API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 1st, 2015
341
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 55.77 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 01-Aug-15 17:58:54 - Run 2
  2. OTL by OldTimer - Version 3.2.69.0 Folder = D:\Đurić\Desktop
  3. 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
  4. Internet Explorer (Version = 9.11.9600.17239)
  5. Locale: 00000409 | Country: Sjedinjene Države | Language: ENU | Date Format: dd-MMM-yy
  6.  
  7. 3.87 Gb Total Physical Memory | 2.03 Gb Available Physical Memory | 52.33% Memory free
  8. 7.75 Gb Paging File | 5.46 Gb Available in Paging File | 70.52% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
  12. Drive C: | 97.56 Gb Total Space | 58.32 Gb Free Space | 59.78% Space Free | Partition Type: NTFS
  13. Drive D: | 368.10 Gb Total Space | 216.88 Gb Free Space | 58.92% Space Free | Partition Type: NTFS
  14.  
  15. Computer Name: DJURIC-PC | User Name: Đurić | Logged in as Administrator.
  16. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
  17. Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
  18.  
  19. [color=#E56717]========== Processes (SafeList) ==========[/color]
  20.  
  21. PRC - [2015-07-30 19:16:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Đurić\Desktop\OTL.exe
  22. PRC - [2015-07-07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
  23. PRC - [2015-07-05 21:38:57 | 000,377,000 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  24. PRC - [2015-05-01 11:17:04 | 001,772,672 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
  25. PRC - [2015-05-01 11:16:10 | 001,394,816 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
  26. PRC - [2013-11-21 08:31:44 | 000,287,592 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
  27. PRC - [2013-11-21 08:31:44 | 000,015,720 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
  28. PRC - [2013-04-11 05:11:06 | 000,292,848 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
  29. PRC - [2013-03-07 12:57:42 | 000,650,528 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
  30. PRC - [2012-12-13 17:37:26 | 000,012,288 | ---- | M] (Autodesk, Inc.) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
  31. PRC - [2012-01-18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
  32. PRC - [2000-01-01 02:00:00 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
  33. PRC - [2000-01-01 02:00:00 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
  34.  
  35.  
  36. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  37.  
  38. MOD - [2014-09-08 11:53:05 | 001,222,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\63f1339786fa9b84e97073f9859f8c51\System.WorkflowServices.ni.dll
  39. MOD - [2014-09-08 11:52:34 | 001,140,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\449cb8fbbaf8ae2456b7ef4a1f06bd45\System.ServiceModel.Discovery.ni.dll
  40. MOD - [2014-09-08 11:52:34 | 000,369,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\56f330e897ee2b713d49400e592ab592\System.ServiceModel.Routing.ni.dll
  41. MOD - [2014-09-08 11:52:33 | 000,082,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\e3dc87f1531b61606b24be7c88c28464\System.ServiceModel.Channels.ni.dll
  42. MOD - [2014-09-08 11:52:15 | 001,392,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\b58c47b19c9590780cadddf930f6bd2a\System.ServiceModel.Activities.ni.dll
  43. MOD - [2014-09-08 11:52:08 | 001,072,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\8a46112332f7dce3042642c03d2734ba\System.IdentityModel.ni.dll
  44. MOD - [2014-09-08 11:52:07 | 018,058,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\a283fadbb6dcc293c05dee07024f3b64\System.ServiceModel.ni.dll
  45. MOD - [2014-09-08 11:40:22 | 001,086,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\51b881a42d54d3042b901c7ba7708f95\System.ServiceModel.Web.ni.dll
  46. MOD - [2014-09-08 11:38:54 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\f2b32d7477ee2c1220bf4173743425ea\System.Runtime.DurableInstancing.ni.dll
  47. MOD - [2014-09-08 11:38:52 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\b8e891c1c9ccf87e5f74aef0d2f171ff\SMDiagnostics.ni.dll
  48. MOD - [2014-09-08 11:38:50 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\4fde6b1690bd0bc5b57536efbde46ddb\System.Runtime.Serialization.ni.dll
  49. MOD - [2014-09-08 11:37:43 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\5a4de0d567696567ddd0ad7ddf4a9e0d\System.Xaml.ni.dll
  50. MOD - [2014-09-08 11:24:48 | 013,102,592 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\adeb9af3c309921ae1b7fb8a621ee243\System.Windows.Forms.ni.dll
  51. MOD - [2014-09-08 11:24:37 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\717c6a68a2ad575e93bccc52a11f7c52\System.Xml.ni.dll
  52. MOD - [2014-09-08 11:24:31 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\276f7b53f15e66e518278753c57b78b2\System.Configuration.ni.dll
  53. MOD - [2014-09-08 11:24:25 | 007,069,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\e09bc975f73e4bc24ab3eb7f6373288e\System.Core.ni.dll
  54. MOD - [2014-09-08 11:24:21 | 001,652,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5c5b46515e207b2025a474340de7ae15\System.Drawing.ni.dll
  55. MOD - [2014-09-08 11:24:20 | 009,086,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\68131da3061b5a1c048abf73c5bae11d\System.ni.dll
  56. MOD - [2014-09-08 11:24:16 | 014,407,680 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ac9bfacce80c52220e4b4b3a814aaa3d\mscorlib.ni.dll
  57. MOD - [2013-03-07 12:58:16 | 000,499,488 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
  58. MOD - [2013-03-07 12:55:12 | 000,472,576 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
  59. MOD - [2013-03-07 12:54:20 | 000,013,824 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
  60. MOD - [2013-03-07 12:53:58 | 000,015,872 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
  61. MOD - [2010-12-17 12:56:54 | 002,603,520 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
  62. MOD - [2010-12-17 12:56:54 | 001,006,592 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
  63. MOD - [2010-12-17 12:56:54 | 000,382,464 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
  64. MOD - [2010-12-16 12:16:56 | 000,195,584 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
  65. MOD - [2010-01-17 23:34:58 | 000,062,464 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
  66. MOD - [2010-01-12 16:55:18 | 000,400,384 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
  67. MOD - [2010-01-12 16:55:18 | 000,322,048 | ---- | M] () -- C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
  68.  
  69.  
  70. [color=#E56717]========== Services (SafeList) ==========[/color]
  71.  
  72. SRV:[b]64bit:[/b] - [2014-09-08 11:35:03 | 001,471,352 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FlexNet Licensing Service 64)
  73. SRV:[b]64bit:[/b] - [2014-08-17 05:04:40 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
  74. SRV:[b]64bit:[/b] - [2014-08-17 04:53:31 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
  75. SRV:[b]64bit:[/b] - [2013-11-21 08:31:44 | 000,015,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
  76. SRV:[b]64bit:[/b] - [2013-10-23 17:14:22 | 000,348,376 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
  77. SRV:[b]64bit:[/b] - [2013-10-23 17:14:22 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
  78. SRV:[b]64bit:[/b] - [2013-08-27 14:32:30 | 000,828,376 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
  79. SRV:[b]64bit:[/b] - [2013-08-27 14:32:14 | 000,747,520 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
  80. SRV:[b]64bit:[/b] - [2012-12-11 17:59:08 | 000,027,768 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\Windows\SysNative\ViakaraokeSrv.exe -- (VIAKaraokeService)
  81. SRV:[b]64bit:[/b] - [2009-07-14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
  82. SRV:[b]64bit:[/b] - [2000-01-01 02:00:00 | 000,319,080 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysNative\igfxCUIService.exe -- (igfxCUIService1.0.0.0)
  83. SRV - [2015-07-27 18:24:27 | 000,268,976 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
  84. SRV - [2015-07-07 20:12:28 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
  85. SRV - [2015-07-05 21:38:56 | 000,148,136 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
  86. SRV - [2015-06-18 08:39:50 | 001,133,880 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
  87. SRV - [2015-06-18 08:39:46 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
  88. SRV - [2015-06-03 16:42:38 | 000,327,296 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
  89. SRV - [2015-05-01 11:17:04 | 001,772,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe -- (c2cpnrsvc)
  90. SRV - [2015-05-01 11:16:10 | 001,394,816 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe -- (c2cautoupdatesvc)
  91. SRV - [2014-08-17 04:59:44 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
  92. SRV - [2014-02-28 11:32:36 | 000,174,368 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe -- (iumsvc)
  93. SRV - [2012-12-13 17:37:26 | 000,012,288 | ---- | M] (Autodesk, Inc.) [Auto | Running] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
  94. SRV - [2012-01-18 07:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
  95. SRV - [2010-03-18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
  96. SRV - [2000-01-01 02:00:00 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
  97. SRV - [2000-01-01 02:00:00 | 000,280,680 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
  98. SRV - [2000-01-01 02:00:00 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
  99.  
  100.  
  101. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  102.  
  103. DRV:[b]64bit:[/b] - [2015-06-18 08:41:56 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
  104. DRV:[b]64bit:[/b] - [2015-06-18 08:41:40 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
  105. DRV:[b]64bit:[/b] - [2014-08-17 05:03:49 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
  106. DRV:[b]64bit:[/b] - [2014-08-17 05:03:49 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
  107. DRV:[b]64bit:[/b] - [2014-08-17 05:03:13 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
  108. DRV:[b]64bit:[/b] - [2014-08-17 05:03:13 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
  109. DRV:[b]64bit:[/b] - [2014-08-17 04:46:49 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
  110. DRV:[b]64bit:[/b] - [2014-08-17 04:45:40 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
  111. DRV:[b]64bit:[/b] - [2014-08-17 04:45:40 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
  112. DRV:[b]64bit:[/b] - [2014-01-22 08:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
  113. DRV:[b]64bit:[/b] - [2014-01-22 08:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
  114. DRV:[b]64bit:[/b] - [2013-11-21 08:31:28 | 000,632,168 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
  115. DRV:[b]64bit:[/b] - [2013-11-21 08:31:28 | 000,028,008 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
  116. DRV:[b]64bit:[/b] - [2013-09-27 09:53:06 | 000,134,944 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
  117. DRV:[b]64bit:[/b] - [2013-04-11 05:10:40 | 000,020,464 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
  118. DRV:[b]64bit:[/b] - [2013-04-11 05:10:38 | 000,785,904 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
  119. DRV:[b]64bit:[/b] - [2013-04-11 05:10:38 | 000,366,576 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
  120. DRV:[b]64bit:[/b] - [2013-03-27 09:51:04 | 000,842,312 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
  121. DRV:[b]64bit:[/b] - [2013-01-29 18:56:20 | 002,210,376 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
  122. DRV:[b]64bit:[/b] - [2012-01-18 07:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
  123. DRV:[b]64bit:[/b] - [2012-01-18 07:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
  124. DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
  125. DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
  126. DRV:[b]64bit:[/b] - [2010-11-21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
  127. DRV:[b]64bit:[/b] - [2010-11-21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
  128. DRV:[b]64bit:[/b] - [2010-07-29 00:25:10 | 000,029,720 | ---- | M] (Initio Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ivusb.sys -- (ivusb)
  129. DRV:[b]64bit:[/b] - [2009-07-14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
  130. DRV:[b]64bit:[/b] - [2009-07-14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
  131. DRV:[b]64bit:[/b] - [2009-07-14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
  132. DRV:[b]64bit:[/b] - [2009-06-10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
  133. DRV:[b]64bit:[/b] - [2009-06-10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
  134. DRV:[b]64bit:[/b] - [2009-06-10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
  135. DRV:[b]64bit:[/b] - [2009-06-10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
  136. DRV:[b]64bit:[/b] - [2009-05-25 04:38:20 | 000,966,144 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
  137. DRV:[b]64bit:[/b] - [2008-05-06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
  138. DRV:[b]64bit:[/b] - [2000-01-01 02:00:00 | 003,788,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
  139. DRV:[b]64bit:[/b] - [2000-01-01 02:00:00 | 000,454,416 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
  140. DRV:[b]64bit:[/b] - [2000-01-01 02:00:00 | 000,100,312 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
  141. DRV - [2009-07-14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
  142.  
  143.  
  144. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  145.  
  146.  
  147. [color=#E56717]========== Internet Explorer ==========[/color]
  148.  
  149. IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  150. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  151. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  152. IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  153. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  154.  
  155. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-gb/?ocid=iehp
  156. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = hr-HR
  157. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = FC 78 82 AD E9 DE CF 01 [binary data]
  158. IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  159. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
  160. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  161.  
  162. [color=#E56717]========== FireFox ==========[/color]
  163.  
  164. FF - prefs.js..browser.search.countryCode: "HR"
  165. FF - prefs.js..browser.search.highlightCount: 2
  166. FF - prefs.js..browser.search.isUS: false
  167. FF - prefs.js..browser.search.order.3: "Bing "
  168. FF - prefs.js..browser.search.region: "HR"
  169. FF - prefs.js..browser.search.selectedEngine: "Bing "
  170. FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/"
  171. FF - prefs.js..extensions.enabledAddons: %7Bdd3d7613-0246-469d-bc65-2a3cc1668adc%7D:1.1.8.1-signed
  172. FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:39.0
  173. FF - prefs.js..keyword.URL: "http://www.bing.com/search?FORM=SKY2DF&PC=SKY2&q="
  174. FF - user.js - File not found
  175.  
  176. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll File not found
  177. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.51.2: C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
  178. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.51.2: C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll (Oracle Corporation)
  179. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  180. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll ()
  181. FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
  182. FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
  183. FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
  184. FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
  185. FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  186. FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
  187. FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
  188. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
  189. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll (Google Inc.)
  190. FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
  191.  
  192. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
  193. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 39.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015-07-28 00:46:34 | 000,000,000 | ---D | M]
  194. FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\BingSearchExtension: removed
  195. FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\BingExtension\\DSE: true
  196.  
  197. [2014-09-12 05:48:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Đurić\AppData\Roaming\Mozilla\Extensions
  198. [2015-07-30 00:33:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Đurić\AppData\Roaming\Mozilla\Firefox\Profiles\3666idxz.Vlastin Firefox\extensions
  199. [2015-07-27 18:30:50 | 000,000,000 | ---D | M] (Block site) -- C:\Users\Đurić\AppData\Roaming\Mozilla\Firefox\Profiles\3666idxz.Vlastin Firefox\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
  200. [2015-07-27 18:35:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Đurić\AppData\Roaming\Mozilla\Firefox\Profiles\8daukedh.Boska\extensions
  201. [2015-07-27 18:35:37 | 000,000,000 | ---D | M] (Block site) -- C:\Users\Đurić\AppData\Roaming\Mozilla\Firefox\Profiles\8daukedh.Boska\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
  202. [2015-07-28 17:59:45 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Đurić\AppData\Roaming\Mozilla\Firefox\Profiles\f9haetlg.default\extensions
  203. [2015-07-27 18:32:48 | 000,000,000 | ---D | M] (Block site) -- C:\Users\Đurić\AppData\Roaming\Mozilla\Firefox\Profiles\f9haetlg.default\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
  204. [2015-07-27 18:34:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Đurić\AppData\Roaming\Mozilla\Firefox\Profiles\wwdz4zpm.Cvijece\extensions
  205. [2015-07-27 18:34:29 | 000,000,000 | ---D | M] (Block site) -- C:\Users\Đurić\AppData\Roaming\Mozilla\Firefox\Profiles\wwdz4zpm.Cvijece\extensions\{dd3d7613-0246-469d-bc65-2a3cc1668adc}
  206. [2015-07-27 18:05:00 | 000,117,790 | ---- | M] () (No name found) -- C:\Users\Đurić\AppData\Roaming\Mozilla\Firefox\Profiles\3666idxz.Vlastin Firefox\extensions\elemhidehelper@adblockplus.org.xpi
  207. [2015-07-30 00:33:53 | 000,032,327 | ---- | M] () (No name found) -- C:\Users\Đurić\AppData\Roaming\Mozilla\Firefox\Profiles\3666idxz.Vlastin Firefox\extensions\imagetab@next.gen.nz.xpi
  208. [2015-07-27 18:20:12 | 000,466,687 | ---- | M] () (No name found) -- C:\Users\Đurić\AppData\Roaming\Mozilla\Firefox\Profiles\3666idxz.Vlastin Firefox\extensions\langpack-en-GB@firefox.mozilla.org.xpi
  209. [2015-07-27 18:20:36 | 000,540,254 | ---- | M] () (No name found) -- C:\Users\Đurić\AppData\Roaming\Mozilla\Firefox\Profiles\3666idxz.Vlastin Firefox\extensions\{25A1388B-6B18-46c3-BEBA-A81915D0DE8F}.xpi
  210. [2015-07-28 21:02:01 | 000,963,213 | ---- | M] () (No name found) -- C:\Users\Đurić\AppData\Roaming\Mozilla\Firefox\Profiles\3666idxz.Vlastin Firefox\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
  211. [2015-05-08 23:45:22 | 000,124,845 | ---- | M] () (No name found) -- C:\Users\Đurić\AppData\Roaming\Mozilla\Firefox\Profiles\8daukedh.Boska\extensions\elemhidehelper@adblockplus.org.xpi
  212. [2015-05-08 23:44:57 | 000,970,672 | ---- | M] () (No name found) -- C:\Users\Đurić\AppData\Roaming\Mozilla\Firefox\Profiles\8daukedh.Boska\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
  213. [2015-05-29 05:29:52 | 000,117,790 | ---- | M] () (No name found) -- C:\Users\Đurić\AppData\Roaming\Mozilla\Firefox\Profiles\f9haetlg.default\extensions\elemhidehelper@adblockplus.org.xpi
  214. [2015-07-28 17:59:45 | 000,963,213 | ---- | M] () (No name found) -- C:\Users\Đurić\AppData\Roaming\Mozilla\Firefox\Profiles\f9haetlg.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
  215. [2015-05-08 22:29:13 | 000,124,845 | ---- | M] () (No name found) -- C:\Users\Đurić\AppData\Roaming\Mozilla\Firefox\Profiles\wwdz4zpm.Cvijece\extensions\elemhidehelper@adblockplus.org.xpi
  216. [2014-12-22 02:14:38 | 000,979,699 | ---- | M] () (No name found) -- C:\Users\Đurić\AppData\Roaming\Mozilla\Firefox\Profiles\wwdz4zpm.Cvijece\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
  217. [2015-07-30 20:44:20 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
  218. [2015-07-30 20:44:20 | 000,000,000 | ---D | M] (SmartWhois Launcher) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{45925a5c-e3de-447f-bed2-ded87acae111}
  219. [2015-07-05 21:38:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
  220. [2015-07-05 21:38:57 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
  221. File not found (No name found) -- C:\USERS\ĐURIć\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\F9HAETLG.DEFAULT\EXTENSIONS\{DD3D7613-0246-469D-BC65-2A3CC1668ADC}
  222. [2012-10-01 20:33:44 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
  223.  
  224. [color=#E56717]========== Chrome ==========[/color]
  225.  
  226. CHR - plugin: Error reading preferences file
  227. CHR - Extension: No name found = C:\Users\Đurić\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
  228. CHR - Extension: No name found = C:\Users\Đurić\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
  229. CHR - Extension: No name found = C:\Users\Đurić\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.0_0\
  230. CHR - Extension: No name found = C:\Users\Đurić\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
  231. CHR - Extension: No name found = C:\Users\Đurić\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
  232. CHR - Extension: No name found = C:\Users\Đurić\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh\3.1.11_0\
  233. CHR - Extension: No name found = C:\Users\Đurić\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
  234. CHR - Extension: No name found = C:\Users\Đurić\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.36.2_0\
  235. CHR - Extension: No name found = C:\Users\Đurić\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\
  236. CHR - Extension: No name found = C:\Users\Đurić\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
  237.  
  238. O1 HOSTS File: ([2009-06-10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
  239. O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll (Oracle Corporation)
  240. O2:[b]64bit:[/b] - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
  241. O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll (Oracle Corporation)
  242. O2 - BHO: (Skype Click to Call for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
  243. O4:[b]64bit:[/b] - HKLM..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe (VIA)
  244. O4:[b]64bit:[/b] - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
  245. O4:[b]64bit:[/b] - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
  246. O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
  247. O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
  248. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
  249. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
  250. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
  251. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  252. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
  253. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
  254. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
  255. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
  256. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
  257. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
  258. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoInternetOpenWith = 1
  259. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
  260. O8:[b]64bit:[/b] - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
  261. O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
  262. O9:[b]64bit:[/b] - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
  263. O9:[b]64bit:[/b] - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
  264. O9:[b]64bit:[/b] - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
  265. O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
  266. O9 - Extra 'Tools' menuitem : HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe (Hewlett-Packard)
  267. O9 - Extra Button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
  268. O13[b]64bit:[/b] - gopher Prefix: missing
  269. O13 - gopher Prefix: missing
  270. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
  271. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C5F0AFEC-F442-4ABF-91A3-3D9D90816F6D}: DhcpNameServer = 192.168.1.1
  272. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E40F5701-B530-4A79-B580-11A57AAA89A2}: DhcpNameServer = 192.168.15.1
  273. O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
  274. O18:[b]64bit:[/b] - Protocol\Handler\osf - No CLSID value found
  275. O18:[b]64bit:[/b] - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\SkypeIEPlugin.dll (Microsoft Corporation)
  276. O18 - Protocol\Handler\skypec2c {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
  277. O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  278. O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
  279. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
  280. O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
  281. O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  282. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  283. O32 - HKLM CDRom: AutoRun - 1
  284. O33 - MountPoints2\{148f233d-377e-11e5-914c-7427ead33557}\Shell - "" = AutoRun
  285. O33 - MountPoints2\{148f233d-377e-11e5-914c-7427ead33557}\Shell\AutoRun\command - "" = F:\Windows\CHECK\DriveNavigator.exe
  286. O33 - MountPoints2\{2e22c311-3599-11e4-8da0-806e6f6e6963}\Shell - "" = AutoRun
  287. O33 - MountPoints2\{2e22c311-3599-11e4-8da0-806e6f6e6963}\Shell\AutoRun\command - "" = E:\Autorun.EXE
  288. O34 - HKLM BootExecute: (autocheck autochk *)
  289. O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
  290. O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
  291. O35 - HKLM\..comfile [open] -- "%1" %*
  292. O35 - HKLM\..exefile [open] -- "%1" %*
  293. O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
  294. O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
  295. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  296. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  297. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  298. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
  299. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  300.  
  301. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  302.  
  303. [2015-08-01 17:11:31 | 000,064,000 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\Intel_OpenCL_ICD64.dll
  304. [2015-08-01 17:11:31 | 000,060,416 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\Intel_OpenCL_ICD32.dll
  305. [2015-08-01 17:09:13 | 000,000,000 | ---D | C] -- C:\ProgramData\SlimWare Utilities, Inc
  306. [2015-08-01 17:08:00 | 000,000,000 | ---D | C] -- C:\Users\Đurić\AppData\Local\SlimWare Utilities Inc
  307. [2015-08-01 17:07:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlimDrivers
  308. [2015-08-01 17:07:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SlimDrivers
  309. [2015-08-01 17:07:51 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Downloaded Installers
  310. [2015-08-01 17:07:28 | 000,981,728 | ---- | C] (SlimWare Utilities, Inc.) -- D:\Đurić\Desktop\SlimDrivers-setup.exe
  311. [2015-07-31 21:25:47 | 000,000,000 | ---D | C] -- D:\Đurić\Desktop\Season 3
  312. [2015-07-31 20:39:14 | 000,000,000 | ---D | C] -- D:\Đurić\Desktop\Season 2
  313. [2015-07-31 17:20:02 | 000,000,000 | ---D | C] -- C:\Users\Đurić\AppData\Local\CEF
  314. [2015-07-30 20:55:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced IP Scanner v2
  315. [2015-07-30 20:55:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Advanced IP Scanner
  316. [2015-07-30 20:44:21 | 000,000,000 | ---D | C] -- C:\ProgramData\TamoSoft
  317. [2015-07-30 19:16:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\Đurić\Desktop\OTL.exe
  318. [2015-07-27 18:46:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
  319. [2015-07-27 18:45:01 | 000,000,000 | ---D | C] -- C:\Program Files\Java
  320. [2015-07-26 14:32:34 | 000,000,000 | ---D | C] -- C:\Users\Đurić\AppData\Roaming\FastStone
  321. [2015-07-26 14:32:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer
  322. [2015-07-26 14:32:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FastStone Image Viewer
  323. [2015-07-05 21:38:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
  324. [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
  325.  
  326. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  327.  
  328. [2015-08-01 17:49:36 | 000,000,410 | ---- | M] () -- C:\Windows\tasks\SlimDrivers Startup.job
  329. [2015-08-01 17:48:17 | 000,026,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  330. [2015-08-01 17:48:17 | 000,026,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  331. [2015-08-01 17:47:43 | 000,113,880 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
  332. [2015-08-01 17:47:19 | 000,783,970 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
  333. [2015-08-01 17:47:19 | 000,655,392 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
  334. [2015-08-01 17:47:19 | 000,121,762 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
  335. [2015-08-01 17:46:16 | 000,000,120 | ---- | M] () -- C:\Users\Đurić\advanced_ip_scanner_MAC.bin
  336. [2015-08-01 17:42:41 | 000,001,936 | ---- | M] () -- C:\Users\Đurić\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 1510 series.lnk
  337. [2015-08-01 17:42:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  338. [2015-08-01 17:42:16 | 3119,927,296 | -HS- | M] () -- C:\hiberfil.sys
  339. [2015-08-01 17:28:50 | 000,000,366 | ---- | M] () -- C:\Windows\tasks\SlimCleaner Plus (Scheduled Scan - Đurić).job
  340. [2015-08-01 17:26:53 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
  341. [2015-08-01 17:15:05 | 000,015,328 | ---- | M] () -- C:\Windows\SysNative\results.xml
  342. [2015-08-01 17:13:31 | 000,000,704 | ---- | M] () -- C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk
  343. [2015-08-01 17:07:54 | 000,002,467 | ---- | M] () -- C:\Users\Public\Desktop\SlimDrivers.lnk
  344. [2015-08-01 17:07:28 | 000,981,728 | ---- | M] (SlimWare Utilities, Inc.) -- D:\Đurić\Desktop\SlimDrivers-setup.exe
  345. [2015-07-30 20:55:54 | 000,000,988 | ---- | M] () -- C:\Users\Public\Desktop\Advanced IP Scanner.lnk
  346. [2015-07-30 19:16:35 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Đurić\Desktop\OTL.exe
  347. [2015-07-30 05:27:27 | 000,002,186 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
  348. [2015-07-29 13:53:02 | 000,075,209 | ---- | M] () -- D:\Đurić\Desktop\10294267_862579973759788_1038784545424223757_n.jpg
  349. [2015-07-28 17:24:32 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
  350. [2015-07-28 17:24:32 | 000,000,944 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
  351. [2015-07-28 12:52:20 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
  352. [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
  353.  
  354. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  355.  
  356. [2015-08-01 17:26:53 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
  357. [2015-08-01 17:15:28 | 000,000,366 | ---- | C] () -- C:\Windows\tasks\SlimCleaner Plus (Scheduled Scan - Đurić).job
  358. [2015-08-01 17:15:05 | 000,015,328 | ---- | C] () -- C:\Windows\SysNative\results.xml
  359. [2015-08-01 17:13:31 | 000,000,704 | ---- | C] () -- C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk
  360. [2015-08-01 17:11:30 | 000,086,528 | ---- | C] () -- C:\Windows\SysNative\igfxCUIServicePS.dll
  361. [2015-08-01 17:11:30 | 000,069,632 | ---- | C] ( ) -- C:\Windows\SysNative\igfxDHLibv2_0.dll
  362. [2015-08-01 17:11:30 | 000,059,392 | ---- | C] ( ) -- C:\Windows\SysNative\igfxDHLib.dll
  363. [2015-08-01 17:11:30 | 000,010,752 | ---- | C] ( ) -- C:\Windows\SysNative\igfxDILib.dll
  364. [2015-08-01 17:11:30 | 000,010,240 | ---- | C] ( ) -- C:\Windows\SysNative\igfxEMLibv2_0.dll
  365. [2015-08-01 17:11:30 | 000,010,240 | ---- | C] ( ) -- C:\Windows\SysNative\igfxEMLib.dll
  366. [2015-08-01 17:11:30 | 000,010,240 | ---- | C] ( ) -- C:\Windows\SysNative\igfxDILibv2_0.dll
  367. [2015-08-01 17:11:30 | 000,005,120 | ---- | C] ( ) -- C:\Windows\SysNative\igfxLHMLibv2_0.dll
  368. [2015-08-01 17:11:30 | 000,005,120 | ---- | C] ( ) -- C:\Windows\SysNative\igfxLHMLib.dll
  369. [2015-08-01 17:11:27 | 000,224,256 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll
  370. [2015-08-01 17:11:27 | 000,185,856 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
  371. [2015-08-01 17:11:26 | 000,162,304 | ---- | C] () -- C:\Windows\SysNative\igdail64.dll
  372. [2015-08-01 17:11:26 | 000,143,872 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
  373. [2015-08-01 17:11:18 | 000,255,488 | ---- | C] () -- C:\Windows\SysNative\igfxCPL.cpl
  374. [2015-08-01 17:11:18 | 000,187,844 | RHS- | C] () -- C:\Windows\SysNative\resTHA.cui
  375. [2015-08-01 17:11:18 | 000,180,644 | RHS- | C] () -- C:\Windows\SysNative\resELL.cui
  376. [2015-08-01 17:11:18 | 000,176,500 | RHS- | C] () -- C:\Windows\SysNative\resRUS.cui
  377. [2015-08-01 17:11:18 | 000,162,356 | RHS- | C] () -- C:\Windows\SysNative\resARA.cui
  378. [2015-08-01 17:11:18 | 000,161,812 | RHS- | C] () -- C:\Windows\SysNative\resHEB.cui
  379. [2015-08-01 17:11:18 | 000,161,764 | RHS- | C] () -- C:\Windows\SysNative\resJPN.cui
  380. [2015-08-01 17:11:18 | 000,157,172 | RHS- | C] () -- C:\Windows\SysNative\resFRA.cui
  381. [2015-08-01 17:11:18 | 000,157,156 | RHS- | C] () -- C:\Windows\SysNative\resHUN.cui
  382. [2015-08-01 17:11:18 | 000,155,460 | RHS- | C] () -- C:\Windows\SysNative\resKOR.cui
  383. [2015-08-01 17:11:18 | 000,155,364 | RHS- | C] () -- C:\Windows\SysNative\resITA.cui
  384. [2015-08-01 17:11:18 | 000,155,364 | RHS- | C] () -- C:\Windows\SysNative\resDEU.cui
  385. [2015-08-01 17:11:18 | 000,155,204 | RHS- | C] () -- C:\Windows\SysNative\resROM.cui
  386. [2015-08-01 17:11:18 | 000,155,092 | RHS- | C] () -- C:\Windows\SysNative\resESN.cui
  387. [2015-08-01 17:11:18 | 000,154,660 | RHS- | C] () -- C:\Windows\SysNative\resPLK.cui
  388. [2015-08-01 17:11:18 | 000,154,516 | RHS- | C] () -- C:\Windows\SysNative\resSKY.cui
  389. [2015-08-01 17:11:18 | 000,154,324 | RHS- | C] () -- C:\Windows\SysNative\resNLD.cui
  390. [2015-08-01 17:11:18 | 000,153,764 | RHS- | C] () -- C:\Windows\SysNative\resPTB.cui
  391. [2015-08-01 17:11:18 | 000,153,620 | RHS- | C] () -- C:\Windows\SysNative\resTRK.cui
  392. [2015-08-01 17:11:18 | 000,153,604 | RHS- | C] () -- C:\Windows\SysNative\resCSY.cui
  393. [2015-08-01 17:11:18 | 000,153,460 | RHS- | C] () -- C:\Windows\SysNative\resPTG.cui
  394. [2015-08-01 17:11:18 | 000,153,060 | RHS- | C] () -- C:\Windows\SysNative\resFIN.cui
  395. [2015-08-01 17:11:18 | 000,152,612 | RHS- | C] () -- C:\Windows\SysNative\resHRV.cui
  396. [2015-08-01 17:11:18 | 000,152,164 | RHS- | C] () -- C:\Windows\SysNative\resSVE.cui
  397. [2015-08-01 17:11:18 | 000,152,004 | RHS- | C] () -- C:\Windows\SysNative\resSLV.cui
  398. [2015-08-01 17:11:18 | 000,151,060 | RHS- | C] () -- C:\Windows\SysNative\resNOR.cui
  399. [2015-08-01 17:11:18 | 000,150,548 | RHS- | C] () -- C:\Windows\SysNative\resDAN.cui
  400. [2015-08-01 17:11:18 | 000,149,236 | RHS- | C] () -- C:\Windows\SysNative\resENU.cui
  401. [2015-08-01 17:11:18 | 000,147,460 | RHS- | C] () -- C:\Windows\SysNative\resCHT.cui
  402. [2015-08-01 17:11:18 | 000,146,628 | RHS- | C] () -- C:\Windows\SysNative\resCHS.cui
  403. [2015-08-01 17:11:18 | 000,002,564 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
  404. [2015-08-01 17:11:18 | 000,000,895 | ---- | C] () -- C:\Windows\SysNative\CustomModeAppv2_0.exe.config
  405. [2015-08-01 17:11:18 | 000,000,889 | ---- | C] () -- C:\Windows\SysNative\CustomModeApp.exe.config
  406. [2015-08-01 17:08:05 | 000,000,410 | ---- | C] () -- C:\Windows\tasks\SlimDrivers Startup.job
  407. [2015-08-01 17:07:54 | 000,002,467 | ---- | C] () -- C:\Users\Public\Desktop\SlimDrivers.lnk
  408. [2015-07-30 20:57:22 | 000,000,120 | ---- | C] () -- C:\Users\Đurić\advanced_ip_scanner_MAC.bin
  409. [2015-07-30 20:55:54 | 000,000,988 | ---- | C] () -- C:\Users\Public\Desktop\Advanced IP Scanner.lnk
  410. [2015-07-29 13:53:01 | 000,075,209 | ---- | C] () -- D:\Đurić\Desktop\10294267_862579973759788_1038784545424223757_n.jpg
  411. [2014-09-08 16:27:43 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
  412. [2014-09-08 11:35:40 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
  413. [2014-09-06 10:45:47 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
  414. [2014-09-06 10:45:47 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
  415. [2014-09-06 10:45:47 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
  416. [2014-09-06 10:45:46 | 000,218,200 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
  417. [2014-09-06 10:45:45 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
  418. [2014-09-06 10:11:45 | 000,788,460 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
  419. [2014-08-14 00:23:38 | 012,728,192 | ---- | C] () -- C:\Windows\SysWow64\igd11dxva32.dll
  420.  
  421. [color=#E56717]========== ZeroAccess Check ==========[/color]
  422.  
  423. [2009-07-14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
  424.  
  425. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  426.  
  427. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  428.  
  429. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
  430.  
  431. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  432.  
  433. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  434. "" = C:\Windows\SysNative\shell32.dll -- [2014-08-17 05:02:39 | 014,175,744 | ---- | M] (Microsoft Corporation)
  435. "ThreadingModel" = Apartment
  436.  
  437. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  438. "" = %SystemRoot%\system32\shell32.dll -- [2014-08-17 05:02:39 | 012,874,240 | ---- | M] (Microsoft Corporation)
  439. "ThreadingModel" = Apartment
  440.  
  441. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
  442. "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009-07-14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
  443. "ThreadingModel" = Free
  444.  
  445. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  446. "" = %systemroot%\system32\wbem\fastprox.dll -- [2010-11-21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
  447. "ThreadingModel" = Free
  448.  
  449. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
  450. "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009-07-14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
  451. "ThreadingModel" = Both
  452.  
  453. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  454.  
  455. [color=#E56717]========== LOP Check ==========[/color]
  456.  
  457. [2014-09-08 10:39:58 | 000,000,000 | ---D | M] -- C:\Users\Đurić\AppData\Roaming\Ashampoo
  458. [2014-09-08 11:43:34 | 000,000,000 | ---D | M] -- C:\Users\Đurić\AppData\Roaming\Autodesk
  459. [2014-09-08 10:42:44 | 000,000,000 | ---D | M] -- C:\Users\Đurić\AppData\Roaming\DVDVideoSoft
  460. [2014-09-06 10:46:11 | 000,000,000 | ---D | M] -- C:\Users\Đurić\AppData\Roaming\MPC-HC
  461. [2014-11-14 23:52:06 | 000,000,000 | ---D | M] -- C:\Users\Đurić\AppData\Roaming\Oracle
  462. [2015-05-10 11:59:21 | 000,000,000 | ---D | M] -- C:\Users\Đurić\AppData\Roaming\uTorrent
  463.  
  464. [color=#E56717]========== Purity Check ==========[/color]
  465.  
  466.  
  467.  
  468. [color=#E56717]========== Custom Scans ==========[/color]
  469.  
  470. [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
  471. [2015-08-01 17:42:16 | 3119,927,296 | -HS- | M] () -- C:\hiberfil.sys
  472. [2015-07-20 06:05:24 | 000,124,962 | ---- | M] () -- C:\IFRToolLog.txt
  473. [2015-08-01 17:42:18 | 4159,905,792 | -HS- | M] () -- C:\pagefile.sys
  474. [2014-09-06 10:09:30 | 000,000,189 | ---- | M] () -- C:\RTL8168.log
  475.  
  476. [color=#A23BEC]< %systemroot%\Fonts\*.com >[/color]
  477. [2009-07-14 07:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
  478. [2009-07-14 07:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
  479. [2009-07-14 07:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
  480. [2009-07-14 07:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
  481.  
  482. [color=#A23BEC]< %systemroot%\Fonts\*.dll >[/color]
  483.  
  484. [color=#A23BEC]< %systemroot%\Fonts\*.ini >[/color]
  485. [2009-06-10 22:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
  486.  
  487. [color=#A23BEC]< %systemroot%\Fonts\*.ini2 >[/color]
  488.  
  489. [color=#A23BEC]< %systemroot%\Fonts\*.exe >[/color]
  490.  
  491. [color=#A23BEC]< %systemroot%\system32\spool\prtprocs\w32x86\*.* >[/color]
  492.  
  493. [color=#A23BEC]< %systemroot%\REPAIR\*.bak1 >[/color]
  494.  
  495. [color=#A23BEC]< %systemroot%\REPAIR\*.ini >[/color]
  496.  
  497. [color=#A23BEC]< %systemroot%\system32\*.jpg >[/color]
  498.  
  499. [color=#A23BEC]< %systemroot%\*.jpg >[/color]
  500.  
  501. [color=#A23BEC]< %systemroot%\*.png >[/color]
  502.  
  503. [color=#A23BEC]< %systemroot%\*.scr >[/color]
  504.  
  505. [color=#A23BEC]< %systemroot%\*._sy >[/color]
  506.  
  507. [color=#A23BEC]< %APPDATA%\Adobe\Update\*.* >[/color]
  508.  
  509. [color=#A23BEC]< %ALLUSERSPROFILE%\Favorites\*.* >[/color]
  510.  
  511. [color=#A23BEC]< %APPDATA%\Microsoft\*.* >[/color]
  512.  
  513. [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color]
  514. [2009-07-14 06:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
  515.  
  516. [color=#A23BEC]< %APPDATA%\Update\*.* >[/color]
  517.  
  518. [color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
  519.  
  520. [color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
  521.  
  522. [color=#A23BEC]< %PROGRAMFILES%\bak. /s >[/color]
  523.  
  524. [color=#A23BEC]< %systemroot%\system32\bak. /s >[/color]
  525.  
  526. [color=#A23BEC]< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >[/color]
  527.  
  528. [color=#A23BEC]< %systemroot%\system32\config\systemprofile\*.dat /x >[/color]
  529.  
  530. [color=#A23BEC]< %systemroot%\*.config >[/color]
  531.  
  532. [color=#A23BEC]< %systemroot%\system32\*.db >[/color]
  533.  
  534. [color=#A23BEC]< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >[/color]
  535. [2014-09-06 10:19:50 | 000,000,221 | -HS- | M] () -- C:\Users\Đurić\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
  536.  
  537. [color=#A23BEC]< %USERPROFILE%\Desktop\*.exe >[/color]
  538.  
  539. [color=#A23BEC]< %PROGRAMFILES%\Common Files\*.* >[/color]
  540.  
  541. [color=#A23BEC]< %systemroot%\*.src >[/color]
  542.  
  543. [color=#A23BEC]< %systemroot%\install\*.* >[/color]
  544.  
  545. [color=#A23BEC]< %systemroot%\system32\DLL\*.* >[/color]
  546.  
  547. [color=#A23BEC]< %systemroot%\system32\HelpFiles\*.* >[/color]
  548.  
  549. [color=#A23BEC]< %systemroot%\system32\rundll\*.* >[/color]
  550.  
  551. [color=#A23BEC]< %systemroot%\winn32\*.* >[/color]
  552.  
  553. [color=#A23BEC]< %systemroot%\Java\*.* >[/color]
  554.  
  555. [color=#A23BEC]< %systemroot%\system32\test\*.* >[/color]
  556.  
  557. [color=#A23BEC]< %systemroot%\system32\Rundll32\*.* >[/color]
  558.  
  559. [color=#A23BEC]< %systemroot%\AppPatch\Custom\*.* >[/color]
  560.  
  561. [color=#A23BEC]< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >[/color]
  562.  
  563. [color=#A23BEC]< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >[/color]
  564.  
  565. [color=#A23BEC]< %PROGRAMFILES%\Internet Explorer\*.tmp >[/color]
  566.  
  567. [color=#A23BEC]< %PROGRAMFILES%\Internet Explorer\*.dat >[/color]
  568.  
  569. [color=#A23BEC]< %USERPROFILE%\My Documents\*.exe >[/color]
  570.  
  571. [color=#A23BEC]< %USERPROFILE%\*.exe >[/color]
  572.  
  573. [color=#A23BEC]< %systemroot%\ADDINS\*.* >[/color]
  574. [2009-06-10 23:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\ADDINS\FXSEXT.ecf
  575.  
  576. [color=#A23BEC]< %systemroot%\assembly\*.bak2 >[/color]
  577.  
  578. [color=#A23BEC]< %systemroot%\Config\*.* >[/color]
  579.  
  580. [color=#A23BEC]< %systemroot%\REPAIR\*.bak2 >[/color]
  581.  
  582. [color=#A23BEC]< %systemroot%\SECURITY\Database\*.sdb /x >[/color]
  583.  
  584. [color=#A23BEC]< %systemroot%\SYSTEM\*.bak2 >[/color]
  585.  
  586. [color=#A23BEC]< %systemroot%\Web\*.bak2 >[/color]
  587.  
  588. [color=#A23BEC]< %systemroot%\Driver Cache\*.* >[/color]
  589.  
  590. [color=#A23BEC]< %PROGRAMFILES%\Mozilla Firefox\0*.exe >[/color]
  591.  
  592. [color=#A23BEC]< %ProgramFiles%\Microsoft Common\*.* >[/color]
  593.  
  594. [color=#A23BEC]< %ProgramFiles%\TinyProxy. >[/color]
  595.  
  596. [color=#A23BEC]< %USERPROFILE%\Favorites\*.url /x >[/color]
  597.  
  598. [color=#A23BEC]< %systemroot%\System32\Wbem\*.exe >[/color]
  599. [2009-07-14 03:14:24 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\mofcomp.exe
  600. [2009-07-14 03:14:45 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\WinMgmt.exe
  601. [2009-07-14 03:14:46 | 000,115,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\WMIADAP.exe
  602. [2009-07-14 03:14:46 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\WMIC.exe
  603. [2010-11-21 05:24:27 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\WmiPrvSE.exe
  604.  
  605. [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color]
  606.  
  607. [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color]
  608.  
  609. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!