API tools faq
paste
Guest User

Untitled

a guest
Mar 22nd, 2016
81
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 50.05 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 3/22/2016 7:00:51 AM - Run 1
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ana\Desktop
  3. 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
  4. Internet Explorer (Version = 9.10.9200.17609)
  5. Locale: 00000409 | Country: Hrvatska | Language: HRV | Date Format: d.M.yyyy.
  6.  
  7. 5.95 Gb Total Physical Memory | 4.16 Gb Available Physical Memory | 69.92% Memory free
  8. 11.90 Gb Paging File | 10.04 Gb Available in Paging File | 84.38% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
  12. Drive C: | 297.70 Gb Total Space | 237.34 Gb Free Space | 79.72% Space Free | Partition Type: NTFS
  13. Drive D: | 298.08 Gb Total Space | 236.34 Gb Free Space | 79.29% Space Free | Partition Type: NTFS
  14.  
  15. Computer Name: TOSHIBA | User Name: Ana | Logged in as Administrator.
  16. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
  17. Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
  18.  
  19. [color=#E56717]========== Processes (SafeList) ==========[/color]
  20.  
  21. PRC - [2016/03/22 06:49:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ana\Desktop\OTL.com
  22. PRC - [2016/03/07 04:25:58 | 000,469,456 | ---- | M] (Glarysoft Ltd) -- C:\Program Files (x86)\Glary Utilities 5\SoftwareUpdate.exe
  23. PRC - [2015/12/11 04:27:17 | 007,021,880 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
  24. PRC - [2015/12/11 04:27:12 | 000,226,440 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
  25. PRC - [2015/04/17 13:12:48 | 000,078,032 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWOW64\rpcnet.exe
  26. PRC - [2010/12/20 18:30:38 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
  27. PRC - [2010/12/20 18:30:36 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
  28. PRC - [2010/12/03 14:57:16 | 000,304,560 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
  29. PRC - [2009/07/28 20:26:42 | 000,062,848 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
  30. PRC - [2009/03/10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
  31.  
  32.  
  33. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  34.  
  35. MOD - [2015/12/11 04:27:19 | 040,539,648 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
  36. MOD - [2015/12/11 04:27:15 | 000,469,008 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll
  37. MOD - [2015/12/11 04:27:15 | 000,103,888 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
  38. MOD - [2015/12/11 04:27:12 | 000,125,512 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
  39.  
  40.  
  41. [color=#E56717]========== Services (SafeList) ==========[/color]
  42.  
  43. SRV:[b]64bit:[/b] - [2015/12/11 04:27:12 | 000,226,440 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
  44. SRV:[b]64bit:[/b] - [2015/07/23 01:02:54 | 001,390,592 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\diagtrack.dll -- (DiagTrack)
  45. SRV:[b]64bit:[/b] - [2013/05/27 06:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
  46. SRV:[b]64bit:[/b] - [2011/07/01 11:46:14 | 000,828,856 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe -- (TPCHSrv)
  47. SRV:[b]64bit:[/b] - [2011/03/02 15:36:16 | 000,266,680 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\TECO\TecoService.exe -- (TOSHIBA eco Utility Service)
  48. SRV:[b]64bit:[/b] - [2010/12/09 17:45:26 | 000,489,384 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe -- (TosCoSrv)
  49. SRV:[b]64bit:[/b] - [2010/12/08 15:42:54 | 000,137,632 | ---- | M] (TOSHIBA Corporation) [On_Demand | Running] -- C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe -- (TOSHIBA HDD SSD Alert Service)
  50. SRV:[b]64bit:[/b] - [2010/10/20 14:41:00 | 000,138,656 | ---- | M] (TOSHIBA Corporation) [Auto | Running] -- C:\Windows\SysNative\TODDSrv.exe -- (TODDSrv)
  51. SRV:[b]64bit:[/b] - [2010/09/22 17:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
  52. SRV - [2016/03/10 22:45:05 | 000,269,504 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
  53. SRV - [2016/03/04 01:55:06 | 000,167,880 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
  54. SRV - [2015/04/17 13:12:48 | 000,078,032 | ---- | M] (Absolute Software Corp.) [Auto | Running] -- C:\Windows\SysWOW64\rpcnet.exe -- (rpcnet)
  55. SRV - [2014/04/11 23:08:08 | 000,103,608 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
  56. SRV - [2014/03/20 23:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
  57. SRV - [2011/02/10 08:25:36 | 000,112,080 | ---- | M] (Toshiba Europe GmbH) [Auto | Running] -- C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe -- (TemproMonitoringService)
  58. SRV - [2010/12/20 18:30:38 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
  59. SRV - [2010/12/20 18:30:36 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
  60. SRV - [2010/11/29 14:58:30 | 000,054,136 | ---- | M] (TOSHIBA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe -- (TMachInfo)
  61. SRV - [2010/04/12 10:45:00 | 000,196,976 | ---- | M] (TOSHIBA CORPORATION) [On_Demand | Stopped] -- C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\TosBtSrv.exe -- (TOSHIBA Bluetooth Service)
  62. SRV - [2010/01/28 16:44:40 | 000,249,200 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe -- (cfWiMAXService)
  63. SRV - [2009/03/10 18:51:20 | 000,046,448 | ---- | M] (TOSHIBA CORPORATION) [Auto | Running] -- C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe -- (ConfigFree Service)
  64.  
  65.  
  66. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  67.  
  68. DRV:[b]64bit:[/b] - [2016/03/02 18:21:01 | 001,065,720 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
  69. DRV:[b]64bit:[/b] - [2016/02/10 18:44:28 | 000,020,160 | ---- | M] (Glarysoft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GUBootStartup.sys -- (GUBootStartup)
  70. DRV:[b]64bit:[/b] - [2016/01/20 20:13:42 | 000,464,256 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
  71. DRV:[b]64bit:[/b] - [2015/12/18 17:16:31 | 000,097,648 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
  72. DRV:[b]64bit:[/b] - [2015/12/11 04:27:23 | 000,155,304 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
  73. DRV:[b]64bit:[/b] - [2015/12/11 04:27:22 | 000,273,784 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
  74. DRV:[b]64bit:[/b] - [2015/12/11 04:27:22 | 000,065,224 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
  75. DRV:[b]64bit:[/b] - [2015/12/11 04:27:22 | 000,028,656 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
  76. DRV:[b]64bit:[/b] - [2015/12/11 04:27:21 | 000,093,528 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
  77. DRV:[b]64bit:[/b] - [2012/08/23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
  78. DRV:[b]64bit:[/b] - [2012/08/23 15:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
  79. DRV:[b]64bit:[/b] - [2012/08/23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
  80. DRV:[b]64bit:[/b] - [2012/03/01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
  81. DRV:[b]64bit:[/b] - [2011/07/08 17:06:08 | 000,307,304 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rtsuvstor.sys -- (RSUSBVSTOR)
  82. DRV:[b]64bit:[/b] - [2011/04/04 20:10:14 | 012,262,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
  83. DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
  84. DRV:[b]64bit:[/b] - [2011/03/11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
  85. DRV:[b]64bit:[/b] - [2011/02/08 19:07:00 | 000,038,096 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PGEffect.sys -- (PGEffect)
  86. DRV:[b]64bit:[/b] - [2011/02/03 19:59:06 | 001,413,680 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
  87. DRV:[b]64bit:[/b] - [2011/01/27 15:27:04 | 000,067,384 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfusb.sys -- (Tosrfusb)
  88. DRV:[b]64bit:[/b] - [2011/01/27 12:34:12 | 001,577,088 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
  89. DRV:[b]64bit:[/b] - [2011/01/20 10:26:46 | 000,291,120 | ---- | M] (TOSHIBA CORPORATION) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfbd.sys -- (tosrfbd)
  90. DRV:[b]64bit:[/b] - [2010/12/17 19:46:46 | 002,675,712 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
  91. DRV:[b]64bit:[/b] - [2010/12/01 16:12:06 | 000,250,984 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
  92. DRV:[b]64bit:[/b] - [2010/11/29 11:47:00 | 000,082,224 | ---- | M] (TOSHIBA Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tosrfcom.sys -- (Tosrfcom)
  93. DRV:[b]64bit:[/b] - [2010/11/25 06:59:16 | 000,694,888 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RTL8192su.sys -- (RTL8192su)
  94. DRV:[b]64bit:[/b] - [2010/11/21 04:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
  95. DRV:[b]64bit:[/b] - [2010/11/11 10:27:00 | 000,050,864 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfbnp.sys -- (tosrfbnp)
  96. DRV:[b]64bit:[/b] - [2010/11/08 12:44:40 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
  97. DRV:[b]64bit:[/b] - [2010/10/19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
  98. DRV:[b]64bit:[/b] - [2010/10/18 14:14:02 | 000,042,096 | R--- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
  99. DRV:[b]64bit:[/b] - [2010/10/15 01:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
  100. DRV:[b]64bit:[/b] - [2010/08/30 10:48:00 | 000,094,528 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Tosrfhid.sys -- (Tosrfhid)
  101. DRV:[b]64bit:[/b] - [2010/06/18 16:45:00 | 000,018,872 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfec.sys -- (tosrfec)
  102. DRV:[b]64bit:[/b] - [2010/04/26 11:48:00 | 000,063,488 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TosRfSnd.sys -- (TosRfSnd)
  103. DRV:[b]64bit:[/b] - [2009/12/15 09:46:38 | 000,039,552 | ---- | M] (Bytemobile, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\tcpipBM.sys -- (tcpipBM)
  104. DRV:[b]64bit:[/b] - [2009/12/15 09:46:30 | 000,016,512 | ---- | M] (Bytemobile, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BMLoad.sys -- (BMLoad)
  105. DRV:[b]64bit:[/b] - [2009/09/19 16:54:02 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbser6k.sys -- (ZTEusbser6k)
  106. DRV:[b]64bit:[/b] - [2009/09/19 16:54:02 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbnmea.sys -- (ZTEusbnmea)
  107. DRV:[b]64bit:[/b] - [2009/09/19 16:54:02 | 000,119,680 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ZTEusbmdm6k.sys -- (ZTEusbmdm6k)
  108. DRV:[b]64bit:[/b] - [2009/09/04 11:41:24 | 000,011,776 | ---- | M] (ZTE Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\massfilter.sys -- (massfilter)
  109. DRV:[b]64bit:[/b] - [2009/07/30 20:22:04 | 000,027,784 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tdcmdpst.sys -- (tdcmdpst)
  110. DRV:[b]64bit:[/b] - [2009/07/24 11:33:00 | 000,026,472 | ---- | M] (TOSHIBA Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosrfnds.sys -- (tosrfnds)
  111. DRV:[b]64bit:[/b] - [2009/07/14 16:31:18 | 000,026,840 | ---- | M] (TOSHIBA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TVALZ_O.SYS -- (TVALZ)
  112. DRV:[b]64bit:[/b] - [2009/07/14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
  113. DRV:[b]64bit:[/b] - [2009/07/14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
  114. DRV:[b]64bit:[/b] - [2009/07/14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
  115. DRV:[b]64bit:[/b] - [2009/07/14 01:10:47 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rootmdm.sys -- (ROOTMODEM)
  116. DRV:[b]64bit:[/b] - [2009/06/19 19:15:22 | 000,014,472 | ---- | M] (TOSHIBA Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TVALZFL.sys -- (TVALZFL)
  117. DRV:[b]64bit:[/b] - [2009/06/17 12:01:00 | 000,054,664 | ---- | M] (TOSHIBA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tosporte.sys -- (tosporte)
  118. DRV:[b]64bit:[/b] - [2009/06/15 12:58:50 | 000,012,800 | ---- | M] (TOSHIBA) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\QIOMem.sys -- (QIOMem)
  119. DRV:[b]64bit:[/b] - [2009/06/10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
  120. DRV:[b]64bit:[/b] - [2009/06/10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
  121. DRV:[b]64bit:[/b] - [2009/06/10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
  122. DRV:[b]64bit:[/b] - [2009/06/10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
  123. DRV:[b]64bit:[/b] - [2008/07/26 15:26:34 | 000,050,072 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LVUSBS64.sys -- (LVUSBS64)
  124. DRV - [2009/07/14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
  125.  
  126.  
  127. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  128.  
  129.  
  130. [color=#E56717]========== Internet Explorer ==========[/color]
  131.  
  132. IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
  133. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  134. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
  135. IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
  136. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  137. IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
  138.  
  139. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=TEUA&bmod=TEUA
  140. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www1.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=FC5274DE2B33A538
  141. IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
  142. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR
  143. IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www1.delta-search.com/?q={searchTerms}&affID=119776&babsrc=SP_ss&mntrId=FC5274DE2B33A538
  144. IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=
  145. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  146.  
  147. [color=#E56717]========== FireFox ==========[/color]
  148.  
  149. FF - prefs.js..browser.search.countryCode: "HR"
  150. FF - prefs.js..browser.search.region: "HR"
  151. FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.9.2.1-signed
  152. FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:45.0
  153. FF - user.js - File not found
  154.  
  155. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll File not found
  156. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  157. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll ()
  158. FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
  159. FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
  160. FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
  161. FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
  162. FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.74.2: C:\Program Files (x86)\Java\jre1.8.0_74\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
  163. FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.74.2: C:\Program Files (x86)\Java\jre1.8.0_74\bin\plugin2\npjp2.dll (Oracle Corporation)
  164. FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  165. FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
  166. FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
  167. FF - HKLM\Software\MozillaPlugins\@mozilla.zeniko.ch/PDFlite_Browser_Plugin: C:\Program Files (x86)\PDFlite\npPdfViewer.dll File not found
  168. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
  169. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll (Google Inc.)
  170. FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
  171. FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
  172. FF - HKCU\Software\MozillaPlugins\@mozilla.zeniko.ch/PDFlite_Browser_Plugin: C:\Program Files (x86)\PDFlite\npPdfViewer.dll File not found
  173. FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Ana\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
  174.  
  175. 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 45.0\extensions\\Components: C:\PROGRAM FILES\MOZILLA FIREFOX\COMPONENTS
  176. 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 45.0\extensions\\Plugins: C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS
  177. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2016/03/22 06:37:32 | 000,000,000 | ---D | M]
  178. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
  179. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016/03/22 06:37:32 | 000,000,000 | ---D | M]
  180. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 43.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
  181. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 43.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
  182. FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\addlyrics@addlyrics.net: C:\Program Files (x86)\AddLyrics\FF\
  183.  
  184. [2015/04/21 22:02:30 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ana\AppData\Roaming\mozilla\Extensions
  185. [2016/02/07 02:41:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ana\AppData\Roaming\mozilla\Firefox\Profiles\oi3x89de.default\extensions
  186. [2015/10/14 19:34:33 | 000,151,374 | ---- | M] () (No name found) -- C:\Users\Ana\AppData\Roaming\mozilla\firefox\profiles\oi3x89de.default\extensions\adblockpopups@jessehakanen.net.xpi
  187. [2016/02/07 02:41:29 | 001,001,911 | ---- | M] () (No name found) -- C:\Users\Ana\AppData\Roaming\mozilla\firefox\profiles\oi3x89de.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
  188. [2016/02/07 03:38:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
  189. [2016/02/07 03:38:56 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
  190.  
  191. [color=#E56717]========== Chrome ==========[/color]
  192.  
  193. CHR - Extension: No name found = C:\Users\Ana\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.11_0\
  194. CHR - Extension: No name found = C:\Users\Ana\AppData\Local\Google\Chrome\User Data\Default\Extensions\cngkcldnnppckgbmndaccoffaikjbemc\3_0\
  195. CHR - Extension: No name found = C:\Users\Ana\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpmajpjgghbgnplkodkmapnlkapkgbog\1.6_0\
  196. CHR - Extension: No name found = C:\Users\Ana\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak\1.0_0\
  197. CHR - Extension: No name found = C:\Users\Ana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
  198.  
  199. O1 HOSTS File: ([2014/03/13 12:08:55 | 000,000,065 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
  200. O1 - Hosts: 127.0.0.1 65.52.240.48
  201. O1 - Hosts: 127.0.0.1 activation.cloud.techsmith.com
  202. O2:[b]64bit:[/b] - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
  203. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_74\bin\ssv.dll (Oracle Corporation)
  204. O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
  205. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_74\bin\jp2ssv.dll (Oracle Corporation)
  206. O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
  207. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
  208. O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
  209. O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
  210. O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
  211. O4:[b]64bit:[/b] - HKLM..\Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe (TOSHIBA Corporation)
  212. O4:[b]64bit:[/b] - HKLM..\Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe (TOSHIBA Corporation)
  213. O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
  214. O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
  215. O4 - HKLM..\Run: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe (TOSHIBA)
  216. O4 - HKLM..\Run: [TSVU] c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe (TOSHIBA)
  217. O4 - HKCU..\Run: [GUDelayStartup] C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe (Glarysoft Ltd)
  218. O4 - HKCU..\Run: [HW_OPENEYE_OUC_T-Mobile Internet Manager] "C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe" File not found
  219. O4 - HKCU..\Run: [TOPI.EXE] C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe (TOSHIBA)
  220. O4 - HKCU..\Run: [UpdateChecker] C:\Users\Ana\AppData\Local\Popajar\UpdateChecker\UpdateCheckerApp.exe ()
  221. O4 - HKCU..\Run: [Viber] "C:\Users\Ana\AppData\Local\Viber\Viber.exe" File not found
  222. O4:[b]64bit:[/b] - HKLM..\RunOnce: [insbgf64] C:\Windows\SysWow64\insbgf64.exe (Absolute Software Corp.)
  223. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
  224. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
  225. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
  226. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  227. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
  228. O8:[b]64bit:[/b] - Extra context menu item: Add to TOSHIBA Bulletin Board - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
  229. O8:[b]64bit:[/b] - Extra context menu item: I&zvezi u Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
  230. O8:[b]64bit:[/b] - Extra context menu item: P&ošalji u OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
  231. O8 - Extra context menu item: Add to TOSHIBA Bulletin Board - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom.dll (TODO: <会社名>)
  232. O8 - Extra context menu item: I&zvezi u Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
  233. O8 - Extra context menu item: P&ošalji u OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
  234. O13[b]64bit:[/b] - gopher Prefix: missing
  235. O13 - gopher Prefix: missing
  236. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 11.74.2)
  237. O16 - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 1.7.0_21)
  238. O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_21-windows-i586.cab (Java Plug-in 11.74.2)
  239. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 83.139.105.2 83.139.104.2
  240. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1F765C8-2B81-4FDB-866D-4775D99A711E}: DhcpNameServer = 83.139.104.2 83.139.105.2
  241. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F2D20AF5-E2E4-428A-87D8-787DDB85D559}: DhcpNameServer = 83.139.105.2 83.139.104.2
  242. O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found
  243. O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
  244. O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
  245. O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
  246. O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
  247. O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
  248. O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  249. O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
  250. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
  251. O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
  252. O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
  253. O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  254. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  255. O32 - HKLM CDRom: AutoRun - 1
  256. O33 - MountPoints2\{1cc1113f-9eee-11e2-82fb-e89a8fda3911}\Shell - "" = AutoRun
  257. O33 - MountPoints2\{1cc1113f-9eee-11e2-82fb-e89a8fda3911}\Shell\AutoRun\command - "" = F:\AutoRun.exe
  258. O33 - MountPoints2\{28cbc068-9af9-11e2-a23e-e89a8fda3911}\Shell - "" = AutoRun
  259. O33 - MountPoints2\{28cbc068-9af9-11e2-a23e-e89a8fda3911}\Shell\AutoRun\command - "" = F:\AutoRun.exe
  260. O33 - MountPoints2\{28cbc07b-9af9-11e2-a23e-e89a8fda3911}\Shell - "" = AutoRun
  261. O33 - MountPoints2\{28cbc07b-9af9-11e2-a23e-e89a8fda3911}\Shell\AutoRun\command - "" = G:\AutoRun.exe
  262. O33 - MountPoints2\{314001d7-8d70-11e2-ac34-e89a8fda3911}\Shell - "" = AutoRun
  263. O33 - MountPoints2\{314001d7-8d70-11e2-ac34-e89a8fda3911}\Shell\AutoRun\command - "" = F:\AutoRun.exe
  264. O33 - MountPoints2\{314001db-8d70-11e2-ac34-e89a8fda3911}\Shell - "" = AutoRun
  265. O33 - MountPoints2\{314001db-8d70-11e2-ac34-e89a8fda3911}\Shell\AutoRun\command - "" = G:\AutoRun.exe
  266. O33 - MountPoints2\{465de085-9a87-11e2-803e-e89a8fda3911}\Shell - "" = AutoRun
  267. O33 - MountPoints2\{465de085-9a87-11e2-803e-e89a8fda3911}\Shell\AutoRun\command - "" = F:\AutoRun.exe
  268. O33 - MountPoints2\{db326387-a3a5-11e2-b7f8-e89a8fda3911}\Shell - "" = AutoRun
  269. O33 - MountPoints2\{db326387-a3a5-11e2-b7f8-e89a8fda3911}\Shell\AutoRun\command - "" = F:\AutoRun.exe
  270. O33 - MountPoints2\{e1562c70-45de-11e3-a3b8-e89a8fda3911}\Shell - "" = AutoRun
  271. O33 - MountPoints2\{e1562c70-45de-11e3-a3b8-e89a8fda3911}\Shell\AutoRun\command - "" = F:\AutoRun.exe
  272. O33 - MountPoints2\{f886bead-833b-11e3-a2b3-001374000000}\Shell - "" = AutoRun
  273. O33 - MountPoints2\{f886bead-833b-11e3-a2b3-001374000000}\Shell\AutoRun\command - "" = G:\AutoRun.exe
  274. O33 - MountPoints2\G\Shell - "" = AutoRun
  275. O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\AutoRun.exe
  276. O34 - HKLM BootExecute: (autocheck autochk *)
  277. O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
  278. O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
  279. O35 - HKLM\..comfile [open] -- "%1" %*
  280. O35 - HKLM\..exefile [open] -- "%1" %*
  281. O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
  282. O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
  283. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  284. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  285. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  286. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
  287. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  288.  
  289.  
  290. Drivers32:[b]64bit:[/b] msacm.ac3filter - ac3filter64.acm ()
  291. Drivers32:[b]64bit:[/b] msacm.l3acm - l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
  292. Drivers32:[b]64bit:[/b] msacm.l3codecp - l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
  293. Drivers32:[b]64bit:[/b] VIDC.FFDS - ff_vfw.dll ()
  294. Drivers32:[b]64bit:[/b] vidc.i420 - lvcod64.dll (Logitech Inc.)
  295. Drivers32:[b]64bit:[/b] VIDC.LAGS - lagarith.dll ( )
  296. Drivers32:[b]64bit:[/b] vidc.tsc2 - C:\Windows\SysWOW64\tsc2_codec64.dll (TechSmith Corporation)
  297. Drivers32:[b]64bit:[/b] vidc.tscc - C:\Windows\SysWOW64\tsccvid64.dll (TechSmith Corporation)
  298. Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
  299. Drivers32: msacm.divxa32 - C:\Windows\SysWow64\msaud32_divx.acm (Microsoft Corporation)
  300. Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
  301. Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
  302. Drivers32: vidc.tsc2 - C:\Windows\SysWOW64\tsc2_codec32.dll (TechSmith Corporation)
  303. Drivers32: vidc.tscc - C:\Windows\SysWOW64\tsccvid.dll (TechSmith Corporation)
  304.  
  305. CREATERESTOREPOINT
  306. Restore point Set: OTL Restore Point
  307.  
  308. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  309.  
  310. [2016/03/22 06:49:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ana\Desktop\OTL.com
  311. [2016/03/22 06:37:39 | 000,386,096 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
  312. [2016/03/20 22:26:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
  313. [2016/03/20 16:14:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
  314. [2016/03/20 16:14:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
  315. [2016/03/17 06:48:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Foxit ContentPlatform
  316. [2016/03/17 06:48:28 | 000,000,000 | ---D | C] -- C:\Users\Ana\AppData\Roaming\Foxit AgentInformation
  317. [2016/03/17 06:46:23 | 000,000,000 | ---D | C] -- C:\Users\Ana\AppData\Local\Programs
  318. [2016/03/14 10:30:38 | 000,000,000 | ---D | C] -- C:\Users\Ana\Desktop\Bookmaker greška
  319. [2016/02/28 01:31:15 | 000,000,000 | ---D | C] -- C:\Users\Ana\Desktop\Ana br
  320. [2016/02/26 15:52:54 | 000,000,000 | ---D | C] -- C:\Users\Ana\AppData\Local\PokerClient
  321. [2016/02/22 00:06:47 | 000,000,000 | -H-D | C] -- C:\Users\Ana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
  322. [8 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
  323.  
  324. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  325.  
  326. [2016/03/22 06:49:58 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ana\Desktop\OTL.com
  327. [2016/03/22 06:49:06 | 000,025,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  328. [2016/03/22 06:49:06 | 000,025,120 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  329. [2016/03/22 06:42:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
  330. [2016/03/22 06:41:10 | 000,782,552 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
  331. [2016/03/22 06:41:10 | 000,654,480 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
  332. [2016/03/22 06:41:10 | 000,122,352 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
  333. [2016/03/22 06:41:10 | 000,012,634 | ---- | M] () -- C:\Windows\SysNative\perfh01A.dat
  334. [2016/03/22 06:41:10 | 000,004,406 | ---- | M] () -- C:\Windows\SysNative\perfc01A.dat
  335. [2016/03/22 06:34:21 | 000,017,920 | ---- | M] () -- C:\Windows\SysNative\rpcnetp.exe
  336. [2016/03/22 06:33:41 | 000,078,032 | ---- | M] (Absolute Software Corp.) -- C:\Windows\SysWow64\rpcnet.dll
  337. [2016/03/22 06:33:41 | 000,017,920 | ---- | M] () -- C:\Windows\SysWow64\rpcnetp.dll
  338. [2016/03/22 06:33:41 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  339. [2016/03/22 06:33:30 | 000,065,536 | ---- | M] () -- C:\Windows\SysNative\Ikeext.etl
  340. [2016/03/22 06:33:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  341. [2016/03/22 06:33:18 | 495,865,855 | -HS- | M] () -- C:\hiberfil.sys
  342. [2016/03/22 06:33:13 | 000,017,920 | ---- | M] () -- C:\Windows\SysWow64\rpcnetp.exe
  343. [2016/03/21 11:16:00 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  344. [2016/03/21 10:21:33 | 000,014,243 | ---- | M] () -- C:\Users\Ana\AppData\Local\recently-used.xbel
  345. [2016/03/20 09:29:19 | 000,067,236 | ---- | M] () -- C:\Users\Ana\Desktop\Ovce.jpg
  346. [2016/03/11 03:29:58 | 005,107,376 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
  347. [2016/03/10 11:01:01 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
  348. [2016/03/08 08:12:08 | 000,001,051 | ---- | M] () -- C:\Users\Public\Desktop\Glary Utilities 5.lnk
  349. [2016/03/03 09:40:56 | 000,000,010 | ---- | M] () -- C:\Windows\popcinfo.dat
  350. [2016/03/02 18:21:01 | 001,065,720 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
  351. [2016/02/26 23:36:16 | 000,001,037 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
  352. [8 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
  353.  
  354. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  355.  
  356. [2016/03/21 10:21:33 | 000,014,243 | ---- | C] () -- C:\Users\Ana\AppData\Local\recently-used.xbel
  357. [2016/03/19 22:35:11 | 000,067,236 | ---- | C] () -- C:\Users\Ana\Desktop\Ovce.jpg
  358. [2015/07/05 09:44:22 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
  359. [2015/01/03 19:34:12 | 000,000,010 | ---- | C] () -- C:\Windows\popcinfo.dat
  360. [2014/05/04 17:33:53 | 000,000,132 | ---- | C] () -- C:\Users\Ana\AppData\Roaming\Adobe PNG Format CS6 Prefs
  361. [2013/03/15 16:44:23 | 000,000,160 | ---- | C] () -- C:\Users\Ana\AppData\Roaming\addDefaultValueForDevicePathKey.reg
  362.  
  363. [color=#E56717]========== ZeroAccess Check ==========[/color]
  364.  
  365. [2009/07/14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
  366.  
  367. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  368.  
  369. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  370.  
  371. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
  372.  
  373. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  374.  
  375. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  376. "" = C:\Windows\SysNative\shell32.dll -- [2016/01/22 07:19:58 | 014,179,840 | ---- | M] (Microsoft Corporation)
  377. "ThreadingModel" = Apartment
  378.  
  379. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  380. "" = %SystemRoot%\system32\shell32.dll -- [2016/01/22 07:05:58 | 012,877,824 | ---- | M] (Microsoft Corporation)
  381. "ThreadingModel" = Apartment
  382.  
  383. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
  384. "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
  385. "ThreadingModel" = Free
  386.  
  387. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  388. "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
  389. "ThreadingModel" = Free
  390.  
  391. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
  392. "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
  393. "ThreadingModel" = Both
  394.  
  395. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  396.  
  397. [color=#E56717]========== LOP Check ==========[/color]
  398.  
  399. [2014/09/01 23:47:28 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\.mono
  400. [2015/07/12 20:45:08 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\AVAST Software
  401. [2016/03/05 14:37:06 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\BitTorrent
  402. [2014/01/22 13:35:19 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\deluge
  403. [2016/02/10 18:44:27 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\DiskDefrag
  404. [2013/06/07 06:07:16 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\ExpressFiles
  405. [2016/03/17 06:48:28 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\Foxit AgentInformation
  406. [2016/02/04 09:25:34 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\Foxit Software
  407. [2016/02/10 18:44:27 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\Glarysoft
  408. [2013/02/27 11:42:53 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\Leadertech
  409. [2015/05/23 13:42:33 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\Maxotek
  410. [2016/03/21 07:21:15 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\OpenCandy
  411. [2014/11/02 21:28:37 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\Opera Software
  412. [2013/05/09 06:46:25 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\Oracle
  413. [2013/09/30 19:05:18 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\SoftGrid Client
  414. [2014/04/08 11:17:43 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
  415. [2013/04/01 19:29:36 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\T-Mobile
  416. [2013/05/30 01:11:06 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\T-Mobile Internet Manager
  417. [2014/03/12 18:25:07 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\TechSmith
  418. [2013/01/19 18:02:44 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\Toshiba
  419. [2013/01/19 18:06:10 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\TOSHIBA Online Product Information
  420. [2013/01/19 21:30:43 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\TP
  421. [2014/01/31 00:10:10 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\TuneUp Software
  422. [2014/01/28 16:15:36 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\Unity
  423. [2015/11/25 18:34:07 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\Vitzo
  424. [2013/12/11 13:20:05 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\WinBatch
  425. [2015/04/19 04:17:46 | 000,000,000 | ---D | M] -- C:\Users\Ana\AppData\Roaming\Windows Live Writer
  426.  
  427. [color=#E56717]========== Purity Check ==========[/color]
  428.  
  429.  
  430.  
  431. [color=#E56717]========== Custom Scans ==========[/color]
  432.  
  433. [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
  434. [2015/12/22 10:00:44 | 000,924,503 | ---- | M] () -- C:\ATsvcLog.txt
  435. [2015/12/17 15:09:44 | 010,000,000 | ---- | M] () -- C:\ATsvcLog.txt.old
  436. [2013/06/05 05:14:53 | 000,693,248 | ---- | M] () -- C:\Connect.log
  437. [2013/04/12 18:46:01 | 000,046,062 | ---- | M] () -- C:\debug1214.txt
  438. [2015/12/22 10:00:52 | 000,271,775 | ---- | M] () -- C:\DebugLog.txt
  439. [2015/12/03 09:45:58 | 009,999,947 | ---- | M] () -- C:\DebugLog.txt.old
  440. [2013/06/07 05:54:47 | 000,000,009 | ---- | M] () -- C:\END
  441. [2016/03/22 06:33:18 | 495,865,855 | -HS- | M] () -- C:\hiberfil.sys
  442. [2015/12/22 09:57:09 | 000,000,256 | ---- | M] () -- C:\lxcg.log
  443. [2013/05/29 23:35:04 | 000,001,078 | ---- | M] () -- C:\NetworkCfg.xml
  444. [2011/08/04 04:59:04 | 000,000,070 | -H-- | M] () -- C:\SWSTAMP.TXT
  445.  
  446. [color=#A23BEC]< %systemroot%\Fonts\*.com >[/color]
  447. [2009/07/14 06:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
  448. [2009/07/14 06:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
  449. [2009/07/14 06:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
  450. [2009/07/14 06:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
  451.  
  452. [color=#A23BEC]< %systemroot%\Fonts\*.dll >[/color]
  453.  
  454. [color=#A23BEC]< %systemroot%\Fonts\*.ini >[/color]
  455. [2009/06/10 21:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
  456.  
  457. [color=#A23BEC]< %systemroot%\Fonts\*.ini2 >[/color]
  458.  
  459. [color=#A23BEC]< %systemroot%\Fonts\*.exe >[/color]
  460.  
  461. [color=#A23BEC]< %systemroot%\system32\spool\prtprocs\w32x86\*.* >[/color]
  462.  
  463. [color=#A23BEC]< %systemroot%\REPAIR\*.bak1 >[/color]
  464.  
  465. [color=#A23BEC]< %systemroot%\REPAIR\*.ini >[/color]
  466.  
  467. [color=#A23BEC]< %systemroot%\system32\*.jpg >[/color]
  468.  
  469. [color=#A23BEC]< %systemroot%\*.jpg >[/color]
  470.  
  471. [color=#A23BEC]< %systemroot%\*.png >[/color]
  472.  
  473. [color=#A23BEC]< %systemroot%\*.scr >[/color]
  474. [2015/12/11 04:27:15 | 000,043,112 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
  475. [2011/05/13 14:42:24 | 000,302,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
  476.  
  477. [color=#A23BEC]< %systemroot%\*._sy >[/color]
  478.  
  479. [color=#A23BEC]< %APPDATA%\Adobe\Update\*.* >[/color]
  480.  
  481. [color=#A23BEC]< %ALLUSERSPROFILE%\Favorites\*.* >[/color]
  482.  
  483. [color=#A23BEC]< %APPDATA%\Microsoft\*.* >[/color]
  484.  
  485. [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color]
  486. [2009/07/14 05:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
  487.  
  488. [color=#A23BEC]< %APPDATA%\Update\*.* >[/color]
  489.  
  490. [color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
  491.  
  492. [color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
  493.  
  494. [color=#A23BEC]< %PROGRAMFILES%\bak. /s >[/color]
  495.  
  496. [color=#A23BEC]< %systemroot%\system32\bak. /s >[/color]
  497.  
  498. [color=#A23BEC]< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >[/color]
  499.  
  500. [color=#A23BEC]< %systemroot%\system32\config\systemprofile\*.dat /x >[/color]
  501.  
  502. [color=#A23BEC]< %systemroot%\*.config >[/color]
  503.  
  504. [color=#A23BEC]< %systemroot%\system32\*.db >[/color]
  505.  
  506. [color=#A23BEC]< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >[/color]
  507. [2013/01/19 17:54:40 | 000,000,221 | -HS- | M] () -- C:\Users\Ana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
  508.  
  509. [color=#A23BEC]< %USERPROFILE%\Desktop\*.exe >[/color]
  510. [2007/12/29 13:31:00 | 001,324,544 | ---- | M] () -- C:\Users\Ana\Desktop\pdf2word.exe
  511.  
  512. [color=#A23BEC]< %PROGRAMFILES%\Common Files\*.* >[/color]
  513.  
  514. [color=#A23BEC]< %systemroot%\*.src >[/color]
  515.  
  516. [color=#A23BEC]< %systemroot%\install\*.* >[/color]
  517.  
  518. [color=#A23BEC]< %systemroot%\system32\DLL\*.* >[/color]
  519.  
  520. [color=#A23BEC]< %systemroot%\system32\HelpFiles\*.* >[/color]
  521.  
  522. [color=#A23BEC]< %systemroot%\system32\rundll\*.* >[/color]
  523.  
  524. [color=#A23BEC]< %systemroot%\winn32\*.* >[/color]
  525.  
  526. [color=#A23BEC]< %systemroot%\Java\*.* >[/color]
  527.  
  528. [color=#A23BEC]< %systemroot%\system32\test\*.* >[/color]
  529.  
  530. [color=#A23BEC]< %systemroot%\system32\Rundll32\*.* >[/color]
  531.  
  532. [color=#A23BEC]< %systemroot%\AppPatch\Custom\*.* >[/color]
  533.  
  534. [color=#A23BEC]< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >[/color]
  535.  
  536. [color=#A23BEC]< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >[/color]
  537.  
  538. [color=#A23BEC]< %PROGRAMFILES%\Internet Explorer\*.tmp >[/color]
  539.  
  540. [color=#A23BEC]< %PROGRAMFILES%\Internet Explorer\*.dat >[/color]
  541.  
  542. [color=#A23BEC]< %USERPROFILE%\My Documents\*.exe >[/color]
  543.  
  544. [color=#A23BEC]< %USERPROFILE%\*.exe >[/color]
  545.  
  546. [color=#A23BEC]< %systemroot%\ADDINS\*.* >[/color]
  547. [2009/06/10 22:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\ADDINS\FXSEXT.ecf
  548.  
  549. [color=#A23BEC]< %systemroot%\assembly\*.bak2 >[/color]
  550.  
  551. [color=#A23BEC]< %systemroot%\Config\*.* >[/color]
  552.  
  553. [color=#A23BEC]< %systemroot%\REPAIR\*.bak2 >[/color]
  554.  
  555. [color=#A23BEC]< %systemroot%\SECURITY\Database\*.sdb /x >[/color]
  556. [2013/01/19 16:59:19 | 000,008,192 | ---- | M] () -- C:\Windows\SECURITY\Database\edb.chk
  557. [2013/01/19 16:59:09 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edb.log
  558. [2011/08/03 23:56:40 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edbres00001.jrs
  559. [2011/08/03 23:56:40 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edbres00002.jrs
  560. [2013/01/19 16:59:09 | 001,056,768 | ---- | M] () -- C:\Windows\SECURITY\Database\tmp.edb
  561.  
  562. [color=#A23BEC]< %systemroot%\SYSTEM\*.bak2 >[/color]
  563.  
  564. [color=#A23BEC]< %systemroot%\Web\*.bak2 >[/color]
  565.  
  566. [color=#A23BEC]< %systemroot%\Driver Cache\*.* >[/color]
  567.  
  568. [color=#A23BEC]< %PROGRAMFILES%\Mozilla Firefox\0*.exe >[/color]
  569.  
  570. [color=#A23BEC]< %ProgramFiles%\Microsoft Common\*.* >[/color]
  571.  
  572. [color=#A23BEC]< %ProgramFiles%\TinyProxy. >[/color]
  573.  
  574. [color=#A23BEC]< %USERPROFILE%\Favorites\*.url /x >[/color]
  575. [2016/02/11 08:44:34 | 000,000,402 | -HS- | M] () -- C:\Users\Ana\Favorites\desktop.ini
  576.  
  577. [color=#A23BEC]< %systemroot%\System32\Wbem\*.exe >[/color]
  578. [2009/07/14 02:14:24 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\mofcomp.exe
  579. [2009/07/14 02:14:45 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\WinMgmt.exe
  580. [2009/07/14 02:14:46 | 000,115,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\WMIADAP.exe
  581. [2009/07/14 02:14:46 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\WMIC.exe
  582. [2010/11/21 04:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\WmiPrvSE.exe
  583.  
  584. [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color]
  585.  
  586. [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color]
  587.  
  588. < End of report >
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!