API tools faq
paste
Advertisement
meha

Untitled

meha
Mar 15th, 2017
182
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 57.68 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 15.3.2017 17:41:17 - Run 1
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Ja\Desktop
  3. 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
  4. Internet Explorer (Version = 9.11.9600.17631)
  5. Locale: 0000141a | Country: Bosna i Hercegovina | Language: BSB | Date Format: d.M.yyyy
  6.  
  7. 7,95 Gb Total Physical Memory | 4,94 Gb Available Physical Memory | 62,21% Memory free
  8. 9,20 Gb Paging File | 5,76 Gb Available in Paging File | 62,66% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
  12. Drive C: | 292,19 Gb Total Space | 120,52 Gb Free Space | 41,25% Space Free | Partition Type: NTFS
  13. Drive D: | 239,00 Mb Total Space | 149,34 Mb Free Space | 62,48% Space Free | Partition Type: FAT32
  14. Drive E: | 638,54 Gb Total Space | 347,41 Gb Free Space | 54,41% Space Free | Partition Type: NTFS
  15.  
  16. Computer Name: MEHA | User Name: Ja | Logged in as Administrator.
  17. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
  18. Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
  19.  
  20. [color=#E56717]========== Processes (SafeList) ==========[/color]
  21.  
  22. PRC - [2017.03.15 17:39:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ja\Desktop\OTL.exe
  23. PRC - [2017.03.15 17:28:21 | 000,288,920 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
  24. PRC - [2017.01.25 20:13:05 | 000,517,576 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  25. PRC - [2016.05.25 09:49:16 | 000,795,664 | ---- | M] (Garmin Ltd. or its subsidiaries) -- C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
  26. PRC - [2016.05.25 09:48:48 | 001,400,232 | ---- | M] (Garmin Ltd. or its subsidiaries) -- C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
  27. PRC - [2015.07.08 13:22:32 | 001,353,720 | ---- | M] (ESET) -- C:\Program Files\ESET\x86\ekrn.exe
  28. PRC - [2013.08.19 11:11:02 | 000,390,616 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
  29. PRC - [2013.08.19 11:10:16 | 000,169,432 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
  30. PRC - [2013.08.07 14:24:00 | 000,287,592 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
  31. PRC - [2013.08.07 14:24:00 | 000,015,720 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
  32.  
  33.  
  34. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  35.  
  36.  
  37. [color=#E56717]========== Services (SafeList) ==========[/color]
  38.  
  39. SRV:[b]64bit:[/b] - [2015.07.08 13:22:32 | 001,353,720 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\x86\ekrn.exe -- (ekrn)
  40. SRV:[b]64bit:[/b] - [2015.01.17 03:45:24 | 000,229,888 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
  41. SRV:[b]64bit:[/b] - [2015.01.08 19:44:22 | 000,368,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
  42. SRV:[b]64bit:[/b] - [2015.01.08 19:44:22 | 000,023,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
  43. SRV:[b]64bit:[/b] - [2014.11.21 13:46:36 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
  44. SRV:[b]64bit:[/b] - [2014.11.21 09:14:48 | 000,154,112 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
  45. SRV:[b]64bit:[/b] - [2014.11.21 09:14:40 | 001,668,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
  46. SRV:[b]64bit:[/b] - [2014.11.21 09:14:40 | 000,187,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
  47. SRV:[b]64bit:[/b] - [2014.11.21 09:14:03 | 000,780,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
  48. SRV:[b]64bit:[/b] - [2014.11.21 09:13:58 | 000,562,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
  49. SRV:[b]64bit:[/b] - [2014.11.21 09:13:55 | 000,074,752 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
  50. SRV:[b]64bit:[/b] - [2014.11.21 09:13:54 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
  51. SRV:[b]64bit:[/b] - [2014.11.21 09:13:49 | 000,374,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
  52. SRV:[b]64bit:[/b] - [2014.11.21 09:13:48 | 000,550,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
  53. SRV:[b]64bit:[/b] - [2014.11.21 09:13:44 | 000,166,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
  54. SRV:[b]64bit:[/b] - [2014.11.21 09:13:35 | 003,460,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
  55. SRV:[b]64bit:[/b] - [2014.11.21 09:13:33 | 001,639,424 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
  56. SRV:[b]64bit:[/b] - [2014.11.21 09:13:33 | 000,026,112 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
  57. SRV:[b]64bit:[/b] - [2014.11.21 09:13:30 | 000,041,472 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
  58. SRV:[b]64bit:[/b] - [2014.11.21 09:13:29 | 000,260,608 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
  59. SRV:[b]64bit:[/b] - [2014.11.21 09:13:29 | 000,131,072 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
  60. SRV:[b]64bit:[/b] - [2014.11.21 09:13:27 | 000,521,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
  61. SRV:[b]64bit:[/b] - [2014.11.21 09:13:23 | 000,407,040 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
  62. SRV:[b]64bit:[/b] - [2014.11.21 09:13:23 | 000,270,336 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
  63. SRV:[b]64bit:[/b] - [2014.11.21 09:13:23 | 000,206,848 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
  64. SRV:[b]64bit:[/b] - [2014.11.21 09:13:22 | 000,262,656 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
  65. SRV:[b]64bit:[/b] - [2014.11.21 09:13:18 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
  66. SRV:[b]64bit:[/b] - [2014.11.21 09:13:17 | 000,294,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
  67. SRV:[b]64bit:[/b] - [2014.11.21 09:13:17 | 000,121,856 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
  68. SRV:[b]64bit:[/b] - [2014.11.21 09:13:17 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
  69. SRV:[b]64bit:[/b] - [2014.11.21 09:13:11 | 001,348,096 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
  70. SRV:[b]64bit:[/b] - [2014.11.21 09:13:06 | 000,092,992 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\KeyboardFilterSvc.dll -- (MsKeyboardFilter)
  71. SRV:[b]64bit:[/b] - [2014.11.21 09:13:05 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
  72. SRV:[b]64bit:[/b] - [2014.11.21 09:13:05 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
  73. SRV:[b]64bit:[/b] - [2014.11.21 09:13:05 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
  74. SRV:[b]64bit:[/b] - [2014.11.21 09:13:05 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
  75. SRV:[b]64bit:[/b] - [2014.11.21 09:13:05 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
  76. SRV:[b]64bit:[/b] - [2014.11.21 09:13:05 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
  77. SRV:[b]64bit:[/b] - [2014.11.21 09:13:05 | 000,524,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
  78. SRV:[b]64bit:[/b] - [2014.11.21 09:12:46 | 000,838,656 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
  79. SRV:[b]64bit:[/b] - [2014.11.21 09:12:46 | 000,062,464 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
  80. SRV:[b]64bit:[/b] - [2014.11.21 09:12:42 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
  81. SRV:[b]64bit:[/b] - [2014.11.21 09:12:41 | 000,324,608 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\BthHFSrv.dll -- (BthHFSrv)
  82. SRV:[b]64bit:[/b] - [2013.09.12 02:46:52 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
  83. SRV:[b]64bit:[/b] - [2013.08.07 14:24:00 | 000,015,720 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
  84. SRV:[b]64bit:[/b] - [2013.05.11 17:45:54 | 000,822,232 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe -- (Intel(R)
  85. SRV:[b]64bit:[/b] - [2013.05.11 17:45:38 | 000,733,696 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
  86. SRV - [2017.03.15 12:05:16 | 000,271,960 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
  87. SRV - [2017.01.25 20:13:18 | 000,172,488 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
  88. SRV - [2016.05.25 09:49:16 | 000,795,664 | ---- | M] (Garmin Ltd. or its subsidiaries) [Auto | Running] -- C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe -- (Garmin Device Interaction Service)
  89. SRV - [2014.11.21 09:14:18 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
  90. SRV - [2014.11.21 09:12:47 | 000,367,104 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
  91. SRV - [2014.11.21 09:12:47 | 000,017,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
  92. SRV - [2014.11.21 09:12:42 | 002,987,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
  93. SRV - [2013.08.19 11:11:02 | 000,390,616 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
  94. SRV - [2013.08.19 11:10:16 | 000,169,432 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe -- (jhi_service)
  95.  
  96.  
  97. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  98.  
  99. DRV:[b]64bit:[/b] - [2016.08.31 19:36:04 | 000,030,208 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetbus64.sys -- (AndnetBus)
  100. DRV:[b]64bit:[/b] - [2016.08.24 18:09:06 | 000,037,376 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetmodem64.sys -- (ANDNetModem)
  101. DRV:[b]64bit:[/b] - [2016.08.24 18:08:30 | 000,030,208 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag264.sys -- (AndNetDiag2)
  102. DRV:[b]64bit:[/b] - [2016.08.24 18:08:08 | 000,030,720 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag64.sys -- (AndNetDiag)
  103. DRV:[b]64bit:[/b] - [2015.07.13 05:14:14 | 000,255,240 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
  104. DRV:[b]64bit:[/b] - [2015.07.13 05:14:14 | 000,251,632 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\edevmon.sys -- (edevmon)
  105. DRV:[b]64bit:[/b] - [2015.07.13 05:14:14 | 000,178,520 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
  106. DRV:[b]64bit:[/b] - [2015.07.13 05:14:14 | 000,168,208 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfwwfpr.sys -- (epfwwfpr)
  107. DRV:[b]64bit:[/b] - [2015.01.17 03:45:29 | 000,075,776 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
  108. DRV:[b]64bit:[/b] - [2015.01.08 19:50:33 | 000,238,912 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
  109. DRV:[b]64bit:[/b] - [2015.01.08 19:50:33 | 000,136,512 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
  110. DRV:[b]64bit:[/b] - [2015.01.08 19:50:33 | 000,086,336 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
  111. DRV:[b]64bit:[/b] - [2015.01.08 19:50:33 | 000,058,176 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
  112. DRV:[b]64bit:[/b] - [2015.01.08 19:50:33 | 000,039,744 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
  113. DRV:[b]64bit:[/b] - [2015.01.08 19:44:22 | 000,258,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
  114. DRV:[b]64bit:[/b] - [2015.01.08 19:44:22 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
  115. DRV:[b]64bit:[/b] - [2015.01.08 19:44:22 | 000,035,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
  116. DRV:[b]64bit:[/b] - [2014.11.21 09:54:39 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
  117. DRV:[b]64bit:[/b] - [2014.11.21 09:15:02 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
  118. DRV:[b]64bit:[/b] - [2014.11.21 09:14:51 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
  119. DRV:[b]64bit:[/b] - [2014.11.21 09:14:49 | 000,054,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
  120. DRV:[b]64bit:[/b] - [2014.11.21 09:13:48 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
  121. DRV:[b]64bit:[/b] - [2014.11.21 09:13:44 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
  122. DRV:[b]64bit:[/b] - [2014.11.21 09:13:44 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
  123. DRV:[b]64bit:[/b] - [2014.11.21 09:13:42 | 000,921,920 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
  124. DRV:[b]64bit:[/b] - [2014.11.21 09:13:27 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
  125. DRV:[b]64bit:[/b] - [2014.11.21 09:12:43 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
  126. DRV:[b]64bit:[/b] - [2014.11.21 09:12:41 | 000,467,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
  127. DRV:[b]64bit:[/b] - [2014.11.21 09:12:41 | 000,415,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
  128. DRV:[b]64bit:[/b] - [2014.11.21 09:12:41 | 000,324,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
  129. DRV:[b]64bit:[/b] - [2014.11.21 09:12:41 | 000,189,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
  130. DRV:[b]64bit:[/b] - [2014.11.21 09:12:41 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
  131. DRV:[b]64bit:[/b] - [2014.11.21 09:12:41 | 000,069,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
  132. DRV:[b]64bit:[/b] - [2014.11.21 09:12:41 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
  133. DRV:[b]64bit:[/b] - [2014.11.21 08:48:41 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
  134. DRV:[b]64bit:[/b] - [2014.11.21 08:48:25 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
  135. DRV:[b]64bit:[/b] - [2014.11.21 08:48:24 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
  136. DRV:[b]64bit:[/b] - [2014.11.21 08:48:24 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
  137. DRV:[b]64bit:[/b] - [2014.11.21 08:48:24 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
  138. DRV:[b]64bit:[/b] - [2014.11.21 08:18:44 | 000,022,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbldfltr.sys -- (kbldfltr)
  139. DRV:[b]64bit:[/b] - [2014.11.21 08:18:36 | 000,220,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
  140. DRV:[b]64bit:[/b] - [2014.11.21 08:18:36 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbusr.sys -- (vmbusr)
  141. DRV:[b]64bit:[/b] - [2014.11.21 08:18:36 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsp.sys -- (storvsp)
  142. DRV:[b]64bit:[/b] - [2014.11.21 08:18:36 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcivsp.sys -- (vpcivsp)
  143. DRV:[b]64bit:[/b] - [2014.11.21 08:18:36 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
  144. DRV:[b]64bit:[/b] - [2013.09.24 15:54:40 | 000,222,720 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdWB6.sys -- (AtiHDAudioService)
  145. DRV:[b]64bit:[/b] - [2013.09.12 03:39:56 | 012,760,576 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
  146. DRV:[b]64bit:[/b] - [2013.09.12 02:13:58 | 000,619,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
  147. DRV:[b]64bit:[/b] - [2013.08.22 14:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
  148. DRV:[b]64bit:[/b] - [2013.08.22 14:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
  149. DRV:[b]64bit:[/b] - [2013.08.22 13:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
  150. DRV:[b]64bit:[/b] - [2013.08.22 13:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
  151. DRV:[b]64bit:[/b] - [2013.08.22 13:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
  152. DRV:[b]64bit:[/b] - [2013.08.22 13:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
  153. DRV:[b]64bit:[/b] - [2013.08.22 13:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
  154. DRV:[b]64bit:[/b] - [2013.08.22 13:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
  155. DRV:[b]64bit:[/b] - [2013.08.22 13:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
  156. DRV:[b]64bit:[/b] - [2013.08.22 13:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
  157. DRV:[b]64bit:[/b] - [2013.08.22 13:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
  158. DRV:[b]64bit:[/b] - [2013.08.22 13:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
  159. DRV:[b]64bit:[/b] - [2013.08.22 13:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
  160. DRV:[b]64bit:[/b] - [2013.08.22 13:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
  161. DRV:[b]64bit:[/b] - [2013.08.22 13:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
  162. DRV:[b]64bit:[/b] - [2013.08.22 13:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
  163. DRV:[b]64bit:[/b] - [2013.08.22 13:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
  164. DRV:[b]64bit:[/b] - [2013.08.22 13:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
  165. DRV:[b]64bit:[/b] - [2013.08.22 13:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
  166. DRV:[b]64bit:[/b] - [2013.08.22 13:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
  167. DRV:[b]64bit:[/b] - [2013.08.22 13:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
  168. DRV:[b]64bit:[/b] - [2013.08.22 13:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
  169. DRV:[b]64bit:[/b] - [2013.08.22 13:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
  170. DRV:[b]64bit:[/b] - [2013.08.22 13:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
  171. DRV:[b]64bit:[/b] - [2013.08.22 13:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
  172. DRV:[b]64bit:[/b] - [2013.08.22 13:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
  173. DRV:[b]64bit:[/b] - [2013.08.22 13:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
  174. DRV:[b]64bit:[/b] - [2013.08.22 12:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
  175. DRV:[b]64bit:[/b] - [2013.08.22 12:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
  176. DRV:[b]64bit:[/b] - [2013.08.22 12:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
  177. DRV:[b]64bit:[/b] - [2013.08.22 12:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
  178. DRV:[b]64bit:[/b] - [2013.08.22 12:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
  179. DRV:[b]64bit:[/b] - [2013.08.22 12:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
  180. DRV:[b]64bit:[/b] - [2013.08.22 12:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
  181. DRV:[b]64bit:[/b] - [2013.08.22 12:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
  182. DRV:[b]64bit:[/b] - [2013.08.22 12:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
  183. DRV:[b]64bit:[/b] - [2013.08.22 12:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
  184. DRV:[b]64bit:[/b] - [2013.08.22 12:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
  185. DRV:[b]64bit:[/b] - [2013.08.22 12:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
  186. DRV:[b]64bit:[/b] - [2013.08.22 12:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
  187. DRV:[b]64bit:[/b] - [2013.08.22 12:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
  188. DRV:[b]64bit:[/b] - [2013.08.22 12:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
  189. DRV:[b]64bit:[/b] - [2013.08.22 09:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
  190. DRV:[b]64bit:[/b] - [2013.08.19 11:10:16 | 000,099,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
  191. DRV:[b]64bit:[/b] - [2013.08.13 00:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
  192. DRV:[b]64bit:[/b] - [2013.08.10 01:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
  193. DRV:[b]64bit:[/b] - [2013.08.07 14:23:46 | 000,644,968 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
  194. DRV:[b]64bit:[/b] - [2013.07.30 19:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
  195. DRV:[b]64bit:[/b] - [2013.07.26 16:07:30 | 000,827,096 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
  196. DRV:[b]64bit:[/b] - [2013.07.25 20:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
  197. DRV:[b]64bit:[/b] - [2013.06.18 15:46:27 | 000,051,712 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rtnic64.sys -- (RTL8023x64)
  198. DRV:[b]64bit:[/b] - [2012.09.23 00:17:24 | 000,021,160 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdkmafd.sys -- (amdkmafd)
  199. DRV:[b]64bit:[/b] - [2009.02.12 15:11:26 | 000,026,024 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\rsdrvx64.sys -- (ElRawDisk)
  200. DRV - [2016.03.28 05:00:26 | 000,029,624 | ---- | M] (CyberLink Corp.) [2017/01/12 20:50:55] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD16\Common\NavFilter\000.fcl -- ({41E8078B-96D9-42DC-8789-A1CF102CD880})
  201.  
  202.  
  203. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  204.  
  205.  
  206. [color=#E56717]========== Internet Explorer ==========[/color]
  207.  
  208. IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  209. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  210. IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  211. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  212.  
  213. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://g.live.com/1rewlive4startup/home
  214. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = Reg Error: Value error.
  215. IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  216. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
  217. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  218.  
  219. [color=#E56717]========== FireFox ==========[/color]
  220.  
  221. FF - prefs.js..browser.search.countryCode: "BA"
  222. FF - prefs.js..browser.search.region: "BA"
  223. FF - prefs.js..extensions.enabledAddons: %7Bbee6eb20-01e0-ebd1-da83-080329fb9a3a%7D:2.06
  224. FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:51.0.1
  225. FF - user.js - File not found
  226.  
  227. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll File not found
  228. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
  229. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll ()
  230. FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
  231. FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
  232. FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
  233. FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
  234. FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
  235. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
  236. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
  237. FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
  238.  
  239. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 51.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
  240. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 51.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2016.12.30 20:12:49 | 000,000,000 | ---D | M]
  241.  
  242. [2017.02.19 13:22:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ja\AppData\Roaming\mozilla\Extensions
  243. [2017.03.11 13:24:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Ja\AppData\Roaming\mozilla\Firefox\Profiles\drbqaouu.default\extensions
  244. [2017.03.08 18:07:13 | 000,000,000 | ---D | M] (Flash and Video Download) -- C:\Users\Ja\AppData\Roaming\mozilla\Firefox\Profiles\drbqaouu.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}
  245. [2017.02.19 13:30:46 | 000,072,109 | ---- | M] () (No name found) -- C:\Users\Ja\AppData\Roaming\mozilla\firefox\profiles\drbqaouu.default\extensions\{b7389dbc-6646-412f-bbd5-53168ee68a98}.xpi
  246. [2017.03.11 13:24:14 | 000,026,931 | ---- | M] () (No name found) -- C:\Users\Ja\AppData\Roaming\mozilla\firefox\profiles\drbqaouu.default\extensions\{d0bfdcce-52c7-4b32-bb45-948f62db8d3f}.xpi
  247. [2017.02.19 13:30:31 | 000,060,804 | ---- | M] () (No name found) -- C:\Users\Ja\AppData\Roaming\mozilla\firefox\profiles\drbqaouu.default\extensions\{e8deb9e5-5688-4655-838a-b7a121a9f16e}.xpi
  248. [2017.03.09 17:12:41 | 000,103,407 | ---- | M] () (No name found) -- C:\Users\Ja\AppData\Roaming\mozilla\firefox\profiles\drbqaouu.default\extensions\{f3bd3dd2-2888-44c5-91a2-2caeb33fb898}.xpi
  249. [2017.03.08 15:48:25 | 000,007,704 | ---- | M] () (No name found) -- C:\Users\Ja\AppData\Roaming\mozilla\firefox\profiles\drbqaouu.default\features\{787fd7b7-bdf6-4d8b-bc4d-e7fbb4baa5c6}\aushelper@mozilla.org.xpi
  250. [2017.03.08 15:48:24 | 000,005,527 | ---- | M] () (No name found) -- C:\Users\Ja\AppData\Roaming\mozilla\firefox\profiles\drbqaouu.default\features\{787fd7b7-bdf6-4d8b-bc4d-e7fbb4baa5c6}\diagnostics@mozilla.org.xpi
  251. [2017.03.08 15:48:25 | 000,008,857 | ---- | M] () (No name found) -- C:\Users\Ja\AppData\Roaming\mozilla\firefox\profiles\drbqaouu.default\features\{787fd7b7-bdf6-4d8b-bc4d-e7fbb4baa5c6}\disableSHA1rollout@mozilla.org.xpi
  252. [2017.03.08 15:48:24 | 000,005,336 | ---- | M] () (No name found) -- C:\Users\Ja\AppData\Roaming\mozilla\firefox\profiles\drbqaouu.default\features\{787fd7b7-bdf6-4d8b-bc4d-e7fbb4baa5c6}\hsts-priming@mozilla.org.xpi
  253. [2017.02.19 13:21:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
  254. [2012.10.01 20:43:54 | 000,034,016 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll
  255.  
  256. [color=#E56717]========== Chrome ==========[/color]
  257.  
  258. CHR - Extension: No name found = C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
  259. CHR - Extension: No name found = C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
  260. CHR - Extension: No name found = C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
  261. CHR - Extension: No name found = C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
  262. CHR - Extension: No name found = C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\dphfngjamcomlehblpblaacingmaojnm\3.2.0_0\
  263. CHR - Extension: No name found = C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
  264. CHR - Extension: No name found = C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah\1.4.20_0\
  265. CHR - Extension: No name found = C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
  266. CHR - Extension: No name found = C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.2_0\
  267. CHR - Extension: No name found = C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
  268. CHR - Extension: No name found = C:\Users\Ja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5717.116.0.4_0\
  269.  
  270. O1 HOSTS File: ([2013.08.22 14:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
  271. O4:[b]64bit:[/b] - HKLM..\Run: [egui] C:\Program Files\ESET\egui.exe (ESET)
  272. O4:[b]64bit:[/b] - HKLM..\Run: [IAStorIcon] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation)
  273. O4:[b]64bit:[/b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
  274. O4 - HKLM..\Run: [PowerDVD16Agent] C:\Program Files (x86)\CyberLink\PowerDVD16\PowerDVD16Agent.exe (CyberLink Corp.)
  275. O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
  276. O4 - HKCU..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd. or its subsidiaries)
  277. O4 - HKCU..\Run: [uTorrent] C:\Users\Ja\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
  278. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
  279. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
  280. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
  281. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
  282. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  283. O13[b]64bit:[/b] - gopher Prefix: missing
  284. O13 - gopher Prefix: missing
  285. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
  286. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9C90318D-6D4C-466F-8A98-33C40D0D8F6C}: DhcpNameServer = 192.168.1.1
  287. O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
  288. O18 - Protocol\Handler\ms-help - No CLSID value found
  289. O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  290. O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
  291. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
  292. O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
  293. O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  294. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  295. O32 - HKLM CDRom: AutoRun - 1
  296. O33 - MountPoints2\{14a6a6bb-cdca-11e6-825d-00e07ddc3928}\Shell - "" = AutoRun
  297. O33 - MountPoints2\{14a6a6bb-cdca-11e6-825d-00e07ddc3928}\Shell\AutoRun\command - "" = "D:\LG_PC_Programs.exe"
  298. O33 - MountPoints2\{cb791d51-00d2-11e7-8287-00e07ddc3928}\Shell - "" = AutoRun
  299. O33 - MountPoints2\{cb791d51-00d2-11e7-8287-00e07ddc3928}\Shell\AutoRun\command - "" = "D:\LG_PC_Programs.exe"
  300. O33 - MountPoints2\{d8fee055-cdaf-11e6-8258-806e6f6e6963}\Shell - "" = AutoRun
  301. O33 - MountPoints2\{d8fee055-cdaf-11e6-8258-806e6f6e6963}\Shell\AutoRun\command - "" = "F:\SETUP.EXE"
  302. O34 - HKLM BootExecute: (autocheck autochk *)
  303. O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
  304. O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
  305. O35 - HKLM\..comfile [open] -- "%1" %*
  306. O35 - HKLM\..exefile [open] -- "%1" %*
  307. O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
  308. O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
  309. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  310. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  311. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  312. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  313.  
  314. NetSvcs:[b]64bit:[/b] lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
  315. NetSvcs:[b]64bit:[/b] wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
  316. NetSvcs:[b]64bit:[/b] DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
  317. NetSvcs:[b]64bit:[/b] NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
  318. NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
  319. NetSvcs:[b]64bit:[/b] MsKeyboardFilter - C:\Windows\SysNative\KeyboardFilterSvc.dll (Microsoft Corporation)
  320.  
  321. Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
  322. Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
  323. Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
  324. Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
  325.  
  326. CREATERESTOREPOINT
  327. Restore point Set: OTL Restore Point
  328.  
  329. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  330.  
  331. [2017.03.15 17:40:18 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Ja\Desktop\OTL.exe
  332. [2017.03.10 19:01:26 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
  333. [2017.03.10 18:59:03 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Roaming\Kodi
  334. [2017.03.10 18:58:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kodi
  335. [2017.03.10 18:21:17 | 000,000,000 | ---D | C] -- C:\Users\Ja\Desktop\New folder (2)
  336. [2017.03.10 17:58:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Image Writer
  337. [2017.03.10 17:58:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImageWriter
  338. [2017.03.09 13:28:37 | 000,000,000 | ---D | C] -- C:\Users\Ja\Desktop\New folder
  339. [2017.03.08 20:12:06 | 000,000,000 | ---D | C] -- C:\KodiProfileBackup
  340. [2017.03.06 17:00:15 | 000,000,000 | ---D | C] -- C:\Windows\en
  341. [2017.03.06 17:00:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
  342. [2017.03.06 16:59:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Windows Live
  343. [2017.03.06 16:58:34 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Local\Windows Live
  344. [2017.03.06 16:32:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Windows Live
  345. [2017.03.06 15:43:23 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Roaming\WMM
  346. [2017.03.05 16:24:29 | 000,000,000 | ---D | C] -- C:\Users\Ja\Desktop\LG_Root
  347. [2017.03.03 13:30:48 | 000,000,000 | ---D | C] -- C:\Users\Ja\Desktop\VUČIJAK
  348. [2017.02.28 18:24:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSECache
  349. [2017.02.28 18:21:06 | 000,000,000 | ---D | C] -- C:\Users\Ja\Documents\Custom Office Templates
  350. [2017.02.24 23:13:29 | 000,000,000 | ---D | C] -- C:\Users\Ja\Desktop\FV2-XSONICX
  351. [2017.02.19 13:36:17 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Local\Macromedia
  352. [2017.02.19 13:22:05 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Roaming\Mozilla
  353. [2017.02.19 13:22:05 | 000,000,000 | ---D | C] -- C:\Users\Ja\AppData\Local\Mozilla
  354. [2017.02.19 13:21:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
  355.  
  356. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  357.  
  358. [2017.03.15 17:39:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ja\Desktop\OTL.exe
  359. [2017.03.15 17:30:21 | 000,002,299 | ---- | M] () -- C:\Users\Ja\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
  360. [2017.03.15 17:30:21 | 000,002,275 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
  361. [2017.03.15 16:43:34 | 000,865,408 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
  362. [2017.03.15 16:43:34 | 000,723,316 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
  363. [2017.03.15 16:43:34 | 000,135,930 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
  364. [2017.03.15 16:41:14 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  365. [2017.03.15 16:39:13 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
  366. [2017.03.15 16:39:12 | 2530,639,871 | -HS- | M] () -- C:\hiberfil.sys
  367. [2017.03.14 14:41:48 | 732,610,394 | ---- | M] () -- C:\Users\Ja\Desktop\DJI_0011.MOV
  368. [2017.03.11 14:38:16 | 3332,876,799 | ---- | M] () -- C:\Users\Ja\Desktop\DJI_0027.MOV
  369. [2017.03.10 19:01:26 | 000,000,965 | ---- | M] () -- C:\Users\Ja\Desktop\Kodi.lnk
  370. [2017.03.10 18:42:20 | 000,000,400 | RHS- | M] () -- C:\ProgramData\ntuser.pol
  371. [2017.03.10 17:58:03 | 000,001,075 | ---- | M] () -- C:\Users\Public\Desktop\Win32DiskImager.lnk
  372. [2017.03.08 19:43:43 | 000,002,666 | ---- | M] () -- C:\Users\Ja\Desktop\µTorrent.lnk
  373. [2017.03.05 14:56:17 | 000,002,760 | ---- | M] () -- C:\Windows\SysWow64\lgAxconfig.ini
  374. [2017.03.05 14:56:07 | 000,000,843 | ---- | M] () -- C:\Users\Ja\Desktop\LGMobile Support Tool.lnk
  375. [2017.02.19 13:21:57 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
  376.  
  377. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  378.  
  379. [2017.03.15 17:30:21 | 000,002,299 | ---- | C] () -- C:\Users\Ja\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
  380. [2017.03.15 17:30:21 | 000,002,287 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
  381. [2017.03.15 17:30:21 | 000,002,275 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
  382. [2017.03.15 16:39:13 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
  383. [2017.03.14 17:22:37 | 732,610,394 | ---- | C] () -- C:\Users\Ja\Desktop\DJI_0011.MOV
  384. [2017.03.11 15:26:11 | 3332,876,799 | ---- | C] () -- C:\Users\Ja\Desktop\DJI_0027.MOV
  385. [2017.03.10 19:01:26 | 000,000,965 | ---- | C] () -- C:\Users\Ja\Desktop\Kodi.lnk
  386. [2017.03.10 17:58:03 | 000,001,075 | ---- | C] () -- C:\Users\Public\Desktop\Win32DiskImager.lnk
  387. [2017.03.08 19:43:43 | 000,002,666 | ---- | C] () -- C:\Users\Ja\Desktop\µTorrent.lnk
  388. [2017.03.06 17:00:10 | 000,001,321 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
  389. [2017.03.06 17:00:08 | 000,001,390 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
  390. [2017.02.19 13:21:57 | 000,001,171 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
  391. [2017.02.19 13:21:57 | 000,001,159 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
  392. [2016.12.29 15:48:28 | 000,000,400 | RHS- | C] () -- C:\ProgramData\ntuser.pol
  393. [2016.12.29 12:08:57 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
  394. [2016.12.29 12:08:57 | 000,002,760 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
  395. [2016.12.29 11:54:59 | 000,872,086 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
  396. [2016.12.29 11:53:31 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
  397. [2016.12.29 11:50:56 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
  398. [2016.12.29 11:50:54 | 000,033,051 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
  399. [2016.12.29 11:50:53 | 000,010,296 | ---- | C] () -- C:\Windows\SysWow64\drivers\ASUSHWIO.SYS
  400. [2016.12.29 11:36:09 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
  401. [2015.04.24 10:35:42 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
  402. [2015.04.24 10:35:42 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
  403. [2015.04.24 10:35:32 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
  404. [2015.04.24 10:35:02 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
  405. [2015.04.24 10:35:02 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
  406.  
  407. [color=#E56717]========== ZeroAccess Check ==========[/color]
  408.  
  409. [2017.01.16 16:58:20 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
  410.  
  411. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  412.  
  413. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  414.  
  415. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
  416.  
  417. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  418.  
  419. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  420. "" = C:\Windows\SysNative\shell32.dll -- [2015.01.08 19:50:33 | 022,290,560 | ---- | M] (Microsoft Corporation)
  421. "ThreadingModel" = Apartment
  422.  
  423. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  424. "" = %SystemRoot%\system32\shell32.dll -- [2015.01.08 19:50:33 | 019,731,824 | ---- | M] (Microsoft Corporation)
  425. "ThreadingModel" = Apartment
  426.  
  427. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
  428. "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2014.11.21 09:13:07 | 001,013,760 | ---- | M] (Microsoft Corporation)
  429. "ThreadingModel" = Free
  430.  
  431. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  432. "" = %systemroot%\system32\wbem\fastprox.dll -- [2014.11.21 09:14:13 | 000,786,944 | ---- | M] (Microsoft Corporation)
  433. "ThreadingModel" = Free
  434.  
  435. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
  436. "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2014.11.21 09:13:07 | 000,512,512 | ---- | M] (Microsoft Corporation)
  437. "ThreadingModel" = Both
  438.  
  439. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  440.  
  441. [color=#E56717]========== LOP Check ==========[/color]
  442.  
  443. [2017.01.12 17:53:01 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\BSplayer PRO
  444. [2017.01.23 14:23:30 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\etcher
  445. [2017.01.21 19:18:28 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\Garmin
  446. [2017.03.12 15:29:19 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\Kodi
  447. [2016.12.29 15:00:09 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\LG
  448. [2017.02.05 17:33:03 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\PencilSheep
  449. [2017.03.10 21:15:42 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\uTorrent
  450. [2017.03.06 15:43:23 | 000,000,000 | ---D | M] -- C:\Users\Ja\AppData\Roaming\WMM
  451.  
  452. [color=#E56717]========== Purity Check ==========[/color]
  453.  
  454.  
  455.  
  456. [color=#E56717]========== Custom Scans ==========[/color]
  457.  
  458. [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
  459. [2014.11.21 09:13:42 | 000,404,250 | RHS- | M] () -- C:\bootmgr
  460. [2013.06.18 13:18:29 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
  461. [2017.03.15 16:39:12 | 2530,639,871 | -HS- | M] () -- C:\hiberfil.sys
  462. [2017.03.15 16:39:13 | 1342,177,280 | -HS- | M] () -- C:\pagefile.sys
  463. [2017.03.15 16:39:13 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
  464.  
  465. [color=#A23BEC]< %systemroot%\Fonts\*.com >[/color]
  466. [2014.12.30 18:48:36 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
  467. [2014.12.30 18:48:36 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
  468. [2014.12.30 18:48:36 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
  469. [2014.12.30 18:48:36 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
  470.  
  471. [color=#A23BEC]< %systemroot%\Fonts\*.dll >[/color]
  472.  
  473. [color=#A23BEC]< %systemroot%\Fonts\*.ini >[/color]
  474. [2013.08.22 16:35:03 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
  475.  
  476. [color=#A23BEC]< %systemroot%\Fonts\*.ini2 >[/color]
  477.  
  478. [color=#A23BEC]< %systemroot%\Fonts\*.exe >[/color]
  479.  
  480. [color=#A23BEC]< %systemroot%\system32\spool\prtprocs\w32x86\*.* >[/color]
  481.  
  482. [color=#A23BEC]< %systemroot%\REPAIR\*.bak1 >[/color]
  483.  
  484. [color=#A23BEC]< %systemroot%\REPAIR\*.ini >[/color]
  485.  
  486. [color=#A23BEC]< %systemroot%\system32\*.jpg >[/color]
  487.  
  488. [color=#A23BEC]< %systemroot%\*.jpg >[/color]
  489.  
  490. [color=#A23BEC]< %systemroot%\*.png >[/color]
  491.  
  492. [color=#A23BEC]< %systemroot%\*.scr >[/color]
  493. [2014.03.31 21:34:22 | 000,322,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
  494.  
  495. [color=#A23BEC]< %systemroot%\*._sy >[/color]
  496.  
  497. [color=#A23BEC]< %APPDATA%\Adobe\Update\*.* >[/color]
  498.  
  499. [color=#A23BEC]< %ALLUSERSPROFILE%\Favorites\*.* >[/color]
  500.  
  501. [color=#A23BEC]< %APPDATA%\Microsoft\*.* >[/color]
  502.  
  503. [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color]
  504. [2013.08.22 16:34:52 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
  505.  
  506. [color=#A23BEC]< %APPDATA%\Update\*.* >[/color]
  507.  
  508. [color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
  509.  
  510. [color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
  511.  
  512. [color=#A23BEC]< %PROGRAMFILES%\bak. /s >[/color]
  513.  
  514. [color=#A23BEC]< %systemroot%\system32\bak. /s >[/color]
  515.  
  516. [color=#A23BEC]< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >[/color]
  517.  
  518. [color=#A23BEC]< %systemroot%\system32\config\systemprofile\*.dat /x >[/color]
  519.  
  520. [color=#A23BEC]< %systemroot%\*.config >[/color]
  521.  
  522. [color=#A23BEC]< %systemroot%\system32\*.db >[/color]
  523.  
  524. [color=#A23BEC]< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >[/color]
  525. [2016.12.29 12:02:23 | 000,000,223 | -HS- | M] () -- C:\Users\Ja\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
  526.  
  527. [color=#A23BEC]< %USERPROFILE%\Desktop\*.exe >[/color]
  528. [2017.01.17 00:26:30 | 006,553,600 | ---- | M] () -- C:\Users\Ja\Desktop\Fv2-XsonicX-8.0(Windows 32bits-This Trainer Work on All Browsers 32 bits).EXE
  529. [2017.01.17 00:22:58 | 006,496,768 | ---- | M] () -- C:\Users\Ja\Desktop\Fv2-XsonicX-8.0(Windows 64bits-This Trainer Work on All Browsers 64bits or 32 bits).EXE
  530. [2017.03.15 17:39:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Ja\Desktop\OTL.exe
  531.  
  532. [color=#A23BEC]< %PROGRAMFILES%\Common Files\*.* >[/color]
  533.  
  534. [color=#A23BEC]< %systemroot%\*.src >[/color]
  535.  
  536. [color=#A23BEC]< %systemroot%\install\*.* >[/color]
  537.  
  538. [color=#A23BEC]< %systemroot%\system32\DLL\*.* >[/color]
  539.  
  540. [color=#A23BEC]< %systemroot%\system32\HelpFiles\*.* >[/color]
  541.  
  542. [color=#A23BEC]< %systemroot%\system32\rundll\*.* >[/color]
  543.  
  544. [color=#A23BEC]< %systemroot%\winn32\*.* >[/color]
  545.  
  546. [color=#A23BEC]< %systemroot%\Java\*.* >[/color]
  547.  
  548. [color=#A23BEC]< %systemroot%\system32\test\*.* >[/color]
  549.  
  550. [color=#A23BEC]< %systemroot%\system32\Rundll32\*.* >[/color]
  551.  
  552. [color=#A23BEC]< %systemroot%\AppPatch\Custom\*.* >[/color]
  553.  
  554. [color=#A23BEC]< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >[/color]
  555.  
  556. [color=#A23BEC]< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >[/color]
  557.  
  558. [color=#A23BEC]< %PROGRAMFILES%\Internet Explorer\*.tmp >[/color]
  559.  
  560. [color=#A23BEC]< %PROGRAMFILES%\Internet Explorer\*.dat >[/color]
  561.  
  562. [color=#A23BEC]< %USERPROFILE%\My Documents\*.exe >[/color]
  563.  
  564. [color=#A23BEC]< %USERPROFILE%\*.exe >[/color]
  565.  
  566. [color=#A23BEC]< %systemroot%\ADDINS\*.* >[/color]
  567. [2013.06.18 13:21:58 | 000,000,802 | ---- | M] () -- C:\Windows\ADDINS\FXSEXT.ecf
  568.  
  569. [color=#A23BEC]< %systemroot%\assembly\*.bak2 >[/color]
  570.  
  571. [color=#A23BEC]< %systemroot%\Config\*.* >[/color]
  572.  
  573. [color=#A23BEC]< %systemroot%\REPAIR\*.bak2 >[/color]
  574.  
  575. [color=#A23BEC]< %systemroot%\SECURITY\Database\*.sdb /x >[/color]
  576.  
  577. [color=#A23BEC]< %systemroot%\SYSTEM\*.bak2 >[/color]
  578.  
  579. [color=#A23BEC]< %systemroot%\Web\*.bak2 >[/color]
  580.  
  581. [color=#A23BEC]< %systemroot%\Driver Cache\*.* >[/color]
  582.  
  583. [color=#A23BEC]< %PROGRAMFILES%\Mozilla Firefox\0*.exe >[/color]
  584.  
  585. [color=#A23BEC]< %ProgramFiles%\Microsoft Common\*.* >[/color]
  586.  
  587. [color=#A23BEC]< %ProgramFiles%\TinyProxy. >[/color]
  588.  
  589. [color=#A23BEC]< %USERPROFILE%\Favorites\*.url /x >[/color]
  590. [2016.12.29 11:44:21 | 000,000,402 | -HS- | M] () -- C:\Users\Ja\Favorites\desktop.ini
  591.  
  592. [color=#A23BEC]< %systemroot%\System32\Wbem\*.exe >[/color]
  593. [2014.11.21 09:14:12 | 000,020,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\mofcomp.exe
  594. [2014.11.21 09:14:13 | 000,079,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\WinMgmt.exe
  595. [2014.11.21 09:14:12 | 000,130,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\WMIADAP.exe
  596. [2014.11.21 09:14:12 | 000,404,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\WMIC.exe
  597. [2014.11.21 09:14:12 | 000,418,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\WmiPrvSE.exe
  598.  
  599. [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color]
  600.  
  601. [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color]
  602.  
  603. [color=#E56717]========== Alternate Data Streams ==========[/color]
  604.  
  605. @Alternate Data Stream - 237 bytes -> C:\Users\Ja\OneDrive:ms-properties
  606. @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:4ABA35EE
  607.  
  608. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!