API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 14th, 2015
299
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 48.02 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 15.7.2015 1:19:16 - Run 1
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\PC\Desktop
  3. Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
  4. Internet Explorer (Version = 8.0.6001.18702)
  5. Locale: 0000041A | Country: Croatia | Language: HRV | Date Format: d.M.yyyy
  6.  
  7. 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 49,99% Memory free
  8. 5,85 Gb Paging File | 4,81 Gb Available in Paging File | 82,23% Paging File free
  9. Paging file location(s): C:\pagefile.sys 4092 4092 [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
  12. Drive C: | 149,04 Gb Total Space | 124,41 Gb Free Space | 83,48% Space Free | Partition Type: NTFS
  13. Drive D: | 149,04 Gb Total Space | 108,12 Gb Free Space | 72,55% Space Free | Partition Type: NTFS
  14.  
  15. Computer Name: HOME-85F749A410 | User Name: PC | Logged in as Administrator.
  16. Boot Mode: Normal | Scan Mode: Current user | Quick Scan
  17. Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
  18.  
  19. [color=#E56717]========== Processes (SafeList) ==========[/color]
  20.  
  21. PRC - [2015.07.15 01:12:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\PC\Desktop\OTL.exe
  22. PRC - [2015.07.14 16:28:00 | 000,866,936 | ---- | M] (Opera Software) -- C:\Program Files\Opera\30.0.1835.125\opera_crashreporter.exe
  23. PRC - [2015.07.14 16:28:00 | 000,866,424 | ---- | M] (Opera Software) -- C:\Program Files\Opera\30.0.1835.125\opera.exe
  24. PRC - [2015.07.01 17:17:42 | 001,283,192 | ---- | M] (QIHU 360 SOFTWARE CO. LIMITED) -- C:\Program Files\360\Total Security\safemon\QHSafeTray.exe
  25. PRC - [2015.07.01 17:17:42 | 000,858,232 | ---- | M] (QIHU 360 SOFTWARE CO. LIMITED) -- C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe
  26. PRC - [2015.07.01 17:17:42 | 000,316,528 | ---- | M] (Qihu 360 Software Co., Ltd.) -- C:\Program Files\360\Total Security\safemon\chrome\360webshield.exe
  27. PRC - [2015.07.01 17:17:42 | 000,096,376 | ---- | M] (Qihu Software Co. Limited) -- C:\Program Files\360\Total Security\safemon\QHWatchdog.exe
  28. PRC - [2009.07.15 16:51:36 | 000,942,080 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Program Files\AirLive WL-1700USB\AirLive WL-1700USB Wireless Lan Utility\RtWLan.exe
  29. PRC - [2008.04.14 06:42:20 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
  30. PRC - [2008.04.14 06:42:16 | 000,389,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\cmd.exe
  31.  
  32.  
  33. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  34.  
  35. MOD - [2015.07.01 17:25:31 | 015,003,824 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\pepflashplayer32_18_0_0_194.dll
  36. MOD - [2015.07.01 17:17:42 | 000,559,224 | ---- | M] () -- C:\Program Files\360\Total Security\safemon\wdui2.dll
  37. MOD - [2015.07.01 17:17:41 | 000,087,664 | ---- | M] () -- C:\Program Files\360\Total Security\deepscan\qutmload.dll
  38. MOD - [2014.07.02 22:43:12 | 000,681,760 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nview\nvShell.dll
  39. MOD - [2009.04.03 17:32:10 | 000,110,592 | ---- | M] () -- C:\Program Files\AirLive WL-1700USB\AirLive WL-1700USB Wireless Lan Utility\EnumDevLib.dll
  40. MOD - [2008.04.14 06:42:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
  41. MOD - [2008.04.14 06:41:52 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
  42. MOD - [2007.07.12 12:11:54 | 001,163,264 | ---- | M] () -- C:\Program Files\AirLive WL-1700USB\AirLive WL-1700USB Wireless Lan Utility\acAuth.dll
  43.  
  44.  
  45. [color=#E56717]========== Services (SafeList) ==========[/color]
  46.  
  47. SRV - [2015.07.14 16:30:57 | 000,268,976 | ---- | M] (Adobe Systems Incorporated) [Disabled | Stopped] -- C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
  48. SRV - [2015.07.01 17:17:42 | 000,858,232 | ---- | M] (QIHU 360 SOFTWARE CO. LIMITED) [Auto | Running] -- C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe -- (QHActiveDefense)
  49. SRV - [2015.06.02 11:03:40 | 002,904,864 | ---- | M] (IObit) [Disabled | Stopped] -- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
  50. SRV - [2015.05.03 11:02:34 | 000,088,696 | ---- | M] (VIA Technologies, Inc.) [Disabled | Stopped] -- C:\WINDOWS\system32\KaraokeSer.exe -- (KaraokeService)
  51. SRV - [2015.04.03 15:42:26 | 000,814,880 | ---- | M] (IObit) [Disabled | Stopped] -- C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe -- (AdvancedSystemCareService8)
  52. SRV - [2015.02.18 20:11:32 | 000,315,488 | R--- | M] (Skype Technologies) [Disabled | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
  53. SRV - [2015.01.28 14:08:58 | 001,349,576 | ---- | M] (ESET) [Disabled | Stopped] -- C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe -- (ekrn)
  54.  
  55.  
  56. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  57.  
  58. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
  59. DRV - File not found [Kernel | Unavailable | Unknown] -- D:\Filip programi\Unlocker -- (UnlockerDriver5)
  60. DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\taphss.sys -- (taphss)
  61. DRV - File not found [Kernel | System | Stopped] -- -- (QMUdisk)
  62. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
  63. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
  64. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
  65. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
  66. DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
  67. DRV - File not found [File_System | On_Demand | Stopped] -- -- (MBAMSwissArmy)
  68. DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
  69. DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
  70. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (cpuz137)
  71. DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
  72. DRV - [2015.07.01 17:17:42 | 000,203,856 | ---- | M] (360.cn) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\360Box.sys -- (360Box)
  73. DRV - [2015.07.01 17:17:42 | 000,066,128 | ---- | M] (360.cn) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\360AvFlt.sys -- (360AvFlt)
  74. DRV - [2015.07.01 17:17:41 | 000,287,056 | ---- | M] (360.cn) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\qutmdrv.sys -- (qutmdserv)
  75. DRV - [2015.06.04 16:41:12 | 000,067,896 | ---- | M] (电脑管家) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\TSSK.sys -- (TSSK)
  76. DRV - [2015.05.21 13:44:30 | 000,243,128 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\dtsoftbus01.sys -- (dtsoftbus01)
  77. DRV - [2015.05.18 12:20:57 | 000,174,536 | ---- | M] (360安全中心) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\360SelfProtection.sys -- (360SelfProtection)
  78. DRV - [2015.05.18 12:20:57 | 000,088,136 | ---- | M] (360.cn) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\360AntiHacker.sys -- (360AntiHacker)
  79. DRV - [2015.05.18 12:20:57 | 000,058,440 | ---- | M] (360安全中心) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\hookport.sys -- (HookPort)
  80. DRV - [2015.05.18 12:20:57 | 000,045,896 | ---- | M] (360.cn) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\qutmipc.sys -- (qutmipc)
  81. DRV - [2015.05.18 12:20:57 | 000,034,888 | ---- | M] (360.cn) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\360Camera.sys -- (360Camera)
  82. DRV - [2015.05.18 12:20:56 | 000,169,040 | ---- | M] (Qihu 360 Software Co., Ltd.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\BAPIDRV.SYS -- (BAPIDRV)
  83. DRV - [2015.05.18 12:20:56 | 000,023,752 | ---- | M] (360安全中心) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\efimon.sys -- (EfiMon)
  84. DRV - [2015.05.03 11:02:34 | 002,561,968 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
  85. DRV - [2015.05.03 10:59:23 | 000,441,048 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
  86. DRV - [2015.05.03 10:48:27 | 000,023,840 | ---- | M] (REALiX(tm)) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\HWiNFO32.SYS -- (HWiNFO32)
  87. DRV - [2013.08.22 14:40:22 | 000,035,288 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\tap0901.sys -- (tap0901)
  88. DRV - [2013.06.15 21:13:08 | 000,415,536 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
  89. DRV - [2013.03.01 03:48:42 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (npf)
  90. DRV - [2010.11.01 06:08:46 | 000,014,416 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- D:\Filip programi\Game Booster\Driver\WinRing0.sys -- (WinRing0_1_2_0)
  91. DRV - [2010.07.13 03:37:55 | 000,323,328 | R--- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RTL8187.sys -- (RTLWUSB)
  92. DRV - [2009.12.15 14:41:30 | 000,268,912 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\SRS_SSCFilter_i386.sys -- (SRS_SSCFilter)
  93.  
  94.  
  95. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  96.  
  97.  
  98. [color=#E56717]========== Internet Explorer ==========[/color]
  99.  
  100. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
  101. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
  102. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
  103. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://spacesearch.ru/?ri=1&rsid=e804dd8506e23c37342ad948619c0599&q=
  104. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://spacesearch.ru/?ri=1&rsid=e804dd8506e23c37342ad948619c0599&q=
  105. IE - HKLM\..\SearchScopes,DefaultScope = {59E9C8B1-74FD-4CB6-A815-9E96102F97BD}
  106. IE - HKLM\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = http://www.google.com/search?q={searchTerms}
  107. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  108. IE - HKLM\..\SearchScopes\{59E9C8B1-74FD-4CB6-A815-9E96102F97BD}: "URL" = http://www.google.com/search?hl={language}&q={searchTerms}
  109. IE - HKLM\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.com/search?trackid=sp-006&q={searchTerms}
  110.  
  111. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://spacesearch.ru/?ri=1&rsid=e804dd8506e23c37342ad948619c0599&q={searchTerms}
  112. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
  113. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://spacesearch.ru/?ri=1&rsid=e804dd8506e23c37342ad948619c0599&q={searchTerms}
  114. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
  115. IE - HKCU\..\SearchScopes,DefaultScope = {59E9C8B1-74FD-4CB6-A815-9E96102F97BD}
  116. IE - HKCU\..\SearchScopes\{0191A6B0-1154-4C22-9182-23A95BBE92D9}: "URL" = http://www.google.com/search?q={searchTerms}
  117. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
  118. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3C}: "URL" = http://spacesearch.ru/?ri=1&rsid=e804dd8506e23c37342ad948619c0599&q={searchTerms}
  119. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3D}: "URL" = http://spacesearch.ru/?ri=1&rsid=e804dd8506e23c37342ad948619c0599&q=
  120. IE - HKCU\..\SearchScopes\{59E9C8B1-74FD-4CB6-A815-9E96102F97BD}: "URL" = http://www.google.com/search?hl={language}&q={searchTerms}
  121. IE - HKCU\..\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}: "URL" = https://www.google.com/search?trackid=sp-006&q={searchTerms}
  122. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  123.  
  124. [color=#E56717]========== FireFox ==========[/color]
  125.  
  126. FF - prefs.js..browser.search.countryCode: "HR"
  127. FF - prefs.js..browser.search.hiddenOneOffs: "Yahoo,Amazon.co.uk,Bing,DuckDuckGo,eBay.co.uk,EUdict Eng->Cro,Twitter,Wikipedija (hr)"
  128. FF - prefs.js..browser.search.region: "HR"
  129. FF - prefs.js..browser.search.searchengine.alias: ""
  130. FF - prefs.js..browser.search.searchengine.iconURL: "http://www.google.com/favicon.ico"
  131. FF - prefs.js..browser.search.searchengine.name: "Google "
  132. FF - prefs.js..browser.search.searchengine.ref: ""
  133. FF - prefs.js..browser.search.searchengine.ts: ""
  134. FF - prefs.js..browser.search.searchengine.type: ""
  135. FF - prefs.js..browser.search.searchengine.uid: "wdcxwd3200aaks-00l9a0_wd-wmav2855994659946"
  136. FF - prefs.js..browser.search.searchengine.url: "http://www.google.com/search?q={searchTerms}"
  137. FF - prefs.js..browser.search.suggest.enabled: false
  138. FF - prefs.js..browser.startup.homepage: "https://www.google.hr/?gfe_rd=cr&ei=nwxeVdrqO4OJ8QfwoICgDQ&gws_rd=ssl"
  139. FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:38.0
  140.  
  141.  
  142. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_18_0_0_203.dll ()
  143. FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
  144. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
  145. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
  146. FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
  147. FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\PC\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
  148.  
  149. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\WebProtection@360safe.com: C:\Program Files\360\Total Security\safemon\webprotection_firefox [2015.07.05 14:15:36 | 000,000,000 | ---D | M]
  150.  
  151. [2015.03.09 22:15:41 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\PC\Application Data\Mozilla\Extensions
  152. [2015.07.05 20:15:24 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\49q20pbi.default\extensions
  153. [2015.07.05 20:15:24 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\49q20pbi.default\extensions\iobitascsurfingprotection@iobit.com
  154. [2015.05.21 18:37:36 | 000,853,497 | ---- | M] () (No name found) -- C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\49q20pbi.default\extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi
  155. File not found (No name found) -- C:\PROGRAM FILES\IOBIT APPS TOOLBAR\FF
  156.  
  157. [color=#E56717]========== Chrome ==========[/color]
  158.  
  159. CHR - default_search_provider: ()
  160. CHR - default_search_provider: search_url =
  161. CHR - default_search_provider: suggest_url =
  162. CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\WidevineCDM\1.4.8.823\_platform_specific\win_x86\widevinecdmadapter.dll
  163. CHR - plugin: Chrome PDF Viewer (Enabled) = chrome-extension://mhjfbmdgcfjbbpaeojofohoefgiehjai/
  164. CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\43.0.2357.132\PepperFlash\pepflashplayer.dll
  165. CHR - plugin: Chrome Remote Desktop Viewer (Disabled) = internal-remoting-viewer
  166. CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\43.0.2357.132\internal-nacl-plugin
  167. CHR - plugin: Chrome PDF Viewer (Enabled) = internal-pdf-viewer
  168. CHR - Extension: No name found = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
  169. CHR - Extension: No name found = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
  170. CHR - Extension: No name found = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
  171. CHR - Extension: No name found = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
  172. CHR - Extension: No name found = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9_0\
  173. CHR - Extension: No name found = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
  174. CHR - Extension: No name found = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
  175. CHR - Extension: No name found = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh\2.0.14_0\
  176. CHR - Extension: No name found = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\
  177. CHR - Extension: No name found = C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
  178.  
  179. O1 HOSTS File: ([2015.06.17 13:01:58 | 000,000,943 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
  180. O1 - Hosts: 127.0.0.1 localhost
  181. O1 - Hosts: ::1 localhost
  182. O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - No CLSID value found.
  183. O4 - HKLM..\Run: [QHSafeTray] C:\Program Files\360\Total Security\safemon\QHSafeTray.exe (QIHU 360 SOFTWARE CO. LIMITED)
  184. O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\AirLive WL-1700USB Wireless Lan Utility.lnk = C:\Program Files\AirLive WL-1700USB\AirLive WL-1700USB Wireless Lan Utility\RtWLan.exe (Realtek Semiconductor Corp.)
  185. O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
  186. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
  187. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
  188. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
  189. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
  190. O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Filip pjesme\Programi\Microsoft Office 2007\Office12\REFIEBAR.DLL (Microsoft Corporation)
  191. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
  192. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BF42E1BB-743F-41F4-9B0D-0326DDA3AE51}: DhcpNameServer = 192.168.178.1
  193. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BF42E1BB-743F-41F4-9B0D-0326DDA3AE51}: NameServer = 208.67.222.222,208.67.220.220
  194. O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
  195. O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
  196. O20 - HKLM Winlogon: GinaDLL - (C:\WINDOWS\SYSTEM32\RtlGina\RtlGina.DLL) - C:\WINDOWS\system32\RtlGina\RtlGina.dll (Realtek)
  197. O24 - Desktop Components:1 (My Current Home Page) - About:Home
  198. O24 - Desktop WallPaper: C:\Documents and Settings\PC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
  199. O24 - Desktop BackupWallPaper: C:\Documents and Settings\PC\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
  200. O28 - HKLM ShellExecuteHooks: {56F9679E-7826-4C84-81F3-532071A8BCC5} - C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll (Microsoft Corporation)
  201. O32 - HKLM CDRom: AutoRun - 1
  202. O32 - AutoRun File - [2015.03.10 06:27:30 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
  203. O33 - MountPoints2\{00d61b6e-ce2a-11e4-bb1e-004f78055d35}\Shell - "" = AutoRun
  204. O33 - MountPoints2\{00d61b6e-ce2a-11e4-bb1e-004f78055d35}\Shell\AutoRun - "" = Auto&Play
  205. O33 - MountPoints2\{00d61b6e-ce2a-11e4-bb1e-004f78055d35}\Shell\AutoRun\command - "" = H:\LG_PC_Programs.exe
  206. O34 - HKLM BootExecute: (autocheck autochk *)
  207. O35 - HKLM\..comfile [open] -- "%1" %*
  208. O35 - HKLM\..exefile [open] -- "%1" %*
  209. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  210. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  211. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  212. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
  213.  
  214. NetSvcs: 6to4 - File not found
  215. NetSvcs: Ias - File not found
  216. NetSvcs: Iprip - File not found
  217. NetSvcs: Irmon - File not found
  218. NetSvcs: NWCWorkstation - File not found
  219. NetSvcs: Nwsapagent - File not found
  220. NetSvcs: WmdmPmSp - File not found
  221.  
  222. CREATERESTOREPOINT
  223. Restore point Set: OTL Restore Point
  224.  
  225. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  226.  
  227. [2015.07.15 01:12:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\PC\Desktop\OTL.exe
  228. [2015.07.14 15:55:08 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\PC\Recent
  229. [2015.07.10 16:50:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Game Booster 3
  230. [2015.07.10 16:35:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Local Settings\Application Data\Razer
  231. [2015.07.10 16:28:23 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Razer
  232. [2015.07.09 01:41:33 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Package Cache
  233. [2015.07.09 01:40:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Driver Booster 2
  234. [2015.07.09 01:12:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Local Settings\Application Data\TuneUp Software
  235. [2015.07.09 01:12:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Application Data\TuneUp Software
  236. [2015.07.09 01:08:10 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\All Users\Application Data\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
  237. [2015.07.09 01:08:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
  238. [2015.07.05 21:44:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\My Documents\Criterion Games
  239. [2015.07.05 21:23:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\R.G. Mechanics
  240. [2015.07.05 21:23:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Application Data\Need for Speed Hot Pursuit
  241. [2015.07.05 21:22:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Solidshield
  242. [2015.07.01 13:40:09 | 000,000,000 | ---D | C] -- C:\WINDOWS\Dell
  243. [2015.07.01 13:39:54 | 000,000,000 | ---D | C] -- C:\Program Files\Apoint2K
  244. [2015.07.01 13:36:07 | 000,000,000 | ---D | C] -- C:\temp
  245. [2015.07.01 13:06:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\{3dfdf82f-7f70-36a6-3dfd-df82f7f7e0bd}
  246. [2015.07.01 12:48:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Application Data\ASP
  247. [2015.07.01 12:44:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Application Data\systweak
  248. [2015.07.01 12:35:17 | 000,000,000 | ---D | C] -- C:\Program Files\Device Doctor
  249. [2015.06.30 12:56:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Local Settings\Application Data\Opera Software
  250. [2015.06.30 12:56:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Application Data\Opera Software
  251. [2015.06.30 12:55:46 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
  252. [2015.06.30 12:42:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Local Settings\Application Data\fontconfig
  253. [2015.06.30 12:42:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\.dbus-keyrings
  254. [2015.06.30 12:42:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Local Settings\Application Data\webkit
  255. [2015.06.30 12:42:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Local Settings\Application Data\midori
  256. [2015.06.27 16:52:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Application Data\Windows Search
  257. [2015.06.27 15:02:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Application Data\ParetoLogic
  258. [2015.06.27 15:02:49 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Application Data\DriverCure
  259. [2015.06.27 15:02:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
  260. [2015.06.25 10:25:36 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Desktop\Filip igre
  261. [2015.06.25 10:24:09 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Application Data\Windows Desktop Search
  262. [2015.06.25 10:23:47 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Desktop Search
  263. [2015.06.23 20:20:51 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Start Menu\Programs\Grim Tales 8 - The Final Suspect Collector's Edition
  264. [2015.06.21 00:11:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\My Documents\FIFA 12
  265. [2015.06.20 23:42:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\FIFA 12
  266. [2015.06.20 13:17:14 | 000,000,000 | ---D | C] -- C:\WINDOWS\Cache
  267. [2015.06.19 17:58:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Local Settings\Application Data\SRS Labs
  268. [2015.06.19 17:57:57 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SRS Labs
  269. [2015.06.19 01:44:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Start Menu\Programs\Unlocker
  270. [2015.06.17 16:38:17 | 000,820,736 | ---- | C] (Firelight Technologies) -- C:\WINDOWS\System32\fmod_event_net.dll
  271. [2015.06.17 16:36:53 | 000,417,792 | ---- | C] (Firelight Technologies) -- C:\WINDOWS\System32\fmod_event.dll
  272. [2015.06.17 16:35:23 | 001,263,616 | ---- | C] (Firelight Technologies) -- C:\WINDOWS\System32\fmodex.dll
  273. [2015.06.17 13:01:57 | 000,000,000 | -HSD | C] -- C:\$360Section
  274. [2015.06.17 12:12:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Application Data\360TotalSecurity
  275. [2015.06.17 12:05:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\360SD
  276. [2015.06.17 12:01:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\360Quarant
  277. [2015.06.17 12:00:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\tasks\360Disabled
  278. [2015.06.17 12:00:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Application Data\360safe
  279. [2015.06.17 12:00:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\LocalService\Application Data\360safe
  280. [2015.06.17 12:00:11 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\360TotalSecurity
  281. [2015.06.17 12:00:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Application Data\360WD
  282. [2015.06.17 12:00:05 | 000,045,896 | ---- | C] (360.cn) -- C:\WINDOWS\System32\drivers\qutmipc.sys
  283. [2015.06.17 12:00:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\360safe
  284. [2015.06.17 12:00:02 | 000,174,536 | ---- | C] (360安全中心) -- C:\WINDOWS\System32\drivers\360SelfProtection.sys
  285. [2015.06.17 11:59:56 | 000,000,000 | RHSD | C] -- C:\360SANDBOX
  286. [2015.06.17 11:59:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\360 Security Center
  287. [2015.06.17 11:59:55 | 000,203,856 | ---- | C] (360.cn) -- C:\WINDOWS\System32\drivers\360Box.sys
  288. [2015.06.17 11:59:55 | 000,034,888 | ---- | C] (360.cn) -- C:\WINDOWS\System32\drivers\360Camera.sys
  289. [2015.06.17 11:59:54 | 000,088,136 | ---- | C] (360.cn) -- C:\WINDOWS\System32\drivers\360AntiHacker.sys
  290. [2015.06.17 11:59:53 | 000,169,040 | ---- | C] (Qihu 360 Software Co., Ltd.) -- C:\WINDOWS\System32\drivers\BAPIDRV.SYS
  291. [2015.06.17 11:59:50 | 000,287,056 | ---- | C] (360.cn) -- C:\WINDOWS\System32\drivers\qutmdrv.sys
  292. [2015.06.17 11:59:49 | 000,058,440 | ---- | C] (360安全中心) -- C:\WINDOWS\System32\drivers\hookport.sys
  293. [2015.06.17 11:59:45 | 000,066,128 | ---- | C] (360.cn) -- C:\WINDOWS\System32\drivers\360AvFlt.sys
  294. [2015.06.17 11:59:45 | 000,023,752 | ---- | C] (360安全中心) -- C:\WINDOWS\System32\drivers\efimon.sys
  295. [2015.06.17 11:59:13 | 000,000,000 | ---D | C] -- C:\Program Files\360
  296. [2015.06.15 07:58:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Application Data\FarmUp_realore_en
  297. [2015.06.15 07:46:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\PC\Start Menu\Programs\Farm Up
  298. [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
  299.  
  300. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  301.  
  302. [2015.07.15 01:12:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\PC\Desktop\OTL.exe
  303. [2015.07.15 01:08:53 | 000,523,868 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
  304. [2015.07.15 01:08:53 | 000,095,658 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
  305. [2015.07.15 01:04:44 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
  306. [2015.07.15 01:04:42 | 2146,619,392 | -HS- | M] () -- C:\hiberfil.sys
  307. [2015.07.15 01:04:42 | 000,143,624 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
  308. [2015.07.14 23:11:22 | 000,018,776 | ---- | M] () -- C:\WINDOWS\System32\nvAppTimestamps
  309. [2015.07.14 22:40:00 | 000,000,928 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
  310. [2015.07.14 16:37:49 | 010,858,385 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\Kako oprati tastaturu (HD).mp4
  311. [2015.07.13 15:40:00 | 000,000,924 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
  312. [2015.07.11 22:39:00 | 000,000,892 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job
  313. [2015.07.10 16:51:02 | 000,000,258 | ---- | M] () -- C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job
  314. [2015.07.10 16:50:53 | 000,000,610 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Game Booster 3.lnk
  315. [2015.07.10 16:23:47 | 000,000,222 | RHS- | M] () -- C:\boot.ini
  316. [2015.07.09 01:40:15 | 000,000,911 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Driver Booster 2.lnk
  317. [2015.07.08 11:43:11 | 000,001,833 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
  318. [2015.07.05 20:16:07 | 000,000,274 | ---- | M] () -- C:\WINDOWS\tasks\ASC8_PerformanceMonitor.job
  319. [2015.07.01 17:17:42 | 000,203,856 | ---- | M] (360.cn) -- C:\WINDOWS\System32\drivers\360Box.sys
  320. [2015.07.01 17:17:42 | 000,066,128 | ---- | M] (360.cn) -- C:\WINDOWS\System32\drivers\360AvFlt.sys
  321. [2015.07.01 17:17:41 | 000,287,056 | ---- | M] (360.cn) -- C:\WINDOWS\System32\drivers\qutmdrv.sys
  322. [2015.07.01 13:40:05 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_Apfiltr_01009.Wdf
  323. [2015.07.01 13:38:38 | 001,167,120 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb0.bin
  324. [2015.07.01 13:38:38 | 000,000,001 | ---- | M] () -- C:\WINDOWS\System32\nvdrssel.bin
  325. [2015.07.01 13:38:31 | 001,167,120 | ---- | M] () -- C:\WINDOWS\System32\nvdrsdb1.bin
  326. [2015.06.30 12:55:55 | 000,000,675 | ---- | M] () -- C:\Documents and Settings\PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
  327. [2015.06.30 12:55:55 | 000,000,675 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
  328. [2015.06.29 20:18:25 | 000,002,267 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk
  329. [2015.06.27 09:47:41 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
  330. [2015.06.23 20:20:51 | 000,000,699 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\Grim Tales 8 - The Final Suspect Collector's Edition.lnk
  331. [2015.06.23 16:52:36 | 000,000,443 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts.ics
  332. [2015.06.17 13:01:58 | 000,000,943 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
  333. [2015.06.16 20:06:59 | 000,003,584 | ---- | M] () -- C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
  334. [2015.06.15 07:46:08 | 000,000,587 | ---- | M] () -- C:\Documents and Settings\PC\Desktop\Farm Up.lnk
  335. [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
  336.  
  337. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  338.  
  339. [2015.07.15 01:04:42 | 000,143,624 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
  340. [2015.07.14 16:37:09 | 010,858,385 | ---- | C] () -- C:\Documents and Settings\PC\Desktop\Kako oprati tastaturu (HD).mp4
  341. [2015.07.12 18:07:06 | 2146,619,392 | -HS- | C] () -- C:\hiberfil.sys
  342. [2015.07.10 16:51:02 | 000,000,258 | ---- | C] () -- C:\WINDOWS\tasks\Game_Booster_AutoUpdate.job
  343. [2015.07.10 16:50:53 | 000,000,610 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Game Booster 3.lnk
  344. [2015.07.09 01:40:15 | 000,000,911 | ---- | C] () -- C:\Documents and Settings\PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Driver Booster 2.lnk
  345. [2015.07.05 20:16:06 | 000,000,274 | ---- | C] () -- C:\WINDOWS\tasks\ASC8_PerformanceMonitor.job
  346. [2015.07.01 17:25:33 | 000,000,892 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job
  347. [2015.07.01 13:40:05 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\System32\drivers\Msft_Kernel_Apfiltr_01009.Wdf
  348. [2015.07.01 13:37:39 | 000,019,681 | ---- | C] () -- C:\WINDOWS\System32\nvinfo.pb
  349. [2015.06.30 12:55:55 | 000,000,675 | ---- | C] () -- C:\Documents and Settings\PC\Application Data\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
  350. [2015.06.30 12:55:55 | 000,000,675 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Opera.lnk
  351. [2015.06.30 12:55:55 | 000,000,675 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Opera.lnk
  352. [2015.06.25 10:23:54 | 000,001,803 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Windows Search.lnk
  353. [2015.06.23 20:20:51 | 000,000,699 | ---- | C] () -- C:\Documents and Settings\PC\Desktop\Grim Tales 8 - The Final Suspect Collector's Edition.lnk
  354. [2015.06.19 17:57:08 | 000,268,912 | R--- | C] () -- C:\WINDOWS\System32\drivers\SRS_SSCFilter_i386.sys
  355. [2015.06.18 14:04:04 | 001,023,488 | ---- | C] () -- C:\WINDOWS\System32\dllcache\nbdoc.dll
  356. [2015.06.15 07:46:08 | 000,000,587 | ---- | C] () -- C:\Documents and Settings\PC\Desktop\Farm Up.lnk
  357. [2015.06.08 13:57:13 | 000,138,464 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
  358. [2015.06.08 13:57:13 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\PC\Application Data\PnkBstrK.sys
  359. [2015.06.08 13:56:58 | 000,111,928 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
  360. [2015.06.08 13:56:57 | 000,682,280 | ---- | C] () -- C:\WINDOWS\System32\pbsvc.exe
  361. [2015.06.08 13:56:57 | 000,066,872 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
  362. [2015.06.04 15:53:24 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\PC\ntuser.pol
  363. [2015.05.30 12:00:07 | 000,000,004 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\portMap.dat
  364. [2015.05.21 22:55:34 | 000,003,584 | ---- | C] () -- C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
  365. [2015.05.21 18:27:20 | 000,025,832 | -H-- | C] () -- C:\WINDOWS\System32\mlfcache.dat
  366. [2015.04.26 18:00:39 | 000,083,648 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
  367. [2015.04.25 15:39:38 | 000,098,341 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1429969138.bdinstall.bin
  368. [2015.04.25 15:38:58 | 000,037,624 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1429969136.bdinstall.bin
  369. [2015.04.25 15:36:36 | 000,234,287 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\1429968825.bdinstall.bin
  370. [2015.04.20 12:22:00 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\PC\TempWmicBatchFile.bat
  371. [2015.03.10 14:56:23 | 000,376,832 | ---- | C] () -- C:\WINDOWS\System32\AegisI5Installer.exe
  372. [2015.03.10 14:56:01 | 000,451,072 | ---- | C] () -- C:\WINDOWS\System32\ISSRemoveSP.exe
  373. [2015.03.10 06:56:21 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\RtNicProp32.dll
  374. [2015.03.10 06:28:49 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
  375. [2015.03.10 06:25:28 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
  376. [2015.03.09 23:27:54 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
  377. [2015.03.09 23:20:07 | 001,023,983 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1202660629-117609710-839522115-1003-0.dat
  378. [2015.03.09 23:20:06 | 000,147,306 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
  379. [2015.03.09 23:04:25 | 003,932,167 | ---- | C] () -- C:\WINDOWS\System32\nvcoproc.bin
  380. [2015.03.09 23:04:16 | 001,167,120 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
  381. [2015.03.09 23:04:16 | 001,167,120 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
  382. [2015.03.09 23:04:16 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
  383. [2015.03.09 23:00:44 | 002,422,368 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
  384. [2015.03.09 22:40:12 | 000,001,324 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
  385. [2015.03.09 22:15:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
  386. [2015.03.09 22:04:51 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
  387.  
  388. [color=#E56717]========== ZeroAccess Check ==========[/color]
  389.  
  390. [2015.03.09 22:30:02 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
  391.  
  392. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  393.  
  394. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  395.  
  396. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  397. "" = %SystemRoot%\system32\shdocvw.dll -- [2014.02.25 05:30:52 | 001,510,400 | ---- | M] (Microsoft Corporation)
  398. "ThreadingModel" = Apartment
  399.  
  400. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  401. "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009.02.09 14:10:48 | 000,473,600 | ---- | M] (Microsoft Corporation)
  402. "ThreadingModel" = Free
  403.  
  404. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  405. "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 06:42:10 | 000,273,920 | ---- | M] (Microsoft Corporation)
  406. "ThreadingModel" = Both
  407.  
  408. [color=#E56717]========== LOP Check ==========[/color]
  409.  
  410. [2015.03.11 21:36:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\.mono
  411. [2015.07.11 23:07:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\360Quarant
  412. [2015.07.05 14:26:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\360safe
  413. [2015.07.05 14:17:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\360SD
  414. [2015.06.17 12:05:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\360TotalSecurity
  415. [2015.05.17 17:29:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG
  416. [2015.05.17 17:23:32 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
  417. [2015.06.20 13:15:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite
  418. [2015.05.17 17:38:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DriverGenius
  419. [2015.06.05 17:17:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET
  420. [2015.07.10 16:50:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
  421. [2015.07.09 13:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Package Cache
  422. [2015.07.05 20:28:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ParetoLogic
  423. [2015.07.09 01:40:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ProductData
  424. [2015.07.10 16:50:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Razer
  425. [2015.07.05 21:22:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Solidshield
  426. [2015.06.19 17:57:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SRS Labs
  427. [2015.06.04 16:56:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tencent
  428. [2015.07.09 01:12:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TuneUp Software
  429. [2015.04.07 10:46:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\VisualShape
  430. [2015.07.09 01:16:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{3dfdf82f-7f70-36a6-3dfd-df82f7f7e0bd}
  431. [2015.07.09 01:16:06 | 000,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
  432. [2015.03.11 21:36:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\.mono
  433. [2015.07.01 15:56:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\360safe
  434. [2015.07.05 14:16:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\360TotalSecurity
  435. [2015.07.15 01:23:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\360WD
  436. [2015.07.01 12:49:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\ASP
  437. [2015.05.21 18:02:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Avant Downloader
  438. [2015.05.17 17:28:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\AVG
  439. [2015.05.14 19:38:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\BSplayer
  440. [2015.03.09 22:22:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\BSplayer Pro
  441. [2015.07.06 12:10:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\DAEMON Tools Lite
  442. [2015.06.27 15:02:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\DriverCure
  443. [2015.06.23 20:25:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Elephant Games
  444. [2015.04.09 10:12:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\ERS Game Studios
  445. [2015.06.15 08:01:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\FarmUp_realore_en
  446. [2015.07.05 20:21:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\IObit
  447. [2015.07.05 21:23:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Need for Speed Hot Pursuit
  448. [2015.06.30 12:56:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Opera Software
  449. [2015.06.27 15:02:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\ParetoLogic
  450. [2015.05.22 00:52:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\PowerISO
  451. [2015.03.29 16:20:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\ProductData
  452. [2015.04.25 15:34:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\QuickScan
  453. [2015.07.01 13:43:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\systweak
  454. [2015.06.04 16:54:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Tencent
  455. [2015.07.09 01:12:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\TuneUp Software
  456. [2015.03.10 23:22:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Unity
  457. [2015.07.14 15:09:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\uTorrent
  458. [2015.04.07 10:46:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\VisualShape
  459. [2015.05.03 10:24:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\WinBatch
  460. [2015.06.25 10:24:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Windows Desktop Search
  461. [2015.06.27 16:52:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\PC\Application Data\Windows Search
  462.  
  463. [color=#E56717]========== Purity Check ==========[/color]
  464.  
  465.  
  466.  
  467. [color=#E56717]========== Custom Scans ==========[/color]
  468.  
  469. [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
  470.  
  471. [color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
  472. [2004.08.04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
  473. [2008.04.14 06:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
  474. [2008.04.14 06:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:AGP440.sys
  475. [2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\ServicePackFiles\i386\agp440.sys
  476. [2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\dllcache\agp440.sys
  477. [2008.04.14 01:06:40 | 000,042,368 | ---- | M] (Microsoft Corporation) MD5=08FD04AA961BDC77FB983F328334E3D7 -- C:\WINDOWS\system32\drivers\agp440.sys
  478.  
  479. [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
  480. [2004.08.04 14:00:00 | 018,738,937 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
  481. [2008.04.14 06:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
  482. [2008.04.14 06:51:44 | 020,056,462 | ---- | M] () .cab file -- C:\WINDOWS\ServicePackFiles\i386\sp3.cab:atapi.sys
  483. [2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\ServicePackFiles\i386\atapi.sys
  484. [2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\dllcache\atapi.sys
  485. [2008.04.14 01:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
  486. [2004.08.03 23:59:44 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\$NtServicePackUninstall$\atapi.sys
  487. [2004.08.04 14:00:00 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\system32\drivers\atapi.sys
  488.  
  489. [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
  490. [2008.04.14 06:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\ServicePackFiles\i386\eventlog.dll
  491. [2008.04.14 06:41:54 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
  492. [2004.08.04 14:00:00 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=82B24CB70E5944E6E34662205A2A5B78 -- C:\WINDOWS\$NtServicePackUninstall$\eventlog.dll
  493.  
  494. [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
  495. [2008.04.14 06:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\ServicePackFiles\i386\netlogon.dll
  496. [2008.04.14 06:42:02 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll
  497. [2004.08.04 14:00:00 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=96353FCECBA774BB8DA74A1C6507015A -- C:\WINDOWS\$NtServicePackUninstall$\netlogon.dll
  498.  
  499. [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
  500. [2004.08.04 14:00:00 | 000,180,224 | ---- | M] (Microsoft Corporation) MD5=0F78E27F563F2AAF74B91A49E2ABF19A -- C:\WINDOWS\$NtServicePackUninstall$\scecli.dll
  501. [2008.04.14 06:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\ServicePackFiles\i386\scecli.dll
  502. [2008.04.14 06:42:06 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
  503.  
  504. [color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
  505.  
  506. [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
  507.  
  508. [color=#E56717]========== Alternate Data Streams ==========[/color]
  509.  
  510. @Alternate Data Stream - 12 bytes -> C:\WINDOWS:{4B9A1497-0817-47C4-9612-D6A1C53ACF57}
  511.  
  512. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!