API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 10th, 2015
107
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 20.00 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 10/10/2015 7:31:31 PM - Run 1
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Admin\My Documents\Downloads
  3. Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
  4. Internet Explorer (Version = 8.0.6001.18702)
  5. Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
  6.  
  7. 1023.48 Mb Total Physical Memory | 522.24 Mb Available Physical Memory | 51.03% Memory free
  8. 2.40 Gb Paging File | 1.89 Gb Available in Paging File | 78.64% Paging File free
  9. Paging file location(s): C:\pagefile.sys 1536 3072 [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
  12. Drive C: | 37.26 Gb Total Space | 27.70 Gb Free Space | 74.34% Space Free | Partition Type: NTFS
  13. Drive E: | 127.99 Gb Total Space | 121.18 Gb Free Space | 94.68% Space Free | Partition Type: NTFS
  14. Drive F: | 58.32 Gb Total Space | 58.25 Gb Free Space | 99.89% Space Free | Partition Type: NTFS
  15.  
  16. Computer Name: WXPPX86BE-6997 | User Name: Admin | Logged in as Administrator.
  17. Boot Mode: Normal | Scan Mode: Current user
  18. Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
  19.  
  20. [color=#E56717]========== Processes (SafeList) ==========[/color]
  21.  
  22. PRC - [2015/10/10 19:30:44 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Admin\My Documents\Downloads\OTL.scr
  23. PRC - [2015/09/24 04:34:44 | 000,815,944 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
  24. PRC - [2015/07/22 04:03:48 | 000,182,696 | ---- | M] (Oracle Corporation) -- C:\Program Files\Java\jre7\bin\jqs.exe
  25. PRC - [2013/07/02 16:16:32 | 000,589,184 | ---- | M] (Oracle Corporation) -- C:\Program Files\Common Files\Java\Java Update\jucheck.exe
  26. PRC - [2013/01/31 13:22:47 | 001,259,296 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
  27. PRC - [2010/09/14 03:02:44 | 000,399,872 | ---- | M] (Windows (R) Codename Longhorn DDK provider) -- C:\Program Files\UPHClean\uphclean.exe
  28. PRC - [2008/07/03 12:38:24 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
  29. PRC - [2007/04/16 14:28:22 | 000,651,264 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
  30. PRC - [2002/03/20 00:30:00 | 001,241,664 | ---- | M] () -- C:\WINDOWS\system32\TaskSwitch.exe
  31.  
  32.  
  33. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  34.  
  35. MOD - [2013/12/03 17:36:22 | 000,268,288 | ---- | M] () -- C:\Program Files\WinRAR\RarLng.dll
  36. MOD - [2013/01/31 13:22:47 | 000,357,224 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\nview\nvShell.dll
  37. MOD - [2010/07/04 23:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
  38. MOD - [2008/04/14 13:00:00 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
  39. MOD - [2008/04/14 13:00:00 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
  40. MOD - [2002/03/20 00:30:00 | 001,241,664 | ---- | M] () -- C:\WINDOWS\system32\TaskSwitch.exe
  41.  
  42.  
  43. [color=#E56717]========== Services (SafeList) ==========[/color]
  44.  
  45. SRV - [2015/10/03 15:25:39 | 000,147,624 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
  46. SRV - [2015/07/22 04:03:48 | 000,182,696 | ---- | M] (Oracle Corporation) [Auto | Running] -- C:\Program Files\Java\jre7\bin\jqs.exe -- (JavaQuickStarterService)
  47. SRV - [2013/01/31 13:22:47 | 001,259,296 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
  48. SRV - [2010/09/14 03:02:44 | 000,399,872 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Auto | Running] -- C:\Program Files\UPHClean\uphclean.exe -- (UPHClean)
  49.  
  50.  
  51. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  52.  
  53. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
  54. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
  55. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
  56. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
  57. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
  58. DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
  59. DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
  60. DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
  61. DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
  62. DRV - File not found [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iilnqn.sys -- (amsint32)
  63. DRV - [2014/01/12 11:05:46 | 000,076,288 | ---- | M] (Nuvoton Technology Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nuvserial.sys -- (Serial)
  64. DRV - [2014/01/12 11:05:46 | 000,017,920 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\nuvserenum.sys -- (serenum)
  65. DRV - [2013/12/16 19:27:47 | 000,014,184 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mvxxmm.sys -- (mvxxmm)
  66. DRV - [2013/12/16 19:27:47 | 000,005,632 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mv64xxmm.sys -- (mv64xxmm)
  67. DRV - [2013/12/16 19:27:46 | 000,014,184 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mv61xxmm.sys -- (mv61xxmm)
  68. DRV - [2011/08/08 20:13:10 | 000,117,584 | ---- | M] (SysProgs.org) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BazisVirtualCDBus.sys -- (BazisVirtualCDBus)
  69. DRV - [2010/07/04 21:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
  70. DRV - [2008/09/24 09:40:22 | 004,122,368 | R--- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
  71. DRV - [2006/06/16 11:04:38 | 000,035,712 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (SISAGP)
  72. DRV - [2006/02/14 16:02:56 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnicxp.sys -- (SISNICXP)
  73. DRV - [2003/03/25 19:50:46 | 000,004,096 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\siside.sys -- (siside)
  74. DRV - [2001/08/17 11:19:34 | 000,040,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\es1371mp.sys -- (es1371)
  75.  
  76.  
  77. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  78.  
  79.  
  80. [color=#E56717]========== Internet Explorer ==========[/color]
  81.  
  82. IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  83. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
  84.  
  85. IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  86. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  87.  
  88. [color=#E56717]========== FireFox ==========[/color]
  89.  
  90. FF - prefs.js..browser.search.countryCode: "BA"
  91. FF - prefs.js..browser.search.region: "BA"
  92. FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:41.0.1
  93. FF - user.js - File not found
  94.  
  95. FF - HKLM\Software\MozillaPlugins\@adobe.com/AuthorwarePlayer: C:\WINDOWS\system32\Macromed\AUTHORWA\np32asw.dll (Macromedia, Inc.)
  96. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
  97. FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw_1207148.dll (Adobe Systems, Inc.)
  98. FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
  99. FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
  100. FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
  101. FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
  102. FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
  103. FF - HKLM\Software\MozillaPlugins\@mozilla.zeniko.ch/SumatraPDF_Browser_Plugin: C:\Program Files\SumatraPDF\npPdfViewer.dll (Simon Bünzli)
  104. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
  105. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
  106. FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Documents and Settings\Admin\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
  107.  
  108. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 41.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
  109. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 41.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
  110.  
  111. [2015/08/04 10:19:21 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Extensions
  112. [2015/09/24 16:32:52 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Admin\Application Data\Mozilla\Firefox\Profiles\2n15k6je.default\extensions
  113. [2015/10/03 15:25:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
  114. [2015/10/03 15:25:49 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
  115.  
  116. [color=#E56717]========== Chrome ==========[/color]
  117.  
  118. CHR - Extension: No name found = C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
  119. CHR - Extension: No name found = C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
  120. CHR - Extension: No name found = C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
  121. CHR - Extension: No name found = C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
  122. CHR - Extension: No name found = C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
  123. CHR - Extension: No name found = C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
  124. CHR - Extension: No name found = C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
  125. CHR - Extension: No name found = C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\
  126. CHR - Extension: No name found = C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
  127. CHR - Extension: No name found = C:\Documents and Settings\Admin\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
  128.  
  129. O1 HOSTS File: ([2008/04/14 13:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
  130. O1 - Hosts: 127.0.0.1 localhost
  131. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
  132. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
  133. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
  134. O4 - HKLM..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd File not found
  135. O4 - HKLM..\Run: [CoolSwitch] C:\WINDOWS\system32\TaskSwitch.exe ()
  136. O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
  137. O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\nvmctray.dll (NVIDIA Corporation)
  138. O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nview\nwiz.exe ()
  139. O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
  140. O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MS .NET Framework v4 - Slow Windows XP Boot Fix.vbs ()
  141. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 0
  142. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDesktopCleanupWizard = 1
  143. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MemCheckBoxInRunDlg = 1
  144. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 1
  145. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
  146. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
  147. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: MaxRecentDocs = 18
  148. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSharedDocuments = 1
  149. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 1
  150. O13 - gopher Prefix: missing
  151. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
  152. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3544B818-443B-4E3C-AFBE-CE2CB77B6777}: DhcpNameServer = 192.168.1.1
  153. O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
  154. O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
  155. O24 - Desktop WallPaper: C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
  156. O24 - Desktop BackupWallPaper: C:\Documents and Settings\Admin\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
  157. O32 - HKLM CDRom: AutoRun - 1
  158. O32 - AutoRun File - [2015/07/22 03:53:14 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
  159. O32 - AutoRun File - [2015/07/21 22:31:42 | 000,000,238 | RHS- | M] () - C:\autorun.inf -- [ NTFS ]
  160. O32 - AutoRun File - [2005/07/18 20:09:53 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
  161. O32 - AutoRun File - [2015/07/21 22:31:42 | 000,000,302 | RHS- | M] () - E:\autorun.inf -- [ NTFS ]
  162. O32 - AutoRun File - [2015/07/21 22:31:42 | 000,000,311 | RHS- | M] () - F:\autorun.inf -- [ NTFS ]
  163. O34 - HKLM BootExecute: (autocheck autochk *)
  164. O35 - HKLM\..comfile [open] -- "%1" %*
  165. O35 - HKLM\..exefile [open] -- "%1" %*
  166. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  167. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  168. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  169. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
  170.  
  171. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  172.  
  173. [2015/10/10 19:27:14 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Admin\IECompatCache
  174. [2015/10/10 19:24:18 | 000,000,000 | -H-D | C] -- C:\WINDOWS\System32\GroupPolicy
  175. [2015/10/04 17:29:21 | 000,040,704 | ---- | C] (Creative Technology Ltd.) -- C:\WINDOWS\System32\drivers\es1371mp.sys
  176. [2015/10/03 15:25:13 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
  177. [2015/09/15 12:51:29 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Admin\Application Data\MPC-HC
  178. [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
  179. [2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
  180. [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
  181.  
  182. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  183.  
  184. [2015/10/10 19:25:00 | 000,000,886 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
  185. [2015/10/10 19:16:16 | 000,311,604 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
  186. [2015/10/10 19:16:16 | 000,039,992 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
  187. [2015/10/10 17:11:34 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
  188. [2015/10/10 17:11:33 | 000,000,222 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Logon.job
  189. [2015/10/10 17:11:29 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
  190. [2015/10/10 17:11:24 | 1073,274,880 | -HS- | M] () -- C:\hiberfil.sys
  191. [2015/10/08 15:04:38 | 000,000,216 | ---- | M] () -- C:\WINDOWS\tasks\Microsoft Windows XP End of Service Notification Monthly.job
  192. [2015/10/08 07:52:46 | 000,002,184 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
  193. [2015/09/27 14:51:01 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
  194. [3 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
  195. [2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
  196. [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
  197.  
  198. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  199.  
  200. [2015/07/23 18:57:26 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb1.bin
  201. [2015/07/23 18:57:26 | 001,072,544 | ---- | C] () -- C:\WINDOWS\System32\nvdrsdb0.bin
  202. [2015/07/23 18:57:26 | 000,000,001 | ---- | C] () -- C:\WINDOWS\System32\nvdrssel.bin
  203. [2015/07/23 18:55:55 | 002,816,504 | ---- | C] () -- C:\WINDOWS\System32\nvdata.data
  204. [2015/07/22 04:05:16 | 000,650,752 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
  205. [2015/07/22 04:05:16 | 000,243,200 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
  206. [2015/07/22 04:05:16 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\System32\lagarith.dll
  207. [2015/07/22 04:05:13 | 000,217,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
  208. [2015/07/22 04:05:07 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
  209. [2015/07/22 03:54:51 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
  210. [2015/07/22 03:50:10 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
  211. [2015/07/21 22:36:58 | 000,147,456 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
  212. [2015/07/21 22:32:55 | 000,715,038 | ---- | C] () -- C:\WINDOWS\unins000.exe
  213. [2015/07/21 22:32:55 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\utv_core.dll
  214. [2015/07/21 22:32:55 | 000,069,632 | ---- | C] () -- C:\WINDOWS\System32\utv_vcm.dll
  215. [2015/07/21 22:32:55 | 000,001,745 | ---- | C] () -- C:\WINDOWS\unins000.dat
  216. [2015/07/21 22:24:59 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
  217. [2015/07/21 22:20:32 | 000,100,640 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
  218. [2014/02/09 18:36:04 | 000,112,640 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
  219.  
  220. [color=#E56717]========== ZeroAccess Check ==========[/color]
  221.  
  222.  
  223. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  224.  
  225. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  226.  
  227. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  228. "" = %SystemRoot%\system32\shdocvw.dll -- [2013/10/25 01:53:19 | 001,510,400 | ---- | M] (Microsoft Corporation)
  229. "ThreadingModel" = Apartment
  230.  
  231. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  232. "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2009/02/09 11:56:36 | 000,473,600 | ---- | M] (Microsoft Corporation)
  233. "ThreadingModel" = Free
  234.  
  235. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  236. "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008/04/14 13:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
  237. "ThreadingModel" = Both
  238.  
  239. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!