEED4B6CB6EF7 -- C:\Windows\WinSxS\x86_microsoft-windows-userinit_31bf3856ad364e35_6.2.9200.16384_none_d8d3c5f6a316bccc\userinit.exe
  509.  
  510. [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
  511. [2012.07.26 05:08:50 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=93AB226C07A9789B2EC7B41F73602F76 -- C:\Windows\SysNative\winlogon.exe
  512. [2012.07.26 05:08:50 | 000,516,608 | ---- | M] (Microsoft Corporation) MD5=93AB226C07A9789B2EC7B41F73602F76 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16384_none_c88ca87b5eb5b1ec\winlogon.exe
  513.  
  514. [color=#A23BEC]< c:\windows\installer\@ /s >[/color]
  515.  
  516. [color=#A23BEC]< c:\windows\installer\*.@ /s >[/color]
  517.  
  518. [color=#A23BEC]< %systemdrive%\$Recycle.Bin|@;true;true;true >[/color]
  519.  
  520. [color=#A23BEC]< HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS /s >[/color]
  521. "DisplayName" = @%SystemRoot%\system32\qmgr.dll,-1000
  522. "ErrorControl" = 1
  523. "ImagePath" = %SystemRoot%\System32\svchost.exe -k netsvcs -- [2012.07.26 05:20:58 | 000,023,040 | ---- | M] (Microsoft Corporation)
  524. "Start" = 3
  525. "Type" = 32
  526. "Description" = @%SystemRoot%\system32\qmgr.dll,-1001
  527. "DependOnService" = RpcSsEventSystem [binary data]
  528. "ObjectName" = LocalSystem
  529. "ServiceSidType" = 1
  530. "RequiredPrivileges" = SeCreateGlobalPrivilegeSeImperson [Binary data over 200 bytes]
  531. "DelayedAutoStart" = 1
  532. "FailureActions" = 80 51 01 00 00 00 00 00 00 00 00 00 03 00 00 00 14 00 00 00 01 00 00 00 60 EA 00 00 01 00 00 00 C0 D4 01 00 00 00 00 00 00 00 00 00 [binary data]
  533. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Parameters]
  534. "ServiceDll" = %SystemRoot%\System32\qmgr.dll
  535. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Performance]
  536. "Close" = PerfMon_Close
  537. "Open" = PerfMon_Open
  538. "Collect" = PerfMon_Collect
  539. "Library" = C:\Windows\System32\bitsperf.dll -- [2012.07.26 05:18:01 | 000,018,944 | ---- | M] (Microsoft Corporation)
  540. "InstallType" = 1
  541. "PerfIniFile" = bitsctrs.ini
  542. "First Counter" = 5164
  543. "Last Counter" = 5180
  544. "First Help" = 5165
  545. "Last Help" = 5181
  546. "Object List" = 5164
  547. "PerfMMFileName" = Global\MMF_BITS_s
  548. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BITS\Security]
  549. "Security" = 01 00 14 80 90 00 00 00 A0 00 00 00 14 00 00 00 34 00 00 00 02 00 20 00 01 00 00 00 02 C0 18 00 00 00 0C 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 02 00 5C 00 04 00 00 00 00 02 14 00 FF 01 0F 00 01 01 00 00 00 00 00 05 12 00 00 00 00 00 18 00 FF 01 0F 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 04 00 00 00 00 00 14 00 8D 01 02 00 01 01 00 00 00 00 00 05 06 00 00 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 01 02 00 00 00 00 00 05 20 00 00 00 20 02 00 00 [Binary data over 200 bytes]
  550.  
  551. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!