Advertisement
Guest User

Untitled

a guest
Sep 13th, 2015
105
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 49.24 KB | None | 0 0
  1. OTL logfile created on: 9/12/2015 9:53:06 PM - Run 1
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\tittus\Desktop
  3. Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
  4. Internet Explorer (Version = 8.0.7601.17514)
  5. Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
  6.  
  7. 3.00 Gb Total Physical Memory | 1.25 Gb Available Physical Memory | 41.66% Memory free
  8. 6.00 Gb Paging File | 4.31 Gb Available in Paging File | 71.95% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
  12. Drive C: | 60.08 Gb Total Space | 14.06 Gb Free Space | 23.41% Space Free | Partition Type: NTFS
  13. Drive D: | 88.96 Gb Total Space | 43.91 Gb Free Space | 49.35% Space Free | Partition Type: NTFS
  14.  
  15. Computer Name: TITTUS-PC | User Name: tittus | Logged in as Administrator.
  16. Boot Mode: Normal | Scan Mode: Current user
  17. Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
  18.  
  19. [color=#E56717]========== Processes (SafeList) ==========[/color]
  20.  
  21. PRC - C:\Users\tittus\Desktop\OTL.exe (OldTimer Tools)
  22. PRC - C:\Users\tittus\AppData\Local\gmsd_ra_005010083\upgmsd_ra_005010083.exe ()
  23. PRC - C:\Program Files\gmsd_ra_005010083\gmsd_ra_005010083.exe ()
  24. PRC - C:\Program Files\Common Files\ShopperPro\spbiu.exe (ShopperPro)
  25. PRC - C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
  26. PRC - C:\Program Files\baidu\pps.exe ()
  27. PRC - C:\Program Files\BimaTRI\BimaTRI.exe ()
  28. PRC - C:\Program Files\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
  29. PRC - C:\Program Files\BlueStacks\HD-UpdaterService.exe (BlueStack Systems, Inc.)
  30. PRC - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
  31. PRC - C:\Program Files\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
  32. PRC - C:\Program Files\Internet Download Manager\IEMonitor.exe (Tonec Inc.)
  33. PRC - C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation)
  34. PRC - C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
  35. PRC - C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
  36. PRC - C:\Program Files\HapAckeR Soft\MoMo - Web Browser Optimize\MoMo.exe (HapAckeR Soft)
  37. PRC - C:\Windows\System32\ChgService.exe ()
  38. PRC - C:\Windows\explorer.exe (Microsoft Corporation)
  39. PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
  40.  
  41.  
  42. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  43.  
  44. MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\252acca6f055917d5a5a9c4bb4ace6b0\JSON.ni.dll ()
  45. MOD - C:\Users\tittus\AppData\Local\gmsd_ra_005010083\upgmsd_ra_005010083.exe ()
  46. MOD - C:\Program Files\gmsd_ra_005010083\gmsd_ra_005010083.exe ()
  47. MOD - C:\Program Files\baidu\pps.exe ()
  48. MOD - c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\WebKit.dll ()
  49. MOD - C:\Program Files\BimaTRI\BimaTRI.exe ()
  50. MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\a96ebdd39d16d2b9e7476a6b9d728ae7\System.ServiceProcess.ni.dll ()
  51. MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\31e991980fae3062d709f31dcf6f4669\System.Web.ni.dll ()
  52. MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5d9b26fc02784136a0c34d75a2f3d714\System.Windows.Forms.ni.dll ()
  53. MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\8283e75f3820b002e167d2270b790f7e\System.Drawing.ni.dll ()
  54. MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\9097049b739730f4391c8f50da0d6e34\System.Xml.ni.dll ()
  55. MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\26ce7c29eb3c15178a21a4ae283f420d\System.Configuration.ni.dll ()
  56. MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9fccc2be9a47b2970bc9498cc57fb142\System.ni.dll ()
  57. MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\d40b99d82652dbbc000d378a824ae296\mscorlib.ni.dll ()
  58. MOD - C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll ()
  59. MOD - C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
  60.  
  61.  
  62. [color=#E56717]========== Services (SafeList) ==========[/color]
  63.  
  64. SRV - (totyseku) -- C:\Program Files\03000200-1441197202-0500-0006-000700080009\hnsx1392.tmp File not found
  65. SRV - (musepimo) -- C:\Program Files\03000200-1441197202-0500-0006-000700080009\knsq1907.tmp File not found
  66. SRV - (jimocoso) -- C:\Program Files\03000200-1441197202-0500-0006-000700080009\jnsmBA59.tmp File not found
  67. SRV - (globalUpdatem) -- C:\Program Files\globalUpdate\Update\globalupdate.exe /medsvc File not found
  68. SRV - (globalUpdate) -- C:\Program Files\globalUpdate\Update\globalupdate.exe /svc File not found
  69. SRV - (SPBIUpd) -- C:\Program Files\Common Files\ShopperPro\spbiu.exe (ShopperPro)
  70. SRV - (Steam Client Service) -- C:\Program Files\Common Files\Steam\SteamService.exe (Valve Corporation)
  71. SRV - (BstHdUpdaterSvc) -- C:\Program Files\BlueStacks\HD-UpdaterService.exe (BlueStack Systems, Inc.)
  72. SRV - (AdobeARMservice) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
  73. SRV - (BstHdLogRotatorSvc) -- C:\Program Files\BlueStacks\HD-LogRotatorService.exe (BlueStack Systems, Inc.)
  74. SRV - (BstHdAndroidSvc) -- C:\Program Files\BlueStacks\HD-Service.exe (BlueStack Systems, Inc.)
  75. SRV - (MozillaMaintenance) -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
  76. SRV - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
  77. SRV - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
  78. SRV - (Change Modem Device Service) -- C:\Windows\System32\ChgService.exe ()
  79. SRV - (Microsoft SharePoint Workspace Audit Service) -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE (Microsoft Corporation)
  80. SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
  81. SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation)
  82. SRV - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
  83.  
  84.  
  85. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  86.  
  87. DRV - (VGPU) -- System32\drivers\rdvgkmd.sys File not found
  88. DRV - (MpKsl66e2b5eb) -- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{4825072A-B57E-4E45-910C-F13DE9A7DA0C}\MpKsl66e2b5eb.sys (Microsoft Corporation)
  89. DRV - (SPBIUpdd) -- C:\Program Files\Common Files\ShopperPro\spbiw.sys ()
  90. DRV - (BstHdDrv) -- C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys (BlueStack Systems)
  91. DRV - (IDMWFP) -- C:\Windows\System32\drivers\idmwfp.sys (Tonec Inc.)
  92. DRV - (nvlddmkm) -- C:\Windows\System32\drivers\nvlddmkm.sys (NVIDIA Corporation)
  93. DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
  94. DRV - (RtlWlanu) -- C:\Windows\System32\drivers\RTWlanU.sys (Realtek Semiconductor Corporation )
  95. DRV - (cmnsusbser) -- C:\Windows\System32\drivers\cmnsusbser.sys (QUALCOMM Incorporated)
  96. DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation)
  97. DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
  98. DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation)
  99. DRV - (tsusbhub) -- C:\Windows\System32\drivers\tsusbhub.sys (Microsoft Corporation)
  100. DRV - (Synth3dVsc) -- C:\Windows\System32\drivers\Synth3dVsc.sys (Microsoft Corporation)
  101. DRV - (dmvsc) -- C:\Windows\System32\drivers\dmvsc.sys (Microsoft Corporation)
  102. DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation)
  103. DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
  104. DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation)
  105. DRV - (TsUsbGD) -- C:\Windows\System32\drivers\TsUsbGD.sys (Microsoft Corporation)
  106. DRV - (terminpt) -- C:\Windows\System32\drivers\terminpt.sys (Microsoft Corporation)
  107. DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation)
  108. DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation)
  109. DRV - (Revoflt) -- C:\Windows\System32\drivers\revoflt.sys (VS Revo Group)
  110. DRV - (Serial) -- C:\Windows\System32\drivers\serial.sys (Brother Industries Ltd.)
  111.  
  112.  
  113. [color=#E56717]========== Standard Registry (All) ==========[/color]
  114.  
  115.  
  116. [color=#E56717]========== Internet Explorer ==========[/color]
  117.  
  118. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  119. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  120. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
  121. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
  122. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\System32\blank.htm
  123. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  124. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
  125. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  126. IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  127. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  128.  
  129. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
  130. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  131. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  132. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://u.msn.com/id-id/?ocid=iehp
  133. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
  134. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = E7 2A C5 02 41 C7 D0 01 [binary data]
  135. IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\System32\ieframe.dll (Microsoft Corporation)
  136. IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  137. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
  138. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  139.  
  140. [color=#E56717]========== FireFox ==========[/color]
  141.  
  142. FF - prefs.js..browser.search.countryCode: "ID"
  143. FF - prefs.js..browser.search.defaultenginename: "mystartsearch"
  144. FF - prefs.js..browser.search.region: "ID"
  145. FF - prefs.js..browser.search.searchengine.alias: "mystartsearch"
  146. FF - prefs.js..browser.search.searchengine.desc: "this is my first firefox searchEngine"
  147. FF - prefs.js..browser.search.searchengine.iconURL: "http://www.mystartsearch.com/favicon.ico"
  148. FF - prefs.js..browser.search.searchengine.name: "mystartsearch"
  149. FF - prefs.js..browser.search.searchengine.ptid: "cmi"
  150. FF - prefs.js..browser.search.searchengine.uid: "ST3160215AS_6RABANRDXXXX6RABANRD"
  151. FF - prefs.js..browser.search.searchengine.url: "http://www.mystartsearch.com/web/?type=ds&ts=1441719083&z=894c575bf4d18e0147fa109g0zcz5g9mag9b8t5c3m&from=cmi&uid=ST3160215AS_6RABANRDXXXX6RABANRD&q={searchTerms}"
  152. FF - prefs.js..browser.search.selectedEngine: "mystartsearch"
  153. FF - prefs.js..browser.startup.homepage: "http://www.mystartsearch.com/?type=hp&ts=1441719083&z=894c575bf4d18e0147fa109g0zcz5g9mag9b8t5c3m&from=cmi&uid=ST3160215AS_6RABANRDXXXX6RABANRD"
  154. FF - prefs.js..extensions.enabledAddons: mozilla_cc2%40internetdownloadmanager.com:6.23.19
  155. FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:37.0.1
  156. FF - user.js - File not found
  157.  
  158. FF - HKLM\Software\MozillaPlugins\@iqiyi.com/npWebPlayer: C:\IQIYI Video\LStyle\npWebPlayer.dll File not found
  159. FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
  160. FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
  161. FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll File not found
  162. FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll File not found
  163. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll (Google Inc.)
  164. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll (Google Inc.)
  165. FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
  166. FF - HKCU\Software\MozillaPlugins\@iqiyi.com/npWebPlayer: C:\IQIYI Video\LStyle\npWebPlayer.dll File not found
  167.  
  168. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\defsearchp@gmail.com: C:\Users\tittus\AppData\Roaming\Mozilla\Firefox\Profiles\z5vurs5l.default-1432035441886\extensions\defsearchp@gmail.com
  169. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\deskCutv2@gmail.com: C:\Users\tittus\AppData\Roaming\Mozilla\Firefox\Profiles\z5vurs5l.default-1432035441886\extensions\deskCutv2@gmail.com
  170. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
  171. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 37.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
  172. FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mozilla_cc2@internetdownloadmanager.com: C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2015/08/14 17:36:02 | 000,029,742 | ---- | M] ()
  173. FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\tittus\AppData\Roaming\IDM\idmmzcc5 [2015/09/05 14:20:36 | 000,000,000 | ---D | M]
  174.  
  175. [2015/04/10 18:28:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tittus\AppData\Roaming\Mozilla\Extensions
  176. [2015/09/12 10:20:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\tittus\AppData\Roaming\Mozilla\Firefox\Profiles\z5vurs5l.default-1432035441886\extensions
  177. [2015/09/09 21:03:04 | 000,002,176 | ---- | M] () -- C:\Users\tittus\AppData\Roaming\Mozilla\Firefox\Profiles\z5vurs5l.default-1432035441886\searchplugins\mystartsearch.xml
  178. [2015/09/02 19:42:06 | 000,002,167 | ---- | M] () -- C:\Users\tittus\AppData\Roaming\Mozilla\Firefox\Profiles\z5vurs5l.default-1432035441886\searchplugins\oursurfing.xml
  179. [2015/04/10 16:24:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
  180. [2015/04/10 16:24:44 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
  181. [2015/08/14 17:36:02 | 000,029,742 | ---- | M] () (No name found) -- C:\PROGRAM FILES\INTERNET DOWNLOAD MANAGER\IDMMZCC2.XPI
  182.  
  183. [color=#E56717]========== Chrome ==========[/color]
  184.  
  185. CHR - Extension: No name found = C:\Users\tittus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
  186. CHR - Extension: No name found = C:\Users\tittus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
  187. CHR - Extension: No name found = C:\Users\tittus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
  188. CHR - Extension: No name found = C:\Users\tittus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
  189. CHR - Extension: No name found = C:\Users\tittus\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.9.1_0\
  190. CHR - Extension: No name found = C:\Users\tittus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
  191. CHR - Extension: No name found = C:\Users\tittus\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
  192. CHR - Extension: No name found = C:\Users\tittus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\0.5_0\
  193. CHR - Extension: No name found = C:\Users\tittus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg\0.3.0.5_0\
  194. CHR - Extension: No name found = C:\Users\tittus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek\6.23.15_0\
  195. CHR - Extension: No name found = C:\Users\tittus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.2.0_0\
  196. CHR - Extension: No name found = C:\Users\tittus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
  197.  
  198. O1 HOSTS File: ([2009/06/11 04:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
  199. O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
  200. O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
  201. O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
  202. O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
  203. O4 - HKLM..\Run: [gmsd_ra_005010080] File not found
  204. O4 - HKLM..\Run: [gmsd_ra_005010081] File not found
  205. O4 - HKLM..\Run: [gmsd_ra_005010082] File not found
  206. O4 - HKLM..\Run: [gmsd_ra_005010083] C:\Program Files\gmsd_ra_005010083\gmsd_ra_005010083.exe ()
  207. O4 - HKLM..\Run: [mbot_id_014010078] File not found
  208. O4 - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
  209. O4 - HKCU..\Run: [apphide] C:\Program Files\baidu\pps.exe ()
  210. O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd)
  211. O4 - HKCU..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe (Tonec Inc.)
  212. O4 - HKCU..\Run: [MoMo_WebBrowserOptimize] C:\Program Files\HapAckeR Soft\MoMo - Web Browser Optimize\MoMo.exe (HapAckeR Soft)
  213. O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
  214. O4 - HKLM..\RunOnce: [upgmsd_ra_005010083.exe] C:\Users\tittus\AppData\Local\gmsd_ra_005010083\upgmsd_ra_005010083.exe ()
  215. O4 - Startup: C:\Users\tittus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BimaTRI.lnk = C:\Program Files\BimaTRI\BimaTRI.exe ()
  216. O4 - Startup: C:\Users\tittus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk = File not found
  217. O4 - Startup: C:\Users\tittus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\W.lnk = C:\Users\tittus\AppData\Roaming\obaG8oUMSY.exe ()
  218. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
  219. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  220. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
  221. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
  222. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
  223. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
  224. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
  225. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
  226. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
  227. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
  228. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
  229. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
  230. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
  231. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
  232. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
  233. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
  234. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
  235. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
  236. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
  237. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
  238. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
  239. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
  240. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
  241. O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm ()
  242. O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm ()
  243. O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
  244. O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
  245. O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
  246. O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
  247. O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
  248. O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
  249. O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\System32\nlaapi.dll (Microsoft Corporation)
  250. O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\System32\NapiNSP.dll (Microsoft Corporation)
  251. O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
  252. O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\System32\pnrpnsp.dll (Microsoft Corporation)
  253. O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
  254. O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\System32\winrnr.dll (Microsoft Corporation)
  255. O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
  256. O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
  257. O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
  258. O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
  259. O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
  260. O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
  261. O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
  262. O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
  263. O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
  264. O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
  265. O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
  266. O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
  267. O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
  268. O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
  269. O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
  270. O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
  271. O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
  272. O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
  273. O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
  274. O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
  275. O10 - Protocol_Catalog9\Catalog_Entries\000000000021 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
  276. O10 - Protocol_Catalog9\Catalog_Entries\000000000022 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
  277. O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
  278. O10 - Protocol_Catalog9\Catalog_Entries\000000000024 - C:\Windows\System32\mswsock.dll (Microsoft Corporation)
  279. O13 - gopher Prefix: missing
  280. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4501245A-F899-4C0A-835C-051E915E9D5A}: DhcpNameServer = 8.8.8.8 8.8.4.4
  281. O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
  282. O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
  283. O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
  284. O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
  285. O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
  286. O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
  287. O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
  288. O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
  289. O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
  290. O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
  291. O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
  292. O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\System32\inetcomm.dll (Microsoft Corporation)
  293. O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
  294. O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
  295. O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\System32\itss.dll (Microsoft Corporation)
  296. O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
  297. O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\System32\MSVidCtl.dll (Microsoft Corporation)
  298. O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\System32\mshtml.dll (Microsoft Corporation)
  299. O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
  300. O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
  301. O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
  302. O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
  303. O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\System32\urlmon.dll (Microsoft Corporation)
  304. O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
  305. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  306. O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
  307. O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
  308. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  309. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
  310. O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\System32\credssp.dll (Microsoft Corporation)
  311. O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
  312. O30 - LSA: Security Packages - (kerberos) - C:\Windows\System32\kerberos.dll (Microsoft Corporation)
  313. O30 - LSA: Security Packages - (msv1_0) - C:\Windows\System32\msv1_0.dll (Microsoft Corporation)
  314. O30 - LSA: Security Packages - (schannel) - C:\Windows\System32\schannel.dll (Microsoft Corporation)
  315. O30 - LSA: Security Packages - (wdigest) - C:\Windows\System32\wdigest.dll (Microsoft Corporation)
  316. O30 - LSA: Security Packages - (tspkg) - C:\Windows\System32\tspkg.dll (Microsoft Corporation)
  317. O30 - LSA: Security Packages - (pku2u) - C:\Windows\System32\pku2u.dll (Microsoft Corporation)
  318. O31 - SafeBoot: AlternateShell - cmd.exe
  319. O32 - HKLM CDRom: AutoRun - 1
  320. O32 - AutoRun File - [2015/09/12 10:28:40 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
  321. O32 - AutoRun File - [2009/06/11 04:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
  322. O32 - AutoRun File - [2013/10/08 16:18:36 | 4229,266,025 | ---- | M] (Autodesk, Inc.) - D:\Autodesk_Inventor_2014_Eng_64bit_dlm_001_002.sfx.exe -- [ NTFS ]
  323. O32 - AutoRun File - [2013/10/08 07:02:48 | 161,701,279 | ---- | M] (Autodesk, Inc.) - D:\Autodesk_Inventor_2014_Eng_64bit_dlm_002_002.sfx.exe -- [ NTFS ]
  324. O33 - MountPoints2\{0657f779-d087-11e4-9b5a-002488c23038}\Shell - "" = AutoRun
  325. O33 - MountPoints2\{0657f779-d087-11e4-9b5a-002488c23038}\Shell\AutoRun\command - "" = E:\setup.exe
  326. O33 - MountPoints2\{2d9a8189-cfc6-11e4-a543-002488c23038}\Shell - "" = AutoRun
  327. O33 - MountPoints2\{2d9a8189-cfc6-11e4-a543-002488c23038}\Shell\AutoRun\command - "" = F:\.\ShowModem.exe
  328. O34 - HKLM BootExecute: (autocheck autochk *)
  329. O35 - HKLM\..comfile [open] -- "%1" %*
  330. O35 - HKLM\..exefile [open] -- "%1" %*
  331. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  332. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  333. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  334. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
  335. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  336.  
  337. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  338.  
  339. [2015/09/12 11:11:02 | 005,635,119 | ---- | C] (Swearware) -- C:\Users\tittus\Desktop\ComboFix.exe
  340. [2015/09/12 11:09:10 | 024,344,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\tittus\Desktop\mbam-setup-techspot-2.1.8.1057.exe
  341. [2015/09/12 11:08:44 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\tittus\Desktop\OTL.exe
  342. [2015/09/12 10:53:48 | 000,000,000 | ---D | C] -- C:\Users\tittus\AppData\Roaming\Autodesk
  343. [2015/09/12 10:53:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Autodesk
  344. [2015/09/12 10:28:40 | 000,000,000 | ---D | C] -- C:\Autodesk
  345. [2015/09/10 21:03:02 | 000,000,000 | ---D | C] -- C:\Program Files\SmartfrenAD687GDriver
  346. [2015/09/08 20:40:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP
  347. [2015/09/08 20:40:23 | 000,000,000 | ---D | C] -- C:\Users\tittus\AppData\Local\gmsd_ra_005010083
  348. [2015/09/08 20:40:23 | 000,000,000 | ---D | C] -- C:\Program Files\gmsd_ra_005010083
  349. [2015/09/08 20:31:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
  350. [2015/09/08 20:31:19 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacks
  351. [2015/09/08 20:31:19 | 000,000,000 | ---D | C] -- C:\Program Files\BlueStacks
  352. [2015/09/08 20:30:22 | 000,000,000 | ---D | C] -- C:\Users\tittus\AppData\Local\Bluestacks
  353. [2015/09/07 21:52:19 | 000,000,000 | ---D | C] -- C:\Windows\System32\Flash
  354. [2015/09/07 21:43:57 | 000,000,000 | -HSD | C] -- C:\Users\tittus\AppData\Roaming\AnyProtectEx
  355. [2015/09/07 21:39:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Systweak
  356. [2015/09/07 21:32:15 | 000,000,000 | ---D | C] -- C:\Users\tittus\AppData\Local\globalUpdate
  357. [2015/09/07 21:20:44 | 000,000,000 | ---D | C] -- C:\ProgramData\pWdsManProp
  358. [2015/09/07 21:16:02 | 000,000,000 | ---D | C] -- C:\Users\tittus\AppData\Local\Crossbrowse
  359. [2015/09/06 22:56:25 | 000,000,000 | -HSD | C] -- C:\[Smad-Cage]
  360. [2015/09/06 22:56:25 | 000,000,000 | ---D | C] -- C:\Users\tittus\AppData\Roaming\Smadav
  361. [2015/09/06 22:50:30 | 000,000,000 | ---D | C] -- C:\Windows\System32\appmgmt
  362. [2015/09/06 22:36:22 | 000,000,000 | ---D | C] -- C:\Users\tittus\AppData\Local\Systweak
  363. [2015/09/06 22:32:54 | 000,000,000 | ---D | C] -- C:\Users\tittus\AppData\Roaming\systweak
  364. [2015/09/06 22:29:34 | 000,000,000 | ---D | C] -- C:\ProgramData\ShopperPro
  365. [2015/09/06 22:29:22 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ShopperPro
  366. [2015/09/06 22:26:03 | 000,000,000 | ---D | C] -- C:\ProgramData\3WdsManPro3
  367. [2015/09/06 22:24:11 | 000,000,000 | ---D | C] -- C:\Users\tittus\AppData\Local\Installer
  368. [2015/09/06 22:24:10 | 000,000,000 | ---D | C] -- C:\Users\tittus\AppData\Local\CrashRpt
  369. [2015/09/05 14:48:43 | 000,000,000 | ---D | C] -- C:\ProgramData\1WdsManPro1
  370. [2015/09/05 14:48:32 | 000,000,000 | ---D | C] -- C:\Program Files\Opera
  371. [2015/09/05 14:47:45 | 000,000,000 | ---D | C] -- C:\Users\tittus\AppData\Local\gamesdesktop
  372. [2015/09/05 14:20:23 | 000,000,000 | ---D | C] -- C:\Users\tittus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
  373. [2015/09/05 14:20:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Download Manager
  374. [2015/09/05 14:18:04 | 000,000,000 | ---D | C] -- C:\Users\tittus\Documents\TPM
  375. [2015/09/02 20:19:13 | 000,000,000 | ---D | C] -- C:\Program Files\predm
  376. [2015/09/02 20:06:12 | 000,000,000 | ---D | C] -- C:\Users\tittus\AppData\Roaming\ppslog
  377. [2015/09/02 19:51:13 | 000,000,000 | ---D | C] -- C:\Users\tittus\AppData\Local\SysassistByHotWheel
  378. [2015/09/02 19:51:09 | 000,000,000 | ---D | C] -- C:\ProgramData\WWdsManProW
  379. [2015/09/02 19:50:42 | 000,000,000 | ---D | C] -- C:\Users\tittus\AppData\Local\Unity
  380. [2015/09/02 19:49:57 | 000,000,000 | ---D | C] -- C:\Users\tittus\AppData\Roaming\IQIYI Video
  381. [2015/09/02 19:49:54 | 000,000,000 | ---D | C] -- C:\ProgramData\IQIYI Video
  382. [2015/09/02 19:45:04 | 000,000,000 | ---D | C] -- C:\Program Files\baidu
  383. [2015/09/02 19:35:18 | 000,000,000 | ---D | C] -- C:\Users\tittus\AppData\Local\03000200-1441222518-0500-0006-000700080009
  384. [2015/08/30 21:29:06 | 000,000,000 | ---D | C] -- C:\Users\tittus\AppData\Local\CEF
  385. [2015/08/28 19:36:11 | 000,123,968 | ---- | C] (Tonec Inc.) -- C:\Windows\System32\drivers\idmwfp.sys
  386. [2015/08/16 14:27:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Android Device USB driver
  387. [2015/08/16 14:24:46 | 000,000,000 | ---D | C] -- C:\Program Files\Intel Android Device USB driver
  388. [2015/08/16 12:10:13 | 000,000,000 | ---D | C] -- C:\Users\tittus\.android
  389. [2015/08/16 11:34:29 | 000,000,000 | ---D | C] -- C:\ProgramData\BlueStacksSetup
  390. [2015/08/14 19:31:16 | 000,000,000 | ---D | C] -- C:\Program Files\BimaTRI
  391. [2 C:\Users\tittus\AppData\Local\*.tmp files -> C:\Users\tittus\AppData\Local\*.tmp -> ]
  392.  
  393. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  394.  
  395. [2015/09/12 21:53:40 | 000,026,352 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  396. [2015/09/12 21:53:40 | 000,026,352 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  397. [2015/09/12 21:46:52 | 000,000,939 | ---- | M] () -- C:\Users\tittus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BimaTRI.lnk
  398. [2015/09/12 21:46:24 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
  399. [2015/09/12 21:46:24 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  400. [2015/09/12 21:46:22 | 000,005,498 | ---- | M] () -- C:\Windows\tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-7.job
  401. [2015/09/12 21:46:22 | 000,005,474 | ---- | M] () -- C:\Windows\tasks\cbda1388-caa9-4039-9ecf-a43326686b1a-7.job
  402. [2015/09/12 21:46:22 | 000,004,474 | ---- | M] () -- C:\Windows\tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-4.job
  403. [2015/09/12 21:46:22 | 000,004,450 | ---- | M] () -- C:\Windows\tasks\cbda1388-caa9-4039-9ecf-a43326686b1a-4.job
  404. [2015/09/12 21:46:22 | 000,003,454 | ---- | M] () -- C:\Windows\tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-1-7.job
  405. [2015/09/12 21:46:22 | 000,002,426 | ---- | M] () -- C:\Windows\tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-5_user.job
  406. [2015/09/12 21:46:22 | 000,002,426 | ---- | M] () -- C:\Windows\tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-5.job
  407. [2015/09/12 21:46:22 | 000,002,092 | ---- | M] () -- C:\Windows\tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-10_user.job
  408. [2015/09/12 21:46:22 | 000,002,068 | ---- | M] () -- C:\Windows\tasks\cbda1388-caa9-4039-9ecf-a43326686b1a-10_user.job
  409. [2015/09/12 21:46:20 | 000,005,474 | ---- | M] () -- C:\Windows\tasks\cbda1388-caa9-4039-9ecf-a43326686b1a-6.job
  410. [2015/09/12 21:46:20 | 000,001,046 | ---- | M] () -- C:\Windows\tasks\Crossbrowse.job
  411. [2015/09/12 21:46:17 | 000,005,498 | ---- | M] () -- C:\Windows\tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-6.job
  412. [2015/09/12 21:46:17 | 000,004,474 | ---- | M] () -- C:\Windows\tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-3.job
  413. [2015/09/12 21:46:17 | 000,004,450 | ---- | M] () -- C:\Windows\tasks\cbda1388-caa9-4039-9ecf-a43326686b1a-3.job
  414. [2015/09/12 21:46:17 | 000,003,118 | ---- | M] () -- C:\Windows\tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-1-6.job
  415. [2015/09/12 21:46:02 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  416. [2015/09/12 21:45:58 | 2415,271,936 | -HS- | M] () -- C:\hiberfil.sys
  417. [2015/09/12 14:15:45 | 000,659,580 | ---- | M] () -- C:\Windows\System32\perfh009.dat
  418. [2015/09/12 14:15:45 | 000,120,508 | ---- | M] () -- C:\Windows\System32\perfc009.dat
  419. [2015/09/12 14:03:02 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  420. [2015/09/12 11:19:28 | 024,344,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\tittus\Desktop\mbam-setup-techspot-2.1.8.1057.exe
  421. [2015/09/12 11:19:18 | 005,635,119 | ---- | M] (Swearware) -- C:\Users\tittus\Desktop\ComboFix.exe
  422. [2015/09/12 11:09:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\tittus\Desktop\OTL.exe
  423. [2015/09/12 10:49:37 | 000,001,732 | ---- | M] () -- C:\Users\tittus\Desktop\chrome - Shortcut.lnk
  424. [2015/09/12 10:11:56 | 000,000,740 | ---- | M] () -- C:\Users\tittus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\W.lnk
  425. [2015/09/12 10:11:55 | 103,399,936 | RHS- | M] () -- C:\Users\tittus\AppData\Roaming\obaG8oUMSY.exe
  426. [2015/09/10 12:11:37 | 000,006,560 | ---- | M] () -- C:\bootsqm.dat
  427. [2015/09/09 18:09:52 | 000,000,364 | ---- | M] () -- C:\Windows\tasks\APSnotifierPP3.job
  428. [2015/09/09 18:09:52 | 000,000,364 | ---- | M] () -- C:\Windows\tasks\APSnotifierPP2.job
  429. [2015/09/08 21:46:20 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
  430. [2015/09/08 21:31:57 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\APSnotifierPP1.job
  431. [2015/09/08 20:33:18 | 000,000,102 | ---- | M] () -- C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
  432. [2015/09/08 20:32:22 | 000,001,807 | ---- | M] () -- C:\Users\Public\Desktop\Apps.lnk
  433. [2015/09/08 20:32:22 | 000,001,765 | ---- | M] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk
  434. [2015/09/08 20:31:40 | 000,001,395 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
  435. [2015/09/08 19:50:39 | 000,000,256 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
  436. [2015/09/08 19:50:39 | 000,000,248 | ---- | M] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
  437. [2015/09/07 21:32:15 | 000,000,004 | ---- | M] () -- C:\Windows\System32\029B560A371F4E00AB32838EBC01B9E7
  438. [2015/09/07 21:27:46 | 000,001,411 | ---- | M] () -- C:\Users\tittus\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
  439. [2015/09/07 21:24:26 | 000,000,489 | ---- | M] () -- C:\Users\tittus\Desktop\Power Options - Shortcut.lnk
  440. [2015/09/07 21:16:35 | 000,002,368 | ---- | M] () -- C:\Users\tittus\Application Data\Microsoft\Internet Explorer\Quick Launch\Crossbrowse.lnk
  441. [2015/09/07 21:14:22 | 000,002,344 | ---- | M] () -- C:\Users\tittus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk
  442. [2015/09/05 14:20:26 | 000,000,983 | ---- | M] () -- C:\Users\tittus\Desktop\Internet Download Manager.lnk
  443. [2015/09/05 14:04:48 | 000,406,272 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
  444. [2015/09/04 12:18:30 | 000,018,248 | ---- | M] () -- C:\Windows\System32\sasnative32.exe
  445. [2015/08/16 14:37:40 | 000,000,000 | -H-- | M] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUsb_01009.Wdf
  446. [2015/08/14 19:31:17 | 000,000,827 | ---- | M] () -- C:\Users\Public\Desktop\BimaTRI.lnk
  447. [2 C:\Users\tittus\AppData\Local\*.tmp files -> C:\Users\tittus\AppData\Local\*.tmp -> ]
  448.  
  449. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  450.  
  451. [2015/09/12 10:42:28 | 000,001,732 | ---- | C] () -- C:\Users\tittus\Desktop\chrome - Shortcut.lnk
  452. [2015/09/12 10:11:56 | 000,000,740 | ---- | C] () -- C:\Users\tittus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\W.lnk
  453. [2015/09/12 10:11:52 | 103,399,936 | RHS- | C] () -- C:\Users\tittus\AppData\Roaming\obaG8oUMSY.exe
  454. [2015/09/10 12:11:37 | 000,006,560 | ---- | C] () -- C:\bootsqm.dat
  455. [2015/09/08 20:32:22 | 000,001,807 | ---- | C] () -- C:\Users\Public\Desktop\Apps.lnk
  456. [2015/09/08 20:32:22 | 000,001,765 | ---- | C] () -- C:\Users\Public\Desktop\Start BlueStacks.lnk
  457. [2015/09/07 21:57:48 | 000,000,364 | ---- | C] () -- C:\Windows\tasks\APSnotifierPP3.job
  458. [2015/09/07 21:57:47 | 000,000,364 | ---- | C] () -- C:\Windows\tasks\APSnotifierPP2.job
  459. [2015/09/07 21:57:45 | 000,000,366 | ---- | C] () -- C:\Windows\tasks\APSnotifierPP1.job
  460. [2015/09/07 21:42:05 | 000,004,450 | ---- | C] () -- C:\Windows\tasks\cbda1388-caa9-4039-9ecf-a43326686b1a-4.job
  461. [2015/09/07 21:41:56 | 000,005,474 | ---- | C] () -- C:\Windows\tasks\cbda1388-caa9-4039-9ecf-a43326686b1a-6.job
  462. [2015/09/07 21:41:54 | 000,005,474 | ---- | C] () -- C:\Windows\tasks\cbda1388-caa9-4039-9ecf-a43326686b1a-7.job
  463. [2015/09/07 21:41:49 | 000,004,450 | ---- | C] () -- C:\Windows\tasks\cbda1388-caa9-4039-9ecf-a43326686b1a-3.job
  464. [2015/09/07 21:41:39 | 000,002,068 | ---- | C] () -- C:\Windows\tasks\cbda1388-caa9-4039-9ecf-a43326686b1a-10_user.job
  465. [2015/09/07 21:39:18 | 000,018,248 | ---- | C] () -- C:\Windows\System32\sasnative32.exe
  466. [2015/09/07 21:36:26 | 000,000,248 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_DEFAULT.job
  467. [2015/09/07 21:36:25 | 000,000,256 | ---- | C] () -- C:\Windows\tasks\RegClean Pro_UPDATES.job
  468. [2015/09/07 21:34:48 | 000,002,426 | ---- | C] () -- C:\Windows\tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-5_user.job
  469. [2015/09/07 21:34:45 | 000,002,426 | ---- | C] () -- C:\Windows\tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-5.job
  470. [2015/09/07 21:33:29 | 000,003,118 | ---- | C] () -- C:\Windows\tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-1-6.job
  471. [2015/09/07 21:33:28 | 000,003,454 | ---- | C] () -- C:\Windows\tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-1-7.job
  472. [2015/09/07 21:33:10 | 000,004,474 | ---- | C] () -- C:\Windows\tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-4.job
  473. [2015/09/07 21:32:42 | 000,005,498 | ---- | C] () -- C:\Windows\tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-6.job
  474. [2015/09/07 21:32:40 | 000,005,498 | ---- | C] () -- C:\Windows\tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-7.job
  475. [2015/09/07 21:32:19 | 000,000,928 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
  476. [2015/09/07 21:32:18 | 000,004,474 | ---- | C] () -- C:\Windows\tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-3.job
  477. [2015/09/07 21:32:18 | 000,000,924 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore.job
  478. [2015/09/07 21:32:15 | 000,000,004 | ---- | C] () -- C:\Windows\System32\029B560A371F4E00AB32838EBC01B9E7
  479. [2015/09/07 21:32:07 | 000,002,092 | ---- | C] () -- C:\Windows\tasks\50dc9e50-0b3a-4036-ab03-e787a5059eb4-10_user.job
  480. [2015/09/07 21:24:26 | 000,000,489 | ---- | C] () -- C:\Users\tittus\Desktop\Power Options - Shortcut.lnk
  481. [2015/09/07 21:16:23 | 000,002,344 | ---- | C] () -- C:\Users\tittus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk
  482. [2015/09/07 21:15:50 | 000,001,046 | ---- | C] () -- C:\Windows\tasks\Crossbrowse.job
  483. [2015/09/07 21:14:22 | 000,002,368 | ---- | C] () -- C:\Users\tittus\Application Data\Microsoft\Internet Explorer\Quick Launch\Crossbrowse.lnk
  484. [2015/09/06 22:33:09 | 000,018,200 | ---- | C] () -- C:\Windows\System32\roboot.exe
  485. [2015/09/02 19:51:09 | 000,000,102 | ---- | C] () -- C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
  486. [2015/08/16 14:37:40 | 000,000,000 | -H-- | C] () -- C:\Windows\System32\drivers\Msft_Kernel_WinUsb_01009.Wdf
  487. [2015/08/14 19:31:18 | 000,000,839 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BimaTRI.lnk
  488. [2015/08/14 19:31:17 | 000,000,827 | ---- | C] () -- C:\Users\Public\Desktop\BimaTRI.lnk
  489. [2015/03/22 08:50:12 | 000,657,209 | ---- | C] () -- C:\Windows\Condition Zero Uninstaller.exe
  490. [2015/03/21 19:38:11 | 000,135,168 | ---- | C] () -- C:\Windows\System32\ChgService.exe
  491. [2015/03/19 21:49:22 | 004,229,086 | ---- | C] () -- C:\Windows\System32\nvcoproc.bin
  492.  
  493. [color=#E56717]========== ZeroAccess Check ==========[/color]
  494.  
  495. [2009/07/14 11:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
  496.  
  497. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  498.  
  499. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  500.  
  501. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  502. "" = %SystemRoot%\system32\shell32.dll -- [2010/11/21 04:29:11 | 012,872,192 | ---- | M] (Microsoft Corporation)
  503. "ThreadingModel" = Apartment
  504.  
  505. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  506. "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 04:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
  507. "ThreadingModel" = Free
  508.  
  509. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  510. "" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/14 08:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
  511. "ThreadingModel" = Both
  512.  
  513. [color=#E56717]========== LOP Check ==========[/color]
  514.  
  515. [2015/09/11 22:42:05 | 000,000,000 | ---D | M] -- C:\Users\tittus\AppData\Roaming\.minecraft
  516. [2015/09/07 21:43:57 | 000,000,000 | -HSD | M] -- C:\Users\tittus\AppData\Roaming\AnyProtectEx
  517. [2015/09/12 10:53:49 | 000,000,000 | ---D | M] -- C:\Users\tittus\AppData\Roaming\Autodesk
  518. [2015/03/30 16:09:13 | 000,000,000 | ---D | M] -- C:\Users\tittus\AppData\Roaming\BimaTRI
  519. [2015/09/12 14:54:09 | 000,000,000 | ---D | M] -- C:\Users\tittus\AppData\Roaming\DMCache
  520. [2015/03/21 18:38:32 | 000,000,000 | ---D | M] -- C:\Users\tittus\AppData\Roaming\eTeks
  521. [2015/09/12 10:56:17 | 000,000,000 | ---D | M] -- C:\Users\tittus\AppData\Roaming\IDM
  522. [2015/09/02 20:06:46 | 000,000,000 | ---D | M] -- C:\Users\tittus\AppData\Roaming\IQIYI Video
  523. [2015/09/12 13:34:56 | 000,000,000 | ---D | M] -- C:\Users\tittus\AppData\Roaming\MoMo - Web Browser Optimize
  524. [2015/04/10 10:10:46 | 000,000,000 | ---D | M] -- C:\Users\tittus\AppData\Roaming\MPC-HC
  525. [2015/07/26 09:13:57 | 000,000,000 | ---D | M] -- C:\Users\tittus\AppData\Roaming\openBVE
  526. [2015/09/02 20:06:18 | 000,000,000 | ---D | M] -- C:\Users\tittus\AppData\Roaming\ppslog
  527. [2015/09/06 22:56:25 | 000,000,000 | ---D | M] -- C:\Users\tittus\AppData\Roaming\Smadav
  528. [2015/09/07 21:39:37 | 000,000,000 | ---D | M] -- C:\Users\tittus\AppData\Roaming\systweak
  529.  
  530. [color=#E56717]========== Purity Check ==========[/color]
  531.  
  532.  
  533.  
  534. [color=#E56717]========== Alternate Data Streams ==========[/color]
  535.  
  536. @Alternate Data Stream - 118 bytes -> C:\ProgramData\TEMP:56E2E879
  537.  
  538. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement