API tools faq
paste
Advertisement
Guest User

extras & otl

a guest
Oct 21st, 2012
335
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 57.56 KB | None | 0 0
raw download clone embed print report
  1. extras.txt
  2. OTL Extras logfile created on: 10/21/2012 11:45:56 AM - Run 1
  3. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Milos\Downloads
  4. 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
  5. Internet Explorer (Version = 8.0.7600.16385)
  6. Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
  7.  
  8. 3.47 Gb Total Physical Memory | 2.17 Gb Available Physical Memory | 62.46% Memory free
  9. 6.93 Gb Paging File | 5.34 Gb Available in Paging File | 77.02% Paging File free
  10. Paging file location(s): ?:\pagefile.sys [binary data]
  11.  
  12. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
  13. Drive C: | 88.94 Gb Total Space | 66.09 Gb Free Space | 74.31% Space Free | Partition Type: NTFS
  14. Drive D: | 60.01 Gb Total Space | 50.07 Gb Free Space | 83.43% Space Free | Partition Type: NTFS
  15. Drive F: | 1.86 Gb Total Space | 1.60 Gb Free Space | 85.84% Space Free | Partition Type: FAT
  16.  
  17. Computer Name: MILOS-PC | User Name: Milos | Logged in as Administrator.
  18. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
  19. Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
  20.  
  21. [color=#E56717]========== Extra Registry (SafeList) ==========[/color]
  22.  
  23.  
  24. [color=#E56717]========== File Associations ==========[/color]
  25.  
  26. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
  27. .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
  28.  
  29. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
  30. .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
  31.  
  32. [color=#E56717]========== Shell Spawning ==========[/color]
  33.  
  34. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
  35. batfile [open] -- "%1" %*
  36. cmdfile [open] -- "%1" %*
  37. comfile [open] -- "%1" %*
  38. exefile [open] -- "%1" %*
  39. helpfile [open] -- Reg Error: Key error.
  40. htmlfile [edit] -- Reg Error: Key error.
  41. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
  42. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
  43. InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
  44. InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
  45. piffile [open] -- "%1" %*
  46. regfile [merge] -- Reg Error: Key error.
  47. scrfile [config] -- "%1"
  48. scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
  49. scrfile [open] -- "%1" /S
  50. txtfile [edit] -- Reg Error: Key error.
  51. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
  52. Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
  53. Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
  54. Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
  55. Folder [explore] -- Reg Error: Value error.
  56. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
  57.  
  58. [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
  59. batfile [open] -- "%1" %*
  60. cmdfile [open] -- "%1" %*
  61. comfile [open] -- "%1" %*
  62. cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
  63. exefile [open] -- "%1" %*
  64. helpfile [open] -- Reg Error: Key error.
  65. htmlfile [edit] -- Reg Error: Key error.
  66. htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
  67. inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
  68. piffile [open] -- "%1" %*
  69. regfile [merge] -- Reg Error: Key error.
  70. scrfile [config] -- "%1"
  71. scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
  72. scrfile [open] -- "%1" /S
  73. txtfile [edit] -- Reg Error: Key error.
  74. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
  75. Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
  76. Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
  77. Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
  78. Folder [explore] -- Reg Error: Value error.
  79. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
  80.  
  81. [color=#E56717]========== Security Center Settings ==========[/color]
  82.  
  83. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
  84. "cval" = 1
  85.  
  86. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
  87.  
  88. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
  89. "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
  90. "AntiVirusOverride" = 0
  91. "AntiSpywareOverride" = 0
  92. "FirewallOverride" = 0
  93.  
  94. [b]64bit:[/b] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
  95.  
  96. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
  97.  
  98. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
  99.  
  100. [color=#E56717]========== Firewall Settings ==========[/color]
  101.  
  102. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
  103. "DisableNotifications" = 0
  104. "EnableFirewall" = 1
  105.  
  106. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
  107. "DisableNotifications" = 0
  108. "EnableFirewall" = 0
  109.  
  110. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
  111. "DisableNotifications" = 0
  112. "EnableFirewall" = 0
  113.  
  114. [color=#E56717]========== Authorized Applications List ==========[/color]
  115.  
  116. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
  117.  
  118. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
  119.  
  120.  
  121. [color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
  122.  
  123. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
  124. "{0BD4881A-20B0-40A3-9D77-5F5F10CD99B4}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
  125. "{0D3602EF-3612-4F9D-9B71-205599F58146}" = rport=10243 | protocol=6 | dir=out | app=system |
  126. "{2149D849-441A-4EEE-B657-8C9481660701}" = rport=138 | protocol=17 | dir=out | app=system |
  127. "{3BD02DFE-30E0-4E4B-91EC-0254BCCB20EE}" = rport=139 | protocol=6 | dir=out | app=system |
  128. "{4BF2D176-B7B1-44A7-8EED-0F4EDCF3A17F}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
  129. "{607F0A03-C84D-40DE-A2D7-68E441F4FE59}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
  130. "{68AB4D3C-5FAF-42C2-B2F9-5AB244F43C5A}" = rport=445 | protocol=6 | dir=out | app=system |
  131. "{6D5DF886-7E7E-4CD5-9FE2-BB91C93AD9C4}" = rport=137 | protocol=17 | dir=out | app=system |
  132. "{74950DD0-F95C-4076-9CA6-8B4AD1CCF13D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
  133. "{81BB071F-A4B2-4E9E-9D3E-78754427D8B7}" = lport=2869 | protocol=6 | dir=in | app=system |
  134. "{8273E80B-F3BD-4CBF-8AEB-704930EC78E8}" = lport=10243 | protocol=6 | dir=in | app=system |
  135. "{838DD106-5A16-4CAE-95B4-D2CE81B62103}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
  136. "{9DB1326C-5C54-40A3-91D6-B0EBBD3012E1}" = lport=445 | protocol=6 | dir=in | app=system |
  137. "{ACAE290C-FF8B-48B7-A260-D383DC7C8014}" = lport=139 | protocol=6 | dir=in | app=system |
  138. "{B3048E12-1435-4321-9B55-0C0B772649C3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
  139. "{C7325246-E25A-49D6-AAE5-C0F355BBB272}" = lport=138 | protocol=17 | dir=in | app=system |
  140. "{D2B5B1EA-EB48-4FC2-A2D6-185A8232F942}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
  141. "{D3CFB3F3-B78B-43F6-A806-15E5054FB595}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
  142. "{DF95CDA3-B4A0-4CFB-96C7-88D323F7E6F6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
  143. "{E7284D73-55DD-41F0-9EBB-6D21287E3260}" = lport=137 | protocol=17 | dir=in | app=system |
  144. "{F0514E04-C674-4A59-A987-FEDA3460DBEF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
  145.  
  146. [color=#E56717]========== Vista Active Application Exception List ==========[/color]
  147.  
  148. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
  149. "{119D3CF4-D0B7-4E8A-A23F-8AE4D08EC7A1}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
  150. "{12CDDE62-AAC7-495A-AB9E-2B0C5BA0CBD1}" = protocol=17 | dir=in | app=d:\pes 13\pes2013.exe |
  151. "{16180243-7923-4D63-91E3-A8C8686765A4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
  152. "{168F3002-988E-4DB2-BFF5-CB2B82130AA3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
  153. "{214EF66B-5FF2-4FA0-B461-F6A6393671B4}" = protocol=6 | dir=in | app=d:\launcher.exe |
  154. "{2BC8B756-AD49-4E30-AED9-3DF6692CFCFE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
  155. "{2D301536-2A80-4751-9D74-6DF118207E98}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
  156. "{39832FD5-31E8-49C0-A0E8-B5F8875C0AC1}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
  157. "{43577985-49D8-4315-B079-E25E90EBB99D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
  158. "{45966706-B1A3-4D7D-8982-FC4EA7A7676F}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
  159. "{478B0E32-A9F7-4746-859F-0F15E47B4B0F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
  160. "{4BDEA4A3-D206-4FF9-AB18-32700A516255}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
  161. "{4F4C3FCE-EB3F-4B94-9B55-8BCB227601D5}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
  162. "{50E04929-C740-404A-8DEB-7C44A9406389}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
  163. "{575B8738-5515-496E-A76E-B4229EC0CAD2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
  164. "{592D5B33-5B6B-4B7D-A80C-39A9EA3A5F8C}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
  165. "{63CF57B1-E89C-45A8-B3FA-7E649536A100}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
  166. "{65074C1E-D857-494E-9655-37280F2DF371}" = protocol=6 | dir=in | app=d:\pes 13\pes2013.exe |
  167. "{67CA03E9-14B3-45A8-93DB-32264DA2EAAD}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
  168. "{6968EF0E-71C7-4C7D-A7C7-18CB6A447705}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
  169. "{6D059C18-C1E6-45AA-9228-8D09731B4833}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
  170. "{6E9393FE-D595-4AAE-A742-14FF51777F6D}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
  171. "{7D137B2C-E4A3-41CE-B030-5D0D1F2F94B5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
  172. "{89A3D9B1-EEED-40EE-BF81-030C1212609C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
  173. "{94B54A09-279E-4846-8E3D-EC83B4B5177E}" = protocol=17 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
  174. "{9868DCB6-EC4D-4C7C-AF20-7CC16BE59675}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
  175. "{A479A47F-2215-4DCF-9E43-432CC859236C}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe |
  176. "{A4882EAE-9E89-46F2-9974-0B22113C9D97}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
  177. "{AEE9DB96-3645-429F-B000-D1C9CE1D533D}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
  178. "{AF796954-4F92-4854-9AA6-CDC801CB0AD2}" = protocol=17 | dir=in | app=d:\launcher.exe |
  179. "{C293D547-5D6B-4F1E-BE14-C9B841E33074}" = protocol=6 | dir=out | app=system |
  180. "{D6D40DAF-3B0F-48C1-8577-66BAA73894F3}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
  181. "{D7155D23-9446-4F42-A578-F60121C157DA}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
  182. "{DC220287-E2D7-42E3-AAD3-96EFB247E827}" = protocol=6 | dir=in | app=c:\windows\system32\dmwu.exe |
  183. "{E17159CB-6510-40BC-BC01-12F468651264}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
  184. "{EC8C084E-BBEA-4D16-90FC-CC34A8EF98E3}" = protocol=6 | dir=in | app=c:\windows\system32\arfc\wrtc.exe |
  185. "{F1613290-1CEC-48AF-A304-75686F317F57}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
  186. "{F37C6BA7-EF7F-4837-AC0E-AA112F7E7C7B}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
  187. "{FF4D0619-F3DC-4BEE-AD9E-A9BE0FF13450}" = protocol=17 | dir=in | app=c:\windows\system32\dmwu.exe |
  188. "TCP Query User{6C05FC0F-46B5-4B6F-AF43-EFF04F54633A}C:\skypeportable\app\skype\phone\skype.exe" = protocol=6 | dir=in | app=c:\skypeportable\app\skype\phone\skype.exe |
  189. "UDP Query User{EDDD0B02-5DA6-436D-973A-C404BB5E09BA}C:\skypeportable\app\skype\phone\skype.exe" = protocol=17 | dir=in | app=c:\skypeportable\app\skype\phone\skype.exe |
  190.  
  191. [color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
  192.  
  193. 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
  194. "{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Portable Photoshop CS2
  195. "{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
  196. "{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
  197. "{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
  198. "{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
  199. "Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
  200. "Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
  201. "WinRAR archiver" = WinRAR 4.00 (64-bit)
  202.  
  203. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
  204. "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
  205. "{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
  206. "{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
  207. "{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Graphics Media Accelerator Driver
  208. "{FA309CFA-284A-437A-86AF-E55BA40CFC12}" = PokIt
  209. "MCShield" = MCShield ::Anti-Malware Tool::
  210. "PowerISO" = PowerISO
  211. "uTorrent" = µTorrent
  212.  
  213. [color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
  214.  
  215. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
  216. "Google Chrome" = Google Chrome
  217.  
  218. [color=#E56717]========== Last 20 Event Log Errors ==========[/color]
  219.  
  220. [ Application Events ]
  221. Error - 10/16/2012 12:54:24 PM | Computer Name = Milos-PC | Source = Application Error | ID = 1000
  222. Description = Faulting application name: speed.exe, version: 0.0.0.0, time stamp:
  223. 0x438ae75e Faulting module name: speed.exe, version: 0.0.0.0, time stamp: 0x438ae75e
  224. Exception
  225. code: 0xc0000005 Fault offset: 0x00000f2f Faulting process id: 0xefc Faulting application
  226. start time: 0x01cdabbee4fa6746 Faulting application path: D:\NFS Most Wanted\speed.exe
  227. Faulting
  228. module path: D:\NFS Most Wanted\speed.exe Report Id: 22e655ac-17b2-11e2-8a5f-0021862be022
  229.  
  230. Error - 10/16/2012 12:55:41 PM | Computer Name = Milos-PC | Source = Application Error | ID = 1000
  231. Description = Faulting application name: speed.exe, version: 0.0.0.0, time stamp:
  232. 0x438ae75e Faulting module name: speed.exe, version: 0.0.0.0, time stamp: 0x438ae75e
  233. Exception
  234. code: 0xc0000005 Fault offset: 0x00000f2f Faulting process id: 0xf74 Faulting application
  235. start time: 0x01cdabbf12b8aafd Faulting application path: D:\NFS Most Wanted\speed.exe
  236. Faulting
  237. module path: D:\NFS Most Wanted\speed.exe Report Id: 50c1e5d1-17b2-11e2-8a5f-0021862be022
  238.  
  239. Error - 10/16/2012 12:56:02 PM | Computer Name = Milos-PC | Source = Application Error | ID = 1000
  240. Description = Faulting application name: speed.exe, version: 0.0.0.0, time stamp:
  241. 0x438ae75e Faulting module name: speed.exe, version: 0.0.0.0, time stamp: 0x438ae75e
  242. Exception
  243. code: 0xc0000005 Fault offset: 0x00000f2f Faulting process id: 0x7d8 Faulting application
  244. start time: 0x01cdabbf1fb45ff8 Faulting application path: D:\NFS Most Wanted\speed.exe
  245. Faulting
  246. module path: D:\NFS Most Wanted\speed.exe Report Id: 5d8d1436-17b2-11e2-8a5f-0021862be022
  247.  
  248. Error - 10/16/2012 12:58:09 PM | Computer Name = Milos-PC | Source = Application Error | ID = 1000
  249. Description = Faulting application name: speed.exe, version: 0.0.0.0, time stamp:
  250. 0x438ae75e Faulting module name: speed.exe, version: 0.0.0.0, time stamp: 0x438ae75e
  251. Exception
  252. code: 0xc0000005 Fault offset: 0x00000f2f Faulting process id: 0xb6c Faulting application
  253. start time: 0x01cdabbf6a750a41 Faulting application path: D:\NFS Most Wanted\speed.exe
  254. Faulting
  255. module path: D:\NFS Most Wanted\speed.exe Report Id: a935b4c1-17b2-11e2-8a5f-0021862be022
  256.  
  257. Error - 10/16/2012 1:18:32 PM | Computer Name = Milos-PC | Source = Application Error | ID = 1000
  258. Description = Faulting application name: speed.exe, version: 0.0.0.0, time stamp:
  259. 0x438ae75e Faulting module name: speed.exe, version: 0.0.0.0, time stamp: 0x438ae75e
  260. Exception
  261. code: 0xc0000005 Fault offset: 0x00000f2f Faulting process id: 0xb80 Faulting application
  262. start time: 0x01cdabc2429cbbc0 Faulting application path: D:\NFS Most Wanted\speed.exe
  263. Faulting
  264. module path: D:\NFS Most Wanted\speed.exe Report Id: 81fa8112-17b5-11e2-860d-0021862be022
  265.  
  266. Error - 10/17/2012 4:19:08 PM | Computer Name = Milos-PC | Source = Application Error | ID = 1000
  267. Description = Faulting application name: speed.exe, version: 0.0.0.0, time stamp:
  268. 0x438ae75e Faulting module name: speed.exe, version: 0.0.0.0, time stamp: 0x438ae75e
  269. Exception
  270. code: 0xc0000005 Fault offset: 0x00000f2f Faulting process id: 0xfdc Faulting application
  271. start time: 0x01cdaca4a8c7bdfb Faulting application path: D:\NFS Most Wanted\speed.exe
  272. Faulting
  273. module path: D:\NFS Most Wanted\speed.exe Report Id: e761cdf2-1897-11e2-821a-0021862be022
  274.  
  275. Error - 10/17/2012 4:28:28 PM | Computer Name = Milos-PC | Source = Application Error | ID = 1000
  276. Description = Faulting application name: speed.exe, version: 0.0.0.0, time stamp:
  277. 0x438ae75e Faulting module name: speed.exe, version: 0.0.0.0, time stamp: 0x438ae75e
  278. Exception
  279. code: 0xc0000005 Fault offset: 0x00000f2f Faulting process id: 0xfc0 Faulting application
  280. start time: 0x01cdaca5f6c52084 Faulting application path: D:\NFS Most Wanted\speed.exe
  281. Faulting
  282. module path: D:\NFS Most Wanted\speed.exe Report Id: 350a2cb8-1899-11e2-821a-0021862be022
  283.  
  284. Error - 10/17/2012 4:28:30 PM | Computer Name = Milos-PC | Source = Application Error | ID = 1000
  285. Description = Faulting application name: speed.exe, version: 0.0.0.0, time stamp:
  286. 0x438ae75e Faulting module name: speed.exe, version: 0.0.0.0, time stamp: 0x438ae75e
  287. Exception
  288. code: 0xc0000005 Fault offset: 0x00000f2f Faulting process id: 0xad4 Faulting application
  289. start time: 0x01cdaca5f89fdae7 Faulting application path: D:\NFS Most Wanted\speed.exe
  290. Faulting
  291. module path: D:\NFS Most Wanted\speed.exe Report Id: 365c7b3c-1899-11e2-821a-0021862be022
  292.  
  293. Error - 10/17/2012 4:29:29 PM | Computer Name = Milos-PC | Source = Application Error | ID = 1000
  294. Description = Faulting application name: speed.exe, version: 0.0.0.0, time stamp:
  295. 0x438ae75e Faulting module name: speed.exe, version: 0.0.0.0, time stamp: 0x438ae75e
  296. Exception
  297. code: 0xc0000005 Fault offset: 0x00000f2f Faulting process id: 0xda4 Faulting application
  298. start time: 0x01cdaca61b7524c9 Faulting application path: D:\NFS Most Wanted\speed.exe
  299. Faulting
  300. module path: D:\NFS Most Wanted\speed.exe Report Id: 5939665b-1899-11e2-821a-0021862be022
  301.  
  302. Error - 10/20/2012 8:34:32 AM | Computer Name = Milos-PC | Source = Application Error | ID = 1000
  303. Description = Faulting application name: everest.exe, version: 0.0.0.0, time stamp:
  304. 0x2a425e19 Faulting module name: ntdll.dll, version: 6.1.7600.16385, time stamp:
  305. 0x4a5bdb3b Exception code: 0xc0000005 Fault offset: 0x000589f4 Faulting process id:
  306. 0xc10 Faulting application start time: 0x01cdaebf3b98b1c4 Faulting application path:
  307. C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\everest.exe Faulting module
  308. path: C:\Windows\SysWOW64\ntdll.dll Report Id: 7f32b805-1ab2-11e2-8196-0021862be022
  309.  
  310. [ System Events ]
  311. Error - 10/9/2012 3:19:13 AM | Computer Name = Milos-PC | Source = Service Control Manager | ID = 7024
  312. Description = The Windows Search service terminated with service-specific error
  313. %%-1073473535.
  314.  
  315. Error - 10/9/2012 3:19:13 AM | Computer Name = Milos-PC | Source = Service Control Manager | ID = 7031
  316. Description = The Windows Search service terminated unexpectedly. It has done this
  317. 1 time(s). The following corrective action will be taken in 30000 milliseconds:
  318. Restart the service.
  319.  
  320. Error - 10/13/2012 3:51:10 AM | Computer Name = Milos-PC | Source = Service Control Manager | ID = 7034
  321. Description = The PnkBstrA service terminated unexpectedly. It has done this 1
  322. time(s).
  323.  
  324. Error - 10/14/2012 5:27:08 AM | Computer Name = Milos-PC | Source = Service Control Manager | ID = 7034
  325. Description = The PnkBstrA service terminated unexpectedly. It has done this 1
  326. time(s).
  327.  
  328. Error - 10/14/2012 8:43:11 AM | Computer Name = Milos-PC | Source = Service Control Manager | ID = 7034
  329. Description = The PnkBstrA service terminated unexpectedly. It has done this 1
  330. time(s).
  331.  
  332. Error - 10/14/2012 8:43:18 AM | Computer Name = Milos-PC | Source = Service Control Manager | ID = 7031
  333. Description = The Windows Media Player Network Sharing Service service terminated
  334. unexpectedly. It has done this 1 time(s). The following corrective action will
  335. be taken in 30000 milliseconds: Restart the service.
  336.  
  337. Error - 10/15/2012 2:33:31 PM | Computer Name = Milos-PC | Source = Service Control Manager | ID = 7034
  338. Description = The PnkBstrA service terminated unexpectedly. It has done this 1
  339. time(s).
  340.  
  341. Error - 10/20/2012 4:31:32 AM | Computer Name = Milos-PC | Source = Service Control Manager | ID = 7034
  342. Description = The PnkBstrA service terminated unexpectedly. It has done this 1
  343. time(s).
  344.  
  345. Error - 10/20/2012 8:29:11 AM | Computer Name = Milos-PC | Source = Service Control Manager | ID = 7000
  346. Description = The FinalWire AIDA64 Kernel Driver service failed to start due to
  347. the following error: %%2
  348.  
  349. Error - 10/20/2012 8:34:23 AM | Computer Name = Milos-PC | Source = Service Control Manager | ID = 7000
  350. Description = The Lavalys EVEREST Kernel Driver service failed to start due to the
  351. following error: %%3
  352.  
  353.  
  354. < End of report >
  355.  
  356. *********************************************************************************************************
  357. ************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************
  358. otl.txt
  359.  
  360. OTL logfile created on: 10/21/2012 11:45:56 AM - Run 1
  361. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Milos\Downloads
  362. 64bit- Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
  363. Internet Explorer (Version = 8.0.7600.16385)
  364. Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
  365.  
  366. 3.47 Gb Total Physical Memory | 2.17 Gb Available Physical Memory | 62.46% Memory free
  367. 6.93 Gb Paging File | 5.34 Gb Available in Paging File | 77.02% Paging File free
  368. Paging file location(s): ?:\pagefile.sys [binary data]
  369.  
  370. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
  371. Drive C: | 88.94 Gb Total Space | 66.09 Gb Free Space | 74.31% Space Free | Partition Type: NTFS
  372. Drive D: | 60.01 Gb Total Space | 50.07 Gb Free Space | 83.43% Space Free | Partition Type: NTFS
  373. Drive F: | 1.86 Gb Total Space | 1.60 Gb Free Space | 85.84% Space Free | Partition Type: FAT
  374.  
  375. Computer Name: MILOS-PC | User Name: Milos | Logged in as Administrator.
  376. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
  377. Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
  378.  
  379. [color=#E56717]========== Processes (SafeList) ==========[/color]
  380.  
  381. PRC - [2012/10/21 11:45:21 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Milos\Downloads\OTL.scr
  382. PRC - [2012/10/13 22:16:16 | 000,722,944 | ---- | M] (MyCity) -- D:\MCShield\MCShieldCC.exe
  383. PRC - [2012/10/13 22:16:16 | 000,606,208 | ---- | M] (MyCity) -- D:\MCShield\MCShieldRTM.exe
  384. PRC - [2012/10/09 13:59:31 | 000,963,984 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files (x86)\uTorrent\uTorrent.exe
  385. PRC - [2012/09/16 16:11:23 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
  386. PRC - [2011/07/01 13:07:26 | 006,127,104 | ---- | M] (Teo Eterovic) -- C:\Program Files (x86)\PokIt\PokIt.exe
  387.  
  388.  
  389. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  390.  
  391. MOD - [2012/10/10 12:06:15 | 000,460,312 | ---- | M] () -- C:\Users\Milos\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppgooglenaclpluginchrome.dll
  392. MOD - [2012/10/10 12:06:13 | 012,435,992 | ---- | M] () -- C:\Users\Milos\AppData\Local\Google\Chrome\Application\22.0.1229.94\PepperFlash\pepflashplayer.dll
  393. MOD - [2012/10/10 12:06:12 | 004,005,912 | ---- | M] () -- C:\Users\Milos\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
  394. MOD - [2012/10/10 12:04:57 | 000,578,072 | ---- | M] () -- C:\Users\Milos\AppData\Local\Google\Chrome\Application\22.0.1229.94\libglesv2.dll
  395. MOD - [2012/10/10 12:04:55 | 000,123,928 | ---- | M] () -- C:\Users\Milos\AppData\Local\Google\Chrome\Application\22.0.1229.94\libegl.dll
  396. MOD - [2012/10/10 12:04:44 | 000,156,712 | ---- | M] () -- C:\Users\Milos\AppData\Local\Google\Chrome\Application\22.0.1229.94\avutil-51.dll
  397. MOD - [2012/10/10 12:04:43 | 000,275,496 | ---- | M] () -- C:\Users\Milos\AppData\Local\Google\Chrome\Application\22.0.1229.94\avformat-54.dll
  398. MOD - [2012/10/10 12:04:42 | 002,168,360 | ---- | M] () -- C:\Users\Milos\AppData\Local\Google\Chrome\Application\22.0.1229.94\avcodec-54.dll
  399.  
  400.  
  401. [color=#E56717]========== Services (SafeList) ==========[/color]
  402.  
  403. SRV:[b]64bit:[/b] - [2009/07/14 03:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
  404. SRV:[b]64bit:[/b] - [2009/07/14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
  405. SRV - [2012/09/16 16:11:23 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
  406. SRV - [2011/03/16 10:42:06 | 000,407,336 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
  407. SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
  408. SRV - [2009/06/10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
  409.  
  410.  
  411. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  412.  
  413. DRV:[b]64bit:[/b] - [2011/06/15 10:30:46 | 000,093,240 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
  414. DRV:[b]64bit:[/b] - [2011/06/03 13:34:10 | 010,628,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
  415. DRV:[b]64bit:[/b] - [2009/07/14 03:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
  416. DRV:[b]64bit:[/b] - [2009/07/14 03:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
  417. DRV:[b]64bit:[/b] - [2009/07/14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
  418. DRV:[b]64bit:[/b] - [2009/07/14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
  419. DRV:[b]64bit:[/b] - [2009/07/14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
  420. DRV:[b]64bit:[/b] - [2009/07/14 03:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
  421. DRV:[b]64bit:[/b] - [2009/07/14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
  422. DRV:[b]64bit:[/b] - [2009/07/14 01:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
  423. DRV:[b]64bit:[/b] - [2009/06/10 22:35:02 | 000,220,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k60x64.sys -- (e1kexpress)
  424. DRV:[b]64bit:[/b] - [2009/06/10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
  425. DRV:[b]64bit:[/b] - [2009/06/10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
  426. DRV:[b]64bit:[/b] - [2009/06/10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
  427. DRV:[b]64bit:[/b] - [2009/06/10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
  428. DRV - [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
  429.  
  430.  
  431. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  432.  
  433.  
  434. [color=#E56717]========== Internet Explorer ==========[/color]
  435.  
  436. IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  437. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  438. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  439. IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  440. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  441.  
  442. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredibar.com/mb174?a=6R8HROM1bJ&i=26
  443. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
  444. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
  445. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 29 AC 15 DE F9 8F CD 01 [binary data]
  446. IE - HKCU\..\SearchScopes,DefaultScope = {CFF4DB9B-135F-47c0-9269-B4C6572FD61A}
  447. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
  448. IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incredibar.com/mb174/?search={searchTerms}&loc=IB_DS&a=6R8HROM1bJ&i=26
  449. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  450.  
  451. [color=#E56717]========== FireFox ==========[/color]
  452.  
  453. FF - user.js - File not found
  454.  
  455. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  456. FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
  457. FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  458. FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Milos\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
  459. FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Milos\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
  460.  
  461. 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
  462. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox
  463. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: D:\components
  464. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: D:\plugins
  465.  
  466. [2012/09/23 16:23:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Milos\AppData\Roaming\Mozilla\Extensions
  467.  
  468. [color=#E56717]========== Chrome ==========[/color]
  469.  
  470. CHR - homepage: http://www.google.com/
  471. CHR - default_search_provider: Google (Enabled)
  472. CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
  473. CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms},
  474. CHR - homepage: http://www.google.com/
  475. CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Milos\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
  476. CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Milos\AppData\Local\Google\Chrome\Application\22.0.1229.94\gcswf32.dll
  477. CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
  478. CHR - plugin: Native Client (Enabled) = C:\Users\Milos\AppData\Local\Google\Chrome\Application\22.0.1229.94\ppGoogleNaClPluginChrome.dll
  479. CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Milos\AppData\Local\Google\Chrome\Application\22.0.1229.94\pdf.dll
  480. CHR - plugin: Google Update (Enabled) = C:\Users\Milos\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
  481. CHR - Extension: Facebook = C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnknkgccldocdogpnhbaddbdhhjiindo\2012.9.11.15967_0\
  482. CHR - Extension: Bug Online Forum = C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecgbeiddbljbameggbhbomcdjacnjjab\2012.9.11.16002_0\
  483. CHR - Extension: Gamers.ba | najve\\u0107a gamerska mre\\u017Ea na Balkanu = C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\foephebifcgggodpidklfjhhdjmipolh\2012.9.11.16019_0\
  484. CHR - Extension: AdBlock = C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.45_0\
  485. CHR - Extension: http://www.youtube.com/ = C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gljmkepedihfojjfmjambblgjemocehi\2012.9.11.15971_0\
  486. CHR - Extension: Classic Blue Theme for Google Chrome\u2122 = C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\oppbdedflbioggjkeneigjcmpomohajo\1.3_0\
  487. CHR - Extension: Google = C:\Users\Milos\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkfnmfpmpojldopedadjmmefnepbejdn\2012.9.11.15988_0\
  488.  
  489. O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
  490. O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
  491. O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
  492. O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
  493. O4 - HKCU..\Run: [MCShield Monitor] D:\MCShield\MCShieldRTM.exe (MyCity)
  494. O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
  495. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
  496. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
  497. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
  498. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoAutorun = 1
  499. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutorunSetting = 1
  500. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
  501. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  502. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
  503. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
  504. O13[b]64bit:[/b] - gopher Prefix: missing
  505. O13 - gopher Prefix: missing
  506. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
  507. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7215F5C6-0750-400B-8B5C-8CA7003D15C4}: DhcpNameServer = 192.168.1.1
  508. O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  509. O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
  510. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
  511. O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
  512. O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
  513. O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  514. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  515. O32 - HKLM CDRom: AutoRun - 1
  516. O32 - AutoRun File - [2010/05/13 14:53:30 | 000,047,104 | ---- | M] (Inside Core) - F:\AutoRunExterminator.exe -- [ FAT ]
  517. O33 - MountPoints2\F\Shell - "" = AutoRun
  518. O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\Autorun.exe
  519. O34 - HKLM BootExecute: (autocheck autochk *)
  520. O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
  521. O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
  522. O35 - HKLM\..comfile [open] -- "%1" %*
  523. O35 - HKLM\..exefile [open] -- "%1" %*
  524. O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
  525. O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
  526. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  527. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  528. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  529. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
  530. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  531.  
  532. NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
  533.  
  534. MsConfig:64bit - StartUpReg: [b]Google Update[/b] - hkey= - key= - C:\Users\Milos\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
  535. MsConfig:64bit - StartUpReg: [b]PWRISOVM.EXE[/b] - hkey= - key= - C:\Program Files (x86)\PowerISO\PWRISOVM.EXE (PowerISO Computing, Inc.)
  536. MsConfig:64bit - StartUpReg: [b]Steam[/b] - hkey= - key= - C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
  537. MsConfig:64bit - StartUpReg: [b]uTorrent[/b] - hkey= - key= - C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
  538.  
  539. Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
  540. Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
  541. Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
  542.  
  543. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  544.  
  545. [2012/10/21 11:41:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
  546. [2012/10/21 11:41:18 | 000,000,000 | ---D | C] -- C:\ProgramData\MCShield
  547. [2012/10/16 19:16:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
  548. [2012/10/16 19:15:02 | 003,157,784 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\GfxUI.exe
  549. [2012/10/16 19:15:02 | 000,510,232 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.exe
  550. [2012/10/16 19:15:02 | 000,417,560 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpers.exe
  551. [2012/10/16 19:15:02 | 000,386,840 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hkcmd.exe
  552. [2012/10/16 19:15:02 | 000,224,024 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxext.exe
  553. [2012/10/16 19:15:02 | 000,162,584 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxtray.exe
  554. [2012/10/16 19:15:01 | 015,546,880 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\ig4icd64.dll
  555. [2012/10/16 19:15:01 | 011,405,312 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\ig4icd32.dll
  556. [2012/10/16 19:15:01 | 010,628,800 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\drivers\igdkmd64.sys
  557. [2012/10/16 19:15:01 | 006,549,504 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igdumd64.dll
  558. [2012/10/16 19:15:01 | 004,967,424 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumd32.dll
  559. [2012/10/16 19:15:01 | 004,722,176 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igd10umd64.dll
  560. [2012/10/16 19:15:01 | 004,411,392 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igd10umd32.dll
  561. [2012/10/16 19:15:01 | 000,830,464 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxress.dll
  562. [2012/10/16 19:15:01 | 000,571,904 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igdumdx32.dll
  563. [2012/10/16 19:15:01 | 000,380,416 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxTMM.dll
  564. [2012/10/16 19:15:01 | 000,272,896 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdev.dll
  565. [2012/10/16 19:15:01 | 000,244,224 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxpph.dll
  566. [2012/10/16 19:15:01 | 000,228,864 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxdv32.dll
  567. [2012/10/16 19:15:01 | 000,142,336 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxdo.dll
  568. [2012/10/16 19:15:01 | 000,122,368 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxcpl.cpl
  569. [2012/10/16 19:15:01 | 000,119,808 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\gfxSrvc.dll
  570. [2012/10/16 19:15:01 | 000,108,544 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\hccutils.dll
  571. [2012/10/16 19:15:01 | 000,090,112 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxCoIn_v2413.dll
  572. [2012/10/16 19:15:01 | 000,088,576 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfra.lrc
  573. [2012/10/16 19:15:01 | 000,088,576 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxresn.lrc
  574. [2012/10/16 19:15:01 | 000,088,576 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrell.lrc
  575. [2012/10/16 19:15:01 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsky.lrc
  576. [2012/10/16 19:15:01 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrrus.lrc
  577. [2012/10/16 19:15:01 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptg.lrc
  578. [2012/10/16 19:15:01 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrplk.lrc
  579. [2012/10/16 19:15:01 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnld.lrc
  580. [2012/10/16 19:15:01 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrita.lrc
  581. [2012/10/16 19:15:01 | 000,088,064 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdeu.lrc
  582. [2012/10/16 19:15:01 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtrk.lrc
  583. [2012/10/16 19:15:01 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrsve.lrc
  584. [2012/10/16 19:15:01 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrslv.lrc
  585. [2012/10/16 19:15:01 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrptb.lrc
  586. [2012/10/16 19:15:01 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrnor.lrc
  587. [2012/10/16 19:15:01 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrhun.lrc
  588. [2012/10/16 19:15:01 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrfin.lrc
  589. [2012/10/16 19:15:01 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrenu.lrc
  590. [2012/10/16 19:15:01 | 000,087,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcsy.lrc
  591. [2012/10/16 19:15:01 | 000,087,040 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrtha.lrc
  592. [2012/10/16 19:15:01 | 000,087,040 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrdan.lrc
  593. [2012/10/16 19:15:01 | 000,086,528 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrheb.lrc
  594. [2012/10/16 19:15:01 | 000,086,528 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrara.lrc
  595. [2012/10/16 19:15:01 | 000,084,992 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrkor.lrc
  596. [2012/10/16 19:15:01 | 000,084,992 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrjpn.lrc
  597. [2012/10/16 19:15:01 | 000,083,968 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrcht.lrc
  598. [2012/10/16 19:15:01 | 000,083,968 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxrchs.lrc
  599. [2012/10/16 19:15:01 | 000,061,952 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxsrvc.dll
  600. [2012/10/16 19:15:01 | 000,027,648 | ---- | C] (Intel Corporation) -- C:\Windows\SysNative\igfxexps.dll
  601. [2012/10/16 19:15:01 | 000,023,552 | ---- | C] (Intel Corporation) -- C:\Windows\SysWow64\igfxexps32.dll
  602. [2012/10/13 21:20:25 | 000,000,000 | ---D | C] -- C:\Users\Milos\AppData\Local\Halfbrick
  603. [2012/10/13 21:19:18 | 000,000,000 | ---D | C] -- C:\Users\Milos\AppData\Local\Intel
  604. [2012/10/13 20:10:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
  605. [2012/10/13 20:06:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Team Meat
  606. [2012/10/13 14:21:23 | 000,000,000 | ---D | C] -- C:\Users\Milos\AppData\Roaming\Need for Speed World
  607. [2012/10/13 13:19:46 | 000,000,000 | ---D | C] -- C:\Users\Milos\AppData\Local\Electronic_Arts_Inc
  608. [2012/10/11 23:02:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Perion
  609. [2012/10/11 17:35:40 | 000,000,000 | ---D | C] -- C:\Users\Milos\AppData\Local\PokItUploadHistory
  610. [2012/10/11 14:15:06 | 000,000,000 | ---D | C] -- C:\Users\Milos\AppData\Local\FLT
  611. [2012/10/09 17:45:54 | 000,000,000 | ---D | C] -- C:\Users\Milos\AppData\Roaming\Yandex
  612. [2012/10/09 17:45:47 | 000,000,000 | ---D | C] -- C:\Users\Milos\AppData\Local\Yandex
  613. [2012/10/05 20:13:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Media Center Programs
  614. [2012/10/03 19:47:53 | 000,000,000 | ---D | C] -- C:\Users\Milos\AppData\Roaming\Capcom
  615. [2012/10/02 19:48:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Electronic Arts
  616. [2012/10/02 19:34:06 | 000,000,000 | ---D | C] -- C:\Users\Milos\AppData\Local\Criterion Games
  617. [2012/10/02 18:41:56 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
  618. [2012/10/02 18:41:56 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
  619. [2012/10/02 18:41:56 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
  620. [2012/10/02 18:41:49 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
  621. [2012/10/02 18:41:49 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
  622. [2012/10/02 18:41:48 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
  623. [2012/10/02 18:41:39 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
  624. [2012/10/02 18:41:39 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
  625. [2012/10/02 18:30:38 | 000,374,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys
  626. [2012/10/02 16:22:44 | 000,000,000 | ---D | C] -- C:\Users\Milos\AppData\Roaming\Thinstall
  627. [2012/10/02 16:22:44 | 000,000,000 | ---D | C] -- C:\Users\Milos\AppData\Local\Thinstall
  628. [2012/09/30 22:59:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
  629. [2012/09/23 16:28:43 | 000,000,000 | ---D | C] -- C:\Users\Milos\AppData\Roaming\Macromedia
  630. [2012/09/23 16:28:43 | 000,000,000 | ---D | C] -- C:\Users\Milos\AppData\Local\Macromedia
  631. [2012/09/23 16:28:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Macromed
  632. [2012/09/23 16:28:19 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Macromed
  633. [2012/09/23 16:23:26 | 000,000,000 | ---D | C] -- C:\Users\Milos\AppData\Roaming\Mozilla
  634. [2012/09/23 16:23:26 | 000,000,000 | ---D | C] -- C:\Users\Milos\AppData\Local\Mozilla
  635. [2012/09/22 18:11:02 | 000,000,000 | ---D | C] -- C:\Users\Milos\AppData\Roaming\Auslogics
  636. [2012/09/22 18:11:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
  637. [2012/09/22 18:10:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Auslogics
  638. [2012/09/21 21:48:11 | 000,000,000 | ---D | C] -- C:\Users\Milos\AppData\Roaming\HD Tune Pro
  639. [2012/09/21 21:48:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\HD Tune Pro
  640. [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  641.  
  642. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  643.  
  644. [2012/10/21 10:56:00 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-980070431-1005426399-2031300998-1001UA.job
  645. [2012/10/21 10:42:52 | 000,012,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  646. [2012/10/21 10:42:52 | 000,012,624 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  647. [2012/10/21 10:33:04 | 000,778,150 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
  648. [2012/10/21 10:33:04 | 000,659,580 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
  649. [2012/10/21 10:33:04 | 000,120,508 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
  650. [2012/10/21 10:28:38 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  651. [2012/10/21 10:28:33 | 2792,755,200 | -HS- | M] () -- C:\hiberfil.sys
  652. [2012/10/20 19:56:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-980070431-1005426399-2031300998-1001Core.job
  653. [2012/10/16 19:17:55 | 000,015,208 | ---- | M] () -- C:\Windows\SysNative\results.xml
  654. [2012/10/02 18:47:34 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
  655. [2012/10/02 18:27:29 | 000,275,064 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
  656. [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  657.  
  658. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  659.  
  660. [2012/10/16 19:15:02 | 000,152,856 | ---- | C] () -- C:\Windows\SysNative\difx64.exe
  661. [2012/10/16 19:15:01 | 000,005,408 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
  662. [2012/10/16 19:15:01 | 000,004,096 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
  663. [2012/10/02 18:19:16 | 000,001,945 | ---- | C] () -- C:\Windows\epplauncher.mif
  664. [2012/09/16 16:11:24 | 000,234,768 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
  665. [2012/09/16 16:11:23 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
  666. [2012/09/13 14:23:10 | 000,771,962 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
  667. [2011/02/11 19:15:08 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
  668. [2011/02/11 19:15:08 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
  669. [2011/02/11 19:15:08 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
  670.  
  671. [color=#E56717]========== ZeroAccess Check ==========[/color]
  672.  
  673. [2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
  674.  
  675. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  676.  
  677. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  678.  
  679. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
  680.  
  681. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  682.  
  683. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  684. "" = C:\Windows\SysNative\shell32.dll -- [2009/07/14 03:41:54 | 014,161,920 | ---- | M] (Microsoft Corporation)
  685. "ThreadingModel" = Apartment
  686.  
  687. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  688. "" = %SystemRoot%\system32\shell32.dll -- [2009/07/14 03:16:14 | 012,866,560 | ---- | M] (Microsoft Corporation)
  689. "ThreadingModel" = Apartment
  690.  
  691. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
  692. "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
  693. "ThreadingModel" = Free
  694.  
  695. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  696. "" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
  697. "ThreadingModel" = Free
  698.  
  699. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
  700. "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
  701. "ThreadingModel" = Both
  702.  
  703. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  704.  
  705. [color=#E56717]========== Custom Scans ==========[/color]
  706.  
  707. [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
  708.  
  709. [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*. >[/color]
  710.  
  711. [color=#A23BEC]< %ALLUSERSPROFILE%\Application Data\*.exe /s >[/color]
  712.  
  713. [color=#A23BEC]< %APPDATA%\*. >[/color]
  714. [2012/10/08 21:08:16 | 000,000,000 | ---D | M] -- C:\Users\Milos\AppData\Roaming\Adobe
  715. [2012/09/22 18:11:02 | 000,000,000 | ---D | M] -- C:\Users\Milos\AppData\Roaming\Auslogics
  716. [2012/10/03 19:47:53 | 000,000,000 | ---D | M] -- C:\Users\Milos\AppData\Roaming\Capcom
  717. [2012/09/21 21:48:11 | 000,000,000 | ---D | M] -- C:\Users\Milos\AppData\Roaming\HD Tune Pro
  718. [2012/09/11 10:39:51 | 000,000,000 | ---D | M] -- C:\Users\Milos\AppData\Roaming\Identities
  719. [2012/09/23 16:28:43 | 000,000,000 | ---D | M] -- C:\Users\Milos\AppData\Roaming\Macromedia
  720. [2009/07/14 09:45:14 | 000,000,000 | ---D | M] -- C:\Users\Milos\AppData\Roaming\Media Center Programs
  721. [2012/10/10 17:30:20 | 000,000,000 | ---D | M] -- C:\Users\Milos\AppData\Roaming\Microsoft
  722. [2012/09/23 16:23:29 | 000,000,000 | ---D | M] -- C:\Users\Milos\AppData\Roaming\Mozilla
  723. [2012/10/13 14:21:23 | 000,000,000 | ---D | M] -- C:\Users\Milos\AppData\Roaming\Need for Speed World
  724. [2012/09/19 14:13:28 | 000,000,000 | ---D | M] -- C:\Users\Milos\AppData\Roaming\Origin
  725. [2012/09/15 19:42:47 | 000,000,000 | ---D | M] -- C:\Users\Milos\AppData\Roaming\Skype
  726. [2012/10/02 16:22:44 | 000,000,000 | ---D | M] -- C:\Users\Milos\AppData\Roaming\Thinstall
  727. [2012/10/21 11:50:08 | 000,000,000 | ---D | M] -- C:\Users\Milos\AppData\Roaming\uTorrent
  728. [2012/09/12 04:11:55 | 000,000,000 | ---D | M] -- C:\Users\Milos\AppData\Roaming\WinRAR
  729. [2012/10/09 17:45:57 | 000,000,000 | ---D | M] -- C:\Users\Milos\AppData\Roaming\Yandex
  730.  
  731. [color=#A23BEC]< %APPDATA%\*.exe /s >[/color]
  732.  
  733. [color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
  734.  
  735. [color=#A23BEC]< %systemroot%\system32\drivers\*.sys >[/color]
  736. [2009/07/14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\drivers\wimmount.sys
  737.  
  738. [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
  739.  
  740. [color=#A23BEC]< %systemroot%\Tasks\*.job /lockedfiles >[/color]
  741.  
  742. [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /lockedfiles >[/color]
  743.  
  744. [color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
  745.  
  746. [color=#A23BEC]< %systemroot%\system32\drivers\*.sys /90 >[/color]
  747.  
  748. [color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
  749. [2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\SysWOW64\explorer.exe
  750. [2009/07/14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
  751. [2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\explorer.exe
  752. [2009/07/14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
  753.  
  754. [color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
  755. [2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
  756. [2009/07/14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
  757. [2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
  758. [2009/07/14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
  759.  
  760. [color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
  761. [2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\SysNative\winlogon.exe
  762. [2009/07/14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
  763.  
  764. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!