API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 10th, 2013
151
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 28.92 KB | None | 0 0
raw download clone embed print report
  1.  
  2. Zoek.exe Version 4.0.0.3 Updated 05-July-2013
  3. Tool run by Pedja on Wed 07/10/2013 at 14:32:30.60.
  4. Microsoft Windows XP Professional 5.1.2600 Service Pack 2 x86
  5. Running in: Normal Mode Internet Access Detected
  6.  
  7. ==== System Restore Info ======================
  8.  
  9. Failed to create System Restore Point
  10.  
  11. ==== Creating Sample_20130710_0233.zip ======================
  12.  
  13. Process rundll32.exe killed
  14. Copied file c:\documents and settings\pedja\start menu\programs\startup\help.vbe to sample\help.vbe
  15. sample\help.vbe already exists and will be renamed
  16. Copied file c:\docume~1\pedja\locals~1\temp\help.vbe to sample\help.vbe
  17. sample\help.vbe renamed to 6357F142449323742779D42EC82548EF
  18. sample\help.vbe1433_16.71 renamed to 6357F142449323742779D42EC82548EF
  19.  
  20. C:\Documents and Settings\All Users\Desktop\sample_20130710_0233.zip created successfully
  21.  
  22. ==== Registry Fix Code ======================
  23.  
  24. Windows Registry Editor Version 5.00
  25.  
  26. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  27. "help.vbe"=-
  28. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  29. "help.vbe"=-
  30.  
  31. ==== Deleting Files \ Folders ======================
  32.  
  33. "c:\documents and settings\pedja\start menu\programs\startup\help.vbe" deleted
  34. "c:\docume~1\pedja\locals~1\temp\help.vbe" not deleted
  35.  
  36. ==== Files Recently Created / Modified ======================
  37.  
  38. ====== C:\WINDOWS ====
  39. ====== C:\DOCUME~1\Pedja\LOCALS~1\Temp ====
  40. ====== C:\WINDOWS\system32 =====
  41. 2013-07-09 10:25:19 AD6F41B5AAC36BBE5F99B3A7C6AECD3D 188200 ----a-w- C:\WINDOWS\System32\FNTCACHE.DAT
  42. ====== C:\WINDOWS\system32\drivers =====
  43. 2013-07-08 09:08:28 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
  44. ====== C:\WINDOWS\Tasks ======
  45. 2013-06-30 13:33:07 8DC8865755CEC05C0DBC4533E741CD69 320 ----a-w- C:\WINDOWS\Tasks\GlaryInitialize 3.job
  46. ====== C:\WINDOWS\Temp ======
  47. ======= C:\Program Files =====
  48. 2013-07-09 08:16:22 -------- d-----w- C:\Program Files\MCShield
  49. 2013-07-08 08:28:17 -------- d-----w- C:\Program Files\OpenAL
  50. 2013-07-07 09:25:24 -------- d-----w- C:\Program Files\NCH Software
  51. 2013-06-30 13:32:59 -------- d-----w- C:\Program Files\Glary Utilities 3
  52. ======= C: =====
  53. 2013-07-10 12:20:24 43CB99094F313F945723A78BCD88E67D 10743 ----a-w- C:\AdwCleaner[S1].txt
  54. 2013-07-10 12:20:14 32EC5BBE0CCCC2E75822B002E5F6364C 10778 ----a-w- C:\AdwCleaner[R1].txt
  55. ====== C:\Documents and Settings\Pedja\Application Data ======
  56. 2013-07-10 09:13:48 3D2C0CADF6F4C90EBDE1AFEA7962FD50 42168 ----a-w- C:\Documents and Settings\Pedja\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
  57. 2013-07-10 07:55:20 -------- d-----r- C:\Documents and Settings\Pedja\Start Menu\Programs\Administrative Tools
  58. 2013-07-09 10:50:54 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\Glary Utilities 3
  59. 2013-07-09 08:16:25 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\MCShield\Uninstall
  60. 2013-07-09 08:16:25 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\MCShield
  61. 2013-07-09 08:16:22 -------- d-----w- C:\Documents and Settings\All Users\Application Data\MCShield
  62. 2013-07-09 08:15:21 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\AVG
  63. 2013-07-08 08:31:56 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\YTD Video Downloader
  64. 2013-07-08 08:30:20 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack\Uninstall
  65. 2013-07-08 08:30:20 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack\Tools
  66. 2013-07-08 08:30:20 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack\Help
  67. 2013-07-08 08:30:19 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack\Configuration
  68. 2013-07-08 08:30:19 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\K-Lite Codec Pack
  69. 2013-07-08 08:30:16 -------- d-----w- C:\Documents and Settings\Pedja\Application Data\Media Player Classic
  70. 2013-07-08 08:28:29 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\Disney Interactive Studios\G-Force
  71. 2013-07-08 08:28:29 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\Disney Interactive Studios
  72. 2013-07-08 08:28:28 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\Alien Arena 7.60
  73. 2013-07-07 12:37:00 -------- d-----w- C:\Documents and Settings\Pedja\Application Data\avidemux
  74. 2013-07-07 09:25:35 -------- d-----w- C:\Documents and Settings\Pedja\Application Data\NCH Software
  75. 2013-07-07 08:34:44 -------- d-----w- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
  76. 2013-07-01 10:50:10 -------- d-----w- C:\Documents and Settings\All Users\Start Menu\Programs\YTD Video Downloader(2)
  77. 2013-06-10 15:02:52 -------- d-----w- C:\Documents and Settings\Pedja\Application Data\IObit Apps
  78. ====== C:\Documents and Settings\Pedja ======
  79. 2013-07-10 12:19:58 1078C8BD8C62CF4DEE6FE1058C3D56A7 650027 ----a-w- C:\Documents and Settings\Pedja\Desktop\adwcleaner.exe
  80. 2013-07-09 08:56:26 -------- d--h--r- C:\Documents and Settings\Pedja\Recent
  81. 2013-06-30 13:58:44 -------- d-----w- C:\Documents and Settings\All Users\GlarySoft
  82.  
  83. ====== C: exe-files ==
  84. 2013-07-10 12:19:58 1078C8BD8C62CF4DEE6FE1058C3D56A7 650027 ----a-w- C:\Documents and Settings\Pedja\Desktop\adwcleaner.exe
  85. 2013-07-10 08:01:20 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\RECYCLER\S-1-5-21-839522115-1417001333-725345543-1003\Dc1.exe
  86. 2013-07-09 10:50:56 C54023BF92B84D83D3FCD8DE2A4F5555 173681 ----a-w- C:\Program Files\Glary Utilities 3\uninst.exe
  87. 2013-07-09 10:47:53 C5D7F89A25A2E028245EECEFE1FB08B6 15830992 ----a-w- C:\Documents and Settings\Pedja\My Documents\Downloads\gu3setup.exe
  88. 2013-07-09 10:39:29 C57324BDFE3063EDF7DFD1942242917E 21840856 ----a-w- C:\Documents and Settings\Pedja\My Documents\Downloads\Firefox Setup 22.0.exe
  89. 2013-07-09 08:16:25 6E902601D66C4C53606F1A1F3C89231A 212148 ----a-w- C:\Program Files\MCShield\MCS-uninstall.exe
  90. 2013-07-09 08:16:24 0E8A97B3BB3A58A55D40845D567DD2C3 2626084 ----a-w- C:\Documents and Settings\All Users\Application Data\MCShield\MCShield-Setup.exe
  91. 2013-07-09 08:15:36 0E8A97B3BB3A58A55D40845D567DD2C3 2626084 ----a-w- C:\Documents and Settings\Pedja\My Documents\Downloads\MCShield-Setup.exe
  92. 2013-07-09 08:14:04 7B5021AD48295C9CCBE68EF7C381ED33 7626512 ----a-w- C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Avg2013\update\backup\avgmfapx.exe
  93. 2013-07-09 08:14:04 0E10142276BE74CF0D6E91C0140F1274 7626512 ----a-w- C:\Program Files\AVG\AVG2013\avgmfapx.exe
  94. 2013-07-08 19:40:33 C3190BA6ED6220369EEEED081A14DDFC 59784 ----atw- C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Update\1.3.21.149\GoogleUpdateOnDemand.exe
  95. 2013-07-08 19:40:33 5F42FBCE3A8D9ED552E9852A23CA382F 800024 ----a-w- C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Update\1.3.21.149\GoogleUpdateSetup.exe
  96. 2013-07-08 19:40:33 1017788353D8349BF6086B9CDDC8CB7B 59784 ----atw- C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Update\1.3.21.149\GoogleUpdateBroker.exe
  97. 2013-07-08 19:40:31 CA35155F6B4C4DB2513AAAA868BAFF47 324488 ----atw- C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Update\1.3.21.149\GoogleCrashHandler64.exe
  98. 2013-07-08 19:40:31 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Update\1.3.21.149\GoogleUpdate.exe
  99. 2013-07-08 19:40:31 09C87F376507122A5FE1CBE06E015512 239496 ----atw- C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Update\1.3.21.149\GoogleCrashHandler.exe
  100. 2013-07-08 19:40:25 5F42FBCE3A8D9ED552E9852A23CA382F 800024 ----a-w- C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.149\GoogleUpdateSetup.exe
  101. 2013-07-08 09:19:01 6E796AA88EEA7AFCE49680DA27E3B6A4 12977165 ----a-w- C:\Documents and Settings\Pedja\My Documents\Downloads\avidemux_2.6.3_32bits-skidajmo.com.exe
  102. 2013-07-08 09:05:22 683FDD3D773C58B262DC07CD0C6CE938 10285040 ----a-w- C:\Documents and Settings\Pedja\My Documents\Downloads\mbam-setup-1.75.0.1300.exe
  103. 2013-07-07 14:54:06 CE30B5DEBF4674833133652A39414FB7 403968 ----a-w- C:\Program Files\MCShield\MCShieldDS.exe
  104. 2013-07-07 14:49:28 A5F9D2319853D4168AD5D1650D5C83CD 607744 ----a-w- C:\Program Files\MCShield\MCShieldRTM.exe
  105. 2013-07-07 14:49:28 5C8694D0B8C7D1AA82FE9820CF271AB9 726016 ----a-w- C:\Program Files\MCShield\MCShieldCC.exe
  106. 2013-07-06 14:45:16 6D35A3BCDE564DFDFD6A944563179950 19744 ----a-w- C:\Program Files\Glary Utilities 3\Native\wxp_x86\RegBootDefrag.exe
  107. 2013-07-06 14:44:36 502E457DA77CB9487A6E681FF2D7B588 98936 ----a-w- C:\Program Files\Glary Utilities 3\Native\wxp_x86\BootDefrag.exe
  108. 2013-07-06 14:44:36 29D56C401AE4550DF31BB542759E5C15 23840 ----a-w- C:\Program Files\Glary Utilities 3\Native\wxp_x64\RegBootDefrag.exe
  109. 2013-07-06 14:44:30 1ACED37B3C4291AE4F6C21E707F69CBF 117024 ----a-w- C:\Program Files\Glary Utilities 3\Native\wxp_x64\BootDefrag.exe
  110. 2013-07-06 14:44:18 C305B664A6395688E64B9F2F78A16BD9 101664 ----a-w- C:\Program Files\Glary Utilities 3\Native\wnet_x86\BootDefrag.exe
  111. 2013-07-06 14:44:12 4A44CB35C83E26079A558139860A06DD 117024 ----a-w- C:\Program Files\Glary Utilities 3\Native\wnet_x64\BootDefrag.exe
  112. 2013-07-06 14:43:30 502E457DA77CB9487A6E681FF2D7B588 98936 ----a-w- C:\Program Files\Glary Utilities 3\Native\wlh_x86\BootDefrag.exe
  113. 2013-07-06 14:43:28 373458CE0C223EC3F3ED826353C1AFE2 117024 ----a-w- C:\Program Files\Glary Utilities 3\Native\wlh_x64\BootDefrag.exe
  114. 2013-07-06 14:43:26 ED585BE1E87E45E63F890E329C5587A3 101664 ----a-w- C:\Program Files\Glary Utilities 3\Native\win7_x86\BootDefrag.exe
  115. 2013-07-06 14:43:14 419FA1AE0D9F600703573B7A5558A9B5 117024 ----a-w- C:\Program Files\Glary Utilities 3\Native\win7_x64\BootDefrag.exe
  116. 2013-07-06 14:42:42 BE2092F195C78D6A44323595E31A339C 62752 ----a-w- C:\Program Files\Glary Utilities 3\upgrade.exe
  117. 2013-07-06 14:42:30 CF851A76958E8F0EBA6AD465A56BD936 245024 ----a-w- C:\Program Files\Glary Utilities 3\Uninstaller.exe
  118. 2013-07-06 14:42:24 497155D60EFB136960CF4A34A2DFA7D7 1330464 ----a-w- C:\Program Files\Glary Utilities 3\SoftwareUpdate.exe
  119. 2013-07-06 14:41:36 F6D5E0C56FB1AC30764691B2D5560BA7 36640 ----a-w- C:\Program Files\Glary Utilities 3\TracksEraser.exe
  120. 2013-07-06 14:40:30 0FC844FB7AD19BFED1BF6387832902EA 672032 ----a-w- C:\Program Files\Glary Utilities 3\sysinfo.exe
  121. 2013-07-06 14:40:00 66D00101F17B0B9FD895101F97287634 37152 ----a-w- C:\Program Files\Glary Utilities 3\StartupManager.exe
  122. 2013-07-06 14:39:00 3C7F4486166D3F83DDC6761589D3E316 33912 ----a-w- C:\Program Files\Glary Utilities 3\SpyRemover.exe
  123. 2013-07-06 14:38:38 A6C61113217DE20E0D6F1D795CCF26B9 116000 ----a-w- C:\Program Files\Glary Utilities 3\shredder.exe
  124. 2013-07-06 14:37:52 9B84F907C8E5DB9334B6D3D0E36EB574 37152 ----a-w- C:\Program Files\Glary Utilities 3\RestoreCenter.exe
  125. 2013-07-06 14:37:20 E55380FDC7E4B7CD8E4B64901C567DF8 37152 ----a-w- C:\Program Files\Glary Utilities 3\RegistryCleaner.exe
  126. 2013-07-06 14:37:08 0BBE6B342EAC0F2CBE1817170F81D6A3 87840 ----a-w- C:\Program Files\Glary Utilities 3\regdefrag.exe
  127. 2013-07-06 14:35:52 13E8E54BC756C20B0E8573415BDCDF3C 231200 ----a-w- C:\Program Files\Glary Utilities 3\QuickSearch.exe
  128. 2013-07-06 14:35:36 22A6E95AFFA236863FCBF6B3A3F8AACC 29472 ----a-w- C:\Program Files\Glary Utilities 3\ProcMonDispatch.exe
  129. 2013-07-06 14:35:30 C8243D0D575885E46F35ECCF40659C9B 272672 ----a-w- C:\Program Files\Glary Utilities 3\procmgr.exe
  130. 2013-07-06 14:34:38 DA294D6C41C579B1269F162A83D66780 158840 ----a-w- C:\Program Files\Glary Utilities 3\OneClickMaintenance.exe
  131. 2013-07-06 14:33:46 026FA488590E324DEA48245819005956 156792 ----a-w- C:\Program Files\Glary Utilities 3\MemfilesService.exe
  132. 2013-07-06 14:33:04 5D583ECA690480303405145AB2BDD849 117024 ----a-w- C:\Program Files\Glary Utilities 3\memdefrag.exe
  133. 2013-07-06 14:32:32 C54519E49123B6922533F89FA396AB53 62240 ----a-w- C:\Program Files\Glary Utilities 3\joinExe.exe
  134. 2013-07-06 14:31:40 441A0C7ED511356ED47980C5F3BD4D4E 466552 ----a-w- C:\Program Files\Glary Utilities 3\Integrator.exe
  135. 2013-07-06 14:31:26 8FB5027EAF79EA38AD3D8ED864C57372 95008 ----a-w- C:\Program Files\Glary Utilities 3\Initialize.exe
  136. 2013-07-06 14:31:18 155C72D9F3C66800D6161A7975DFEC7D 771360 ----a-w- C:\Program Files\Glary Utilities 3\iehelper.exe
  137. 2013-07-06 14:29:56 4A94AE4289468181EC671999E1113244 63776 ----a-w- C:\Program Files\Glary Utilities 3\gsd.exe
  138. 2013-07-06 14:29:46 97A61E87278860F02E52309ACE53F989 1424160 ----a-w- C:\Program Files\Glary Utilities 3\FileUndelete.exe
  139. 2013-07-06 14:29:42 315F3F9B53FD575695BED57ECB645218 77088 ----a-w- C:\Program Files\Glary Utilities 3\filesplitter.exe
  140. 2013-07-06 14:29:28 FB907F87A703BA86189A447CE9275505 146720 ----a-w- C:\Program Files\Glary Utilities 3\fileencrypt.exe
  141. 2013-07-06 14:29:22 5DD13E8BD12F6A0B9B95C48DF4CB0D84 373024 ----a-w- C:\Program Files\Glary Utilities 3\EncryptExe.exe
  142. 2013-07-06 14:29:16 3E071FEE0EF6620FA4A8583B59CAFD6F 209696 ----a-w- C:\Program Files\Glary Utilities 3\EmptyFolderFinder.exe
  143. 2013-07-06 14:29:14 A7A6AA8C262387F198DA63E55890AC7C 284960 ----a-w- C:\Program Files\Glary Utilities 3\dupefinder.exe
  144. 2013-07-06 14:28:30 9D0A0813B2C3BE33E517D5C197DE82FC 513824 ----a-w- C:\Program Files\Glary Utilities 3\DiskDefrag.exe
  145. 2013-07-06 14:28:30 0FC760D8AF7164B13348DD08E46F12F5 145528 ----a-w- C:\Program Files\Glary Utilities 3\DriverBackup.exe
  146. 2013-07-06 14:28:16 01AB0D75EBD394CAD282083895FAA38F 36640 ----a-w- C:\Program Files\Glary Utilities 3\DiskCleaner.exe
  147. 2013-07-06 14:28:06 44AE022C2763BF5823419BAD53C80484 330528 ----a-w- C:\Program Files\Glary Utilities 3\DiskAnalysis.exe
  148. 2013-07-06 14:27:18 65320C406F94EB0681A4C917B55B91CC 127776 ----a-w- C:\Program Files\Glary Utilities 3\cmm.exe
  149. 2013-07-06 14:27:04 1F27F66F071396ABE299A57FBC838395 36640 ----a-w- C:\Program Files\Glary Utilities 3\CheckUpdate.exe
  150. 2013-07-06 14:26:40 8FB18BB49F261AA68F3480710D7056C0 68384 ----a-w- C:\Program Files\Glary Utilities 3\CheckDiskProgress.exe
  151. 2013-07-06 14:26:34 C02CB53C04B7B501622AE58AD94B2651 36640 ----a-w- C:\Program Files\Glary Utilities 3\CheckDisk.exe
  152. 2013-07-06 14:25:10 C3AC43B2018114A617E946AA8FDF3CAC 930272 ----a-w- C:\Program Files\Glary Utilities 3\DPInst64.exe
  153. 2013-07-06 14:25:10 3F442906B29B552F1C9FEC1E221D90B7 795104 ----a-w- C:\Program Files\Glary Utilities 3\DPInst32.exe
  154. 2013-07-05 12:58:01 F2C44F48760280DF95B5398F60660360 17960298 ----a-w- C:\Documents and Settings\Pedja\My Documents\Downloads\K-Lite_Codec_Pack_995_Full.exe
  155. === C: other files ==
  156. 2013-07-10 12:33:17 631067C8879AA5CB4E2A08FADB7E203C 3979 ----a-w- C:\Documents and Settings\All Users\Desktop\sample_20130710_0233.zip
  157. 2013-07-09 08:15:40 D3191AD18930121834D0BF89A7AB9568 1389145 ----a-w- C:\Program Files\AVG\AVG2013\banners\banners.zip
  158. 2013-07-08 09:08:28 4470E3C1E0C3378E4CAB137893C12C3A 22856 ----a-w- C:\WINDOWS\system32\drivers\mbam.sys
  159. 2013-07-08 09:00:48 71A5C0195D65D431B90BC095A4E20222 171094 ----a-w- C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\spy0hywg.default\extensions\jid1-tdms4EWes6XF5w@jetpack.xpi
  160. 2013-07-07 09:25:49 5AD52A93420984537289160B23275F2C 12 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\41AB09AJ\domain=nchsoftware[1].com
  161. 2013-07-07 08:51:05 5AD52A93420984537289160B23275F2C 12 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\81Y7C1AR\cookie=juicyads[1].com
  162. 2013-07-07 08:51:04 5AD52A93420984537289160B23275F2C 12 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OH6BKPI7\domain=juicyads[1].com
  163. 2013-07-07 08:51:04 5AD52A93420984537289160B23275F2C 12 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OH6BKPI7\cookie=.juicyads[1].com
  164. 2013-07-07 08:51:01 5AD52A93420984537289160B23275F2C 12 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\81Y7C1AR\domain=stooorage[1].com
  165. 2013-07-07 08:48:17 5AD52A93420984537289160B23275F2C 12 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\41AB09AJ\domain=googleusercontent[1].com
  166. 2013-07-07 08:47:08 5AD52A93420984537289160B23275F2C 12 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D2345YR\domain=google[1].com
  167. 2013-07-07 08:47:07 5AD52A93420984537289160B23275F2C 12 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OH6BKPI7\domain=clients.google[1].com
  168. 2013-07-07 08:46:16 5AD52A93420984537289160B23275F2C 12 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\81Y7C1AR\cookie=.livejasmin[1].com
  169. 2013-07-07 08:46:14 5AD52A93420984537289160B23275F2C 12 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OH6BKPI7\domain=whaleserver[1].com
  170. 2013-07-07 08:46:13 5AD52A93420984537289160B23275F2C 12 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\81Y7C1AR\domain=awempire[1].com
  171. 2013-07-07 08:46:12 5AD52A93420984537289160B23275F2C 12 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D2345YR\domain=livejasmin[1].com
  172. 2013-07-07 08:46:11 5AD52A93420984537289160B23275F2C 12 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OH6BKPI7\domain=thepandorasboxvideo[1].com
  173. 2013-07-07 08:46:09 5AD52A93420984537289160B23275F2C 12 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\81Y7C1AR\domain=dicarlotrack[1].com
  174. 2013-07-07 08:46:09 5AD52A93420984537289160B23275F2C 12 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\41AB09AJ\domain=videosz[1].com
  175. 2013-07-07 08:46:08 5AD52A93420984537289160B23275F2C 12 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D2345YR\domain=trw12[1].com
  176. 2013-07-07 08:46:07 5AD52A93420984537289160B23275F2C 12 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OH6BKPI7\domain=googleapis[1].com
  177. 2013-07-07 08:46:03 5AD52A93420984537289160B23275F2C 12 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\81Y7C1AR\domain=gravatar[1].com
  178. 2013-07-07 08:44:35 5AD52A93420984537289160B23275F2C 12 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\41AB09AJ\domain=imgbox[1].com
  179. 2013-07-07 08:44:19 5AD52A93420984537289160B23275F2C 12 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OH6BKPI7\cookie=.imgur[1].com
  180. 2013-07-07 08:42:05 5AD52A93420984537289160B23275F2C 12 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\81Y7C1AR\domain=google-analytics[1].com
  181. 2013-07-07 08:42:01 5AD52A93420984537289160B23275F2C 12 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0D2345YR\domain=gomlab[1].com
  182. 2013-07-07 08:41:42 5AD52A93420984537289160B23275F2C 12 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OH6BKPI7\domain=microsoft[1].com
  183. 2013-07-07 08:39:09 5AD52A93420984537289160B23275F2C 12 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\41AB09AJ\domain=digicert[1].com
  184. 2013-07-07 08:38:36 5AD52A93420984537289160B23275F2C 12 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\OH6BKPI7\domain=verisign[1].com
  185. 2013-07-07 08:36:20 803B5A01199430D4965C68A6BC53C92F 1298 ----a-w- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\BurstMedia-0000.zip
  186. 2013-07-07 08:36:20 1FF7411E794E792FBB5A4C31B125C76F 1303 ----a-w- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Quarantine\DoubleClick-0000.zip
  187. 2013-07-06 14:45:28 9A0AD14B3E73C5394C24185B36E7C3E3 11552 ----a-w- C:\Program Files\Glary Utilities 3\ProcObsrv.sys
  188. 2013-07-06 14:23:58 E53D8FD3AB2F291963C686C01F8208F8 14080 ----a-w- C:\Program Files\Glary Utilities 3\Native\win7_x86\BootDefragDriver.sys
  189. 2013-07-06 14:23:58 D3D2E89E6ED861493122DF811E9AC4CB 16640 ----a-w- C:\Program Files\Glary Utilities 3\Native\wnet_x64\BootDefragDriver.sys
  190. 2013-07-06 14:23:58 A3DB7272B70485B1D470EB34F3B3576D 16640 ----a-w- C:\Program Files\Glary Utilities 3\Native\wlh_x64\BootDefragDriver.sys
  191. 2013-07-06 14:23:58 52D3808A7BD62AF0F18123344779DBA1 16640 ----a-w- C:\Program Files\Glary Utilities 3\Native\win7_x64\BootDefragDriver.sys
  192. 2013-07-06 14:23:58 396670CCEA999A0598E80D390C3E8BD0 13056 ----a-w- C:\Program Files\Glary Utilities 3\Native\wxp_x86\BootDefragDriver.sys
  193. 2013-07-06 14:23:56 98915D83C54997389102D88F859EEFA1 14080 ----a-w- C:\Program Files\Glary Utilities 3\Native\wnet_x86\BootDefragDriver.sys
  194. 2013-07-06 14:23:56 57730F8C885F94824D956DCC464F6219 16640 ----a-w- C:\Program Files\Glary Utilities 3\Native\wxp_x64\BootDefragDriver.sys
  195. 2013-07-06 14:23:56 545C1A5887A95114C5C6CB308669C5A3 14080 ----a-w- C:\Program Files\Glary Utilities 3\Native\wlh_x86\BootDefragDriver.sys
  196.  
  197. ==== Startup Registry Enabled ======================
  198.  
  199. [HKEY_USERS\S-1-5-21-839522115-1417001333-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run]
  200. "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"
  201. "Google Update"="C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c"
  202. "Facebook Update"="C:\Documents and Settings\Pedja\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
  203. "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"
  204. "MCShield Monitor"="C:\Program Files\MCShield\mcshieldrtm.exe"
  205.  
  206. [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  207. "nwiz"="C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install"
  208. "NvMediaCenter"="RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit"
  209. "NvCplDaemon"="RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup"
  210. "AVG_UI"="C:\Program Files\AVG\AVG2013\avgui.exe /TRAYONLY"
  211. "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe"
  212. "RTHDCPL"="RTHDCPL.EXE"
  213. "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
  214.  
  215. [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  216. "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"
  217. "Google Update"="C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Update\GoogleUpdate.exe /c"
  218. "Facebook Update"="C:\Documents and Settings\Pedja\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
  219. "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"
  220. "MCShield Monitor"="C:\Program Files\MCShield\mcshieldrtm.exe"
  221.  
  222. ==== Task Scheduler Jobs ======================
  223.  
  224. C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a------ C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [06/18/2013 06:52 PM]
  225. C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-839522115-1417001333-725345543-1003Core.job --a------ C:\Documents and Settings\Pedja\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [05/11/2013 03:18 PM]
  226. C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-839522115-1417001333-725345543-1003UA.job --a------ C:\Documents and Settings\Pedja\Local Settings\Application Data\Facebook\Update\FacebookUpdate.exe [05/11/2013 03:18 PM]
  227. C:\WINDOWS\tasks\GlaryInitialize 3.job --a------ C:\Program Files\Glary Utilities 3\Initialize.exe [07/06/2013 04:31 PM]
  228. C:\WINDOWS\tasks\GlaryInitialize.job --a------ :C:\Program Files\Glary Utilities\initialize.exe []
  229. C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-1417001333-725345543-1003Core.job --a------ C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [05/02/2013 10:25 PM]
  230. C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-839522115-1417001333-725345543-1003UA.job --a------ [Undetermined Task]
  231.  
  232. ==== Firefox Extensions ======================
  233.  
  234. ProfilePath: C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\spy0hywg.default
  235. - Goo.gl Information - %ProfilePath%\extensions\jid1-tdms4EWes6XF5w@jetpack.xpi
  236.  
  237. ==== Firefox Plugins ======================
  238.  
  239. Profilepath: C:\Documents and Settings\Pedja\Application Data\Mozilla\Firefox\Profiles\spy0hywg.default
  240. 02C317A415A91112EDEF07AAC78AF6D5 - C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Update\1.3.21.149\npGoogleUpdate3.dll - Google Update
  241. 3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash
  242. 3A523765D795DB006C010B915C3A840A - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
  243. 42A9B216A7A288512CE2F9A6BCCE96BC - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat
  244. 0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Documents and Settings\Pedja\Local Settings\Application Data\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin
  245. 509335C61594A73AB32E1B572AEE61A8 - C:\Program Files\Windows Media Player\npdrmv2.dll - Microsoft® DRM
  246. 969983AB670681301F7A91DC4AD3D1F1 - C:\Program Files\Windows Media Player\npdsplay.dll - Windows Media Player Plug-in Dynamic Link Library
  247. 6D8F27BEE96589722EE485324FDD88D9 - C:\Program Files\Windows Media Player\npwmsdrm.dll - Microsoft® DRM
  248. D27CE4EAF23411589A33E0C99D176311 - C:\Program Files\Adobe\Acrobat 5.0\Reader\Browser\nppdf32.dll - Adobe Acrobat
  249.  
  250.  
  251. ==== Chrome Look ======================
  252.  
  253. HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
  254. hbcennhacfaagdopikcegfcobcadeocj - C:\Program Files\Common Files\Spigot\GC\saebay_1.0.crx[]
  255. icdlfehblmklkikfigmjhbmmpmkmpooj - C:\Program Files\Common Files\Spigot\GC\errorassistant_1.1.crx[]
  256. mhkaekfpcppmmioggniknbnbdbcigpkk - C:\Program Files\Common Files\Spigot\GC\coupons_2.4.crx[]
  257. pfndaklgolladniicklehhancnlgocpp - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx[]
  258.  
  259. Ebay Shopping Assistant by Spigot - Pedja - Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
  260. Domain Error Assistant - Pedja - Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
  261. Amazon Shopping Assistant by Spigot - Pedja - Default\Extensions\pfndaklgolladniicklehhancnlgocpp
  262.  
  263. ==== IE Start and Search Settings ======================
  264.  
  265. [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
  266. "Start Page"="http://www.google.com"
  267. [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
  268. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
  269. No DefaultScope Set For HKCU
  270.  
  271. ==== All HKCU SearchScopes ======================
  272.  
  273. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
  274. {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"
  275. {6A1806CD-94D4-4689-BA73-E35EA1EA9990} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC"
  276.  
  277. ==== Empty IE Cache ======================
  278.  
  279. C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
  280. C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
  281. C:\Documents and Settings\Pedja\Local Settings\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
  282. C:\Documents and Settings\Pedja\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully
  283. C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
  284. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
  285. C:\Documents and Settings\Pedja\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
  286.  
  287. ==== Empty FireFox Cache ======================
  288.  
  289. C:\Documents and Settings\Pedja\Local Settings\Application Data\Mozilla\Firefox\Profiles\spy0hywg.default\Cache emptied successfully
  290.  
  291. ==== Empty Chrome Cache ======================
  292.  
  293. C:\Documents and Settings\Pedja\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully
  294.  
  295. ==== Empty All Flash Cache ======================
  296.  
  297. Flash Cache Emptied Successfully
  298.  
  299. ==== Empty All Java Cache ======================
  300.  
  301. No Java Cache Found
  302.  
  303. ==== After Reboot ======================
  304.  
  305. ==== Empty Temp Folders ======================
  306.  
  307. C:\WINDOWS\Temp successfully emptied
  308. C:\DOCUME~1\Pedja\LOCALS~1\Temp successfully emptied
  309.  
  310. ==== Empty Recycle Bin ======================
  311.  
  312. C:\RECYCLER successfully emptied
  313.  
  314. ==== Deleting Files / Folders ======================
  315.  
  316. "c:\docume~1\pedja\locals~1\temp\help.vbe" not found
  317. "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
  318. "C:\Documents and Settings\Pedja\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
  319.  
  320. ==== EOF on Wed 07/10/2013 at 14:35:56.01 ======================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!