API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jun 18th, 2015
405
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 49.02 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 18.6.2015 9:09:49 - Run 1
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\NIKOLA 67\Desktop
  3. Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
  4. Internet Explorer (Version = 8.0.6001.18702)
  5. Locale: 0000041A | Country: Croatia | Language: HRV | Date Format: d.M.yyyy
  6.  
  7. 1,95 Gb Total Physical Memory | 1,13 Gb Available Physical Memory | 57,80% Memory free
  8. 3,80 Gb Paging File | 3,10 Gb Available in Paging File | 81,47% Paging File free
  9. Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
  12. Drive C: | 67,69 Gb Total Space | 39,76 Gb Free Space | 58,74% Space Free | Partition Type: NTFS
  13. Drive D: | 327,67 Gb Total Space | 116,35 Gb Free Space | 35,51% Space Free | Partition Type: NTFS
  14. Drive E: | 70,40 Gb Total Space | 32,99 Gb Free Space | 46,87% Space Free | Partition Type: NTFS
  15. Drive G: | 7,78 Mb Total Space | 7,48 Mb Free Space | 96,18% Space Free | Partition Type: FAT
  16. Drive H: | 43,81 Gb Total Space | 15,92 Gb Free Space | 36,33% Space Free | Partition Type: NTFS
  17. Drive I: | 382,78 Gb Total Space | 158,06 Gb Free Space | 41,29% Space Free | Partition Type: NTFS
  18. Drive J: | 39,16 Gb Total Space | 21,24 Gb Free Space | 54,25% Space Free | Partition Type: NTFS
  19.  
  20. Computer Name: NIKOLA1967 | User Name: NIKOLA 67 | Logged in as Administrator.
  21. Boot Mode: Normal | Scan Mode: Current user | Quick Scan
  22. Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
  23.  
  24. [color=#E56717]========== Processes (SafeList) ==========[/color]
  25.  
  26. PRC - File not found --
  27. PRC - [2015.06.18 08:18:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\NIKOLA 67\Desktop\OTL.exe
  28. PRC - [2015.05.11 19:12:04 | 005,515,496 | ---- | M] (Avast Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\avastui.exe
  29. PRC - [2015.04.23 16:27:41 | 000,343,336 | ---- | M] (Avast Software s.r.o.) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
  30. PRC - [2015.04.23 11:13:44 | 004,383,008 | ---- | M] (IObit) -- C:\Program Files\IObit\Smart Defrag 4\SmartDefrag.exe
  31. PRC - [2015.04.14 09:36:30 | 001,080,120 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
  32. PRC - [2015.04.14 09:36:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
  33. PRC - [2015.04.14 09:36:20 | 006,212,920 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
  34. PRC - [2015.02.16 10:04:51 | 000,145,504 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\system32\bgsvcgen.exe
  35. PRC - [2014.11.13 15:51:33 | 000,088,688 | ---- | M] (VIA Technologies, Inc.) -- C:\WINDOWS\system32\KaraokeSer.exe
  36. PRC - [2014.11.12 18:33:49 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
  37. PRC - [2014.11.04 14:19:48 | 000,815,392 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe
  38. PRC - [2014.05.19 13:25:56 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) -- C:\WINDOWS\system32\NLSSRV32.EXE
  39. PRC - [2013.11.27 13:26:14 | 003,105,144 | ---- | M] (WIBU-SYSTEMS AG) -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
  40. PRC - [2013.04.03 18:05:10 | 000,920,576 | ---- | M] () -- C:\Program Files\WGA Remover\wgaremover.exe
  41. PRC - [2011.12.22 20:11:20 | 000,818,952 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
  42. PRC - [2010.03.10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
  43. PRC - [2006.06.29 18:34:20 | 000,049,152 | ---- | M] (Alpha Networks Inc.) -- C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
  44.  
  45.  
  46. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  47.  
  48. MOD - [2015.06.17 22:53:27 | 002,952,704 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\15061702\algo.dll
  49. MOD - [2015.04.23 16:27:44 | 040,540,672 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
  50. MOD - [2015.04.23 16:27:42 | 000,104,400 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\log.dll
  51. MOD - [2015.04.23 16:27:41 | 000,081,728 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
  52. MOD - [2015.02.15 23:39:13 | 011,817,472 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\e143370f0583abe015d8e3d2d536185e\System.Web.ni.dll
  53. MOD - [2015.02.15 23:39:05 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\96b7a0136e9e72e8f4eb0230c20766d2\System.Configuration.ni.dll
  54. MOD - [2015.02.15 23:39:01 | 005,450,752 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\fe025743210c22bea2f009e1612c38bf\System.Xml.ni.dll
  55. MOD - [2015.02.15 23:39:01 | 000,025,600 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\cbee94ec6a0fe649e3b4643cea6e1259\Accessibility.ni.dll
  56. MOD - [2015.02.15 23:38:56 | 012,433,920 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ba12e418b906593b7c9c18f971f36bf9\System.Windows.Forms.ni.dll
  57. MOD - [2015.02.15 23:38:51 | 001,593,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7782f356a838c403b4a8e9c80df5a577\System.Drawing.ni.dll
  58. MOD - [2015.02.15 23:38:42 | 007,977,984 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\aeac298c43c77d8860db8e7634d9f2eb\System.ni.dll
  59. MOD - [2015.02.15 23:38:39 | 011,492,352 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\eab2340ead8e1a84bdf1a87868659979\mscorlib.ni.dll
  60. MOD - [2015.02.15 23:38:20 | 000,303,104 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
  61. MOD - [2013.10.25 13:08:02 | 000,517,408 | ---- | M] () -- C:\Program Files\IObit\Advanced SystemCare 8\sqlite3.dll
  62. MOD - [2013.04.03 18:05:10 | 000,920,576 | ---- | M] () -- C:\Program Files\WGA Remover\wgaremover.exe
  63. MOD - [2013.01.15 18:47:56 | 000,893,248 | ---- | M] () -- C:\Program Files\IObit\Smart Defrag 4\webres.dll
  64. MOD - [2011.10.25 21:50:50 | 000,270,336 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
  65. MOD - [2010.07.04 23:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
  66. MOD - [2010.03.16 12:22:12 | 000,014,848 | ---- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AxInterop.WBOCXLib.dll
  67.  
  68.  
  69. [color=#E56717]========== Services (SafeList) ==========[/color]
  70.  
  71. SRV - File not found [Auto | Running] -- -- (NitroUpdateService)
  72. SRV - File not found [Auto | Running] -- -- (NitroDriverReadSpool9)
  73. SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
  74. SRV - [2015.06.17 15:16:12 | 000,148,080 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
  75. SRV - [2015.04.23 16:27:41 | 000,343,336 | ---- | M] (Avast Software s.r.o.) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
  76. SRV - [2015.04.14 09:36:30 | 001,080,120 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
  77. SRV - [2015.04.14 09:36:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
  78. SRV - [2015.02.16 10:04:51 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\WINDOWS\system32\bgsvcgen.exe -- (bgsvcgen)
  79. SRV - [2015.01.16 17:14:48 | 002,724,128 | ---- | M] (IObit) [Auto | Stopped] -- C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
  80. SRV - [2014.11.13 15:51:33 | 000,088,688 | ---- | M] (VIA Technologies, Inc.) [Auto | Running] -- C:\WINDOWS\system32\KaraokeSer.exe -- (KaraokeService)
  81. SRV - [2014.11.04 14:19:48 | 000,815,392 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 8\ASCService.exe -- (AdvancedSystemCareService8)
  82. SRV - [2014.05.19 13:25:56 | 000,069,640 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\WINDOWS\system32\NLSSRV32.EXE -- (nlsX86cc)
  83. SRV - [2014.04.03 21:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
  84. SRV - [2013.11.27 13:26:14 | 003,105,144 | ---- | M] (WIBU-SYSTEMS AG) [Auto | Running] -- C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe -- (CodeMeter.exe)
  85. SRV - [2013.04.18 12:06:42 | 000,737,616 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
  86. SRV - [2013.03.01 03:48:58 | 000,118,520 | ---- | M] (Riverbed Technology, Inc.) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
  87. SRV - [2011.12.22 20:11:20 | 000,818,952 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Corporate.11.0)
  88. SRV - [2010.03.10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
  89. SRV - [2010.02.19 14:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
  90. SRV - [2006.07.03 16:22:58 | 000,049,152 | ---- | M] (Alpha Networks Inc.) [Auto | Stopped] -- C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe -- (ANIWZCSdService)
  91.  
  92.  
  93. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  94.  
  95. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
  96. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
  97. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
  98. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
  99. DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
  100. DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
  101. DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
  102. DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
  103. DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
  104. DRV - [2015.06.18 08:04:47 | 000,119,512 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
  105. DRV - [2015.04.23 16:27:45 | 000,427,992 | ---- | M] (Avast Software s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
  106. DRV - [2015.04.23 16:27:45 | 000,209,048 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
  107. DRV - [2015.04.23 16:27:45 | 000,074,976 | ---- | M] (Avast Software s.r.o.) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
  108. DRV - [2015.04.23 16:27:45 | 000,057,888 | ---- | M] (Avast Software s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
  109. DRV - [2015.04.23 16:27:45 | 000,055,200 | ---- | M] (Avast Software s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
  110. DRV - [2015.04.23 16:27:45 | 000,049,904 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
  111. DRV - [2015.04.23 16:27:45 | 000,024,144 | ---- | M] () [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\aswHwid.sys -- (aswHwid)
  112. DRV - [2015.04.23 16:27:37 | 000,787,760 | ---- | M] (Avast Software s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
  113. DRV - [2015.04.14 09:37:42 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
  114. DRV - [2015.02.16 10:04:51 | 000,013,567 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\CDRBSDRV.SYS -- (cdrbsdrv)
  115. DRV - [2014.11.13 15:51:33 | 002,820,608 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\viahduaa.sys -- (VIAHdAudAddService)
  116. DRV - [2014.11.12 18:39:44 | 000,014,184 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mvxxmm.sys -- (mvxxmm)
  117. DRV - [2014.11.12 18:39:44 | 000,014,184 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mv61xxmm.sys -- (mv61xxmm)
  118. DRV - [2014.11.12 18:39:44 | 000,005,632 | ---- | M] (Marvell Semiconductor Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\mv64xxmm.sys -- (mv64xxmm)
  119. DRV - [2014.06.19 15:34:12 | 000,016,744 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\pwdrvio.sys -- (pwdrvio)
  120. DRV - [2014.06.19 15:34:10 | 000,012,656 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\pwdspio.sys -- (pwdspio)
  121. DRV - [2014.06.04 15:17:28 | 000,015,808 | ---- | M] (IObit) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SmartDefragDriver.sys -- (SmartDefragDriver)
  122. DRV - [2014.04.09 22:00:50 | 000,026,032 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice)
  123. DRV - [2013.11.20 19:18:12 | 000,415,832 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtenicxp.sys -- (RTLE8023xp)
  124. DRV - [2013.03.01 03:48:42 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\npf.sys -- (NPF)
  125. DRV - [2013.01.23 11:31:50 | 000,023,168 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
  126. DRV - [2013.01.23 11:31:50 | 000,018,560 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
  127. DRV - [2013.01.23 11:31:50 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
  128. DRV - [2013.01.23 11:31:50 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
  129. DRV - [2012.12.09 11:51:24 | 000,113,168 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\scdemu.sys -- (SCDEmu)
  130. DRV - [2012.10.17 15:53:46 | 000,019,072 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
  131. DRV - [2011.10.26 12:01:40 | 007,412,736 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ati2mtag.sys -- (ati2mtag)
  132. DRV - [2011.08.09 05:58:38 | 000,100,368 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AtihdXP3.sys -- (AtiHDAudioService)
  133. DRV - [2010.07.15 09:44:20 | 000,013,192 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\epmntdrv.sys -- (epmntdrv)
  134. DRV - [2010.07.15 09:44:20 | 000,008,456 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\EuGdiDrv.sys -- (EuGdiDrv)
  135. DRV - [2010.07.04 21:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
  136. DRV - [2009.12.30 11:20:56 | 000,027,064 | ---- | M] (VS Revo Group) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\revoflt.sys -- (Revoflt)
  137. DRV - [2009.07.13 16:51:12 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\winusb.sys -- (WinUSB)
  138. DRV - [2005.12.11 12:55:38 | 000,028,195 | ---- | M] (Alpha Networks Inc.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\ANIO.sys -- (ANIO)
  139. DRV - [2005.11.03 21:39:02 | 000,245,504 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\Dr71WU.sys -- (RT73)
  140.  
  141.  
  142. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  143.  
  144.  
  145. [color=#E56717]========== Internet Explorer ==========[/color]
  146.  
  147. IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  148. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  149.  
  150. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?ocid=iehp
  151. IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  152. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
  153. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  154.  
  155. [color=#E56717]========== FireFox ==========[/color]
  156.  
  157. FF - prefs.js..browser.search.countryCode: "HR"
  158. FF - prefs.js..browser.search.hiddenOneOffs: "Amazon.co.uk,Bing,DuckDuckGo,EUdict Eng->Cro,Twitter,Wikipedija (hr)"
  159. FF - prefs.js..browser.search.highlightCount: 4
  160. FF - prefs.js..browser.search.isUS: false
  161. FF - prefs.js..browser.search.region: "HR"
  162. FF - prefs.js..browser.startup.homepage: "https://www.google.hr/"
  163. FF - prefs.js..extensions.enabledAddons: support%40lastpass.com:3.1.1.1-signed
  164. FF - prefs.js..extensions.enabledAddons: YoutubeDownloader%40PeterOlayev.com:2.4.0.1-signed
  165. FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:38.0.5
  166. FF - user.js - File not found
  167.  
  168. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_16_0_0_305.dll ()
  169. FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
  170. FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
  171. FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
  172. FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files\Canon\Easy-WebPrint EX\npnitromozilla.dll File not found
  173. FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
  174. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
  175. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll (Google Inc.)
  176.  
  177. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015.04.23 16:27:46 | 000,000,000 | ---D | M]
  178. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 38.0.5\extensions\\Components: C:\Program Files\Mozilla Firefox\components
  179. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 38.0.5\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
  180. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 31.5.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components
  181. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 31.5.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
  182.  
  183. [2015.02.16 09:21:06 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\NIKOLA 67\Application Data\Mozilla\Extensions
  184. [2015.06.17 11:15:38 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\NIKOLA 67\Application Data\Mozilla\Firefox\Profiles\96ct17ee.default\extensions
  185. [2015.06.03 14:56:20 | 000,000,000 | ---D | M] (Simple Youtube and Video Converter) -- C:\Documents and Settings\NIKOLA 67\Application Data\Mozilla\Firefox\Profiles\96ct17ee.default\extensions\jid0-SQnwtgW1b8BsMB5PLV5WScEDWOjw@jetpack
  186. [2015.06.17 11:10:59 | 000,000,000 | ---D | M] (LastPass) -- C:\Documents and Settings\NIKOLA 67\Application Data\Mozilla\Firefox\Profiles\96ct17ee.default\extensions\support@lastpass.com
  187. [2015.06.03 14:56:22 | 000,470,459 | ---- | M] () (No name found) -- C:\Documents and Settings\NIKOLA 67\Application Data\Mozilla\Firefox\Profiles\96ct17ee.default\extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi
  188. [2015.06.17 11:15:38 | 000,015,204 | ---- | M] () (No name found) -- C:\Documents and Settings\NIKOLA 67\Application Data\Mozilla\Firefox\Profiles\96ct17ee.default\extensions\jid1-hDf2iQXGiUjzGQ@jetpack.xpi
  189. [2015.06.17 11:10:59 | 000,085,480 | ---- | M] () (No name found) -- C:\Documents and Settings\NIKOLA 67\Application Data\Mozilla\Firefox\Profiles\96ct17ee.default\extensions\YoutubeDownloader@PeterOlayev.com.xpi
  190. [2015.06.03 14:56:17 | 000,026,366 | ---- | M] () (No name found) -- C:\Documents and Settings\NIKOLA 67\Application Data\Mozilla\Firefox\Profiles\96ct17ee.default\extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi
  191. [2015.06.03 14:56:21 | 000,589,166 | ---- | M] () (No name found) -- C:\Documents and Settings\NIKOLA 67\Application Data\Mozilla\Firefox\Profiles\96ct17ee.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
  192. [2015.06.03 14:56:29 | 000,946,636 | ---- | M] () (No name found) -- C:\Documents and Settings\NIKOLA 67\Application Data\Mozilla\Firefox\Profiles\96ct17ee.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
  193. [2015.06.17 15:16:04 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
  194. [2015.06.17 15:16:14 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
  195.  
  196. [color=#E56717]========== Chrome ==========[/color]
  197.  
  198. CHR - Extension: No name found = C:\Documents and Settings\NIKOLA 67\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
  199. CHR - Extension: No name found = C:\Documents and Settings\NIKOLA 67\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
  200. CHR - Extension: No name found = C:\Documents and Settings\NIKOLA 67\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
  201. CHR - Extension: No name found = C:\Documents and Settings\NIKOLA 67\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
  202. CHR - Extension: No name found = C:\Documents and Settings\NIKOLA 67\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.30_0\
  203. CHR - Extension: No name found = C:\Documents and Settings\NIKOLA 67\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
  204. CHR - Extension: No name found = C:\Documents and Settings\NIKOLA 67\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.35_0\
  205. CHR - Extension: No name found = C:\Documents and Settings\NIKOLA 67\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\10.2.0.190_0\
  206. CHR - Extension: No name found = C:\Documents and Settings\NIKOLA 67\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\3.2.11_0\
  207. CHR - Extension: No name found = C:\Documents and Settings\NIKOLA 67\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jcgdnkapcadpkfhpeljgdnoebcppgean\1_0\
  208. CHR - Extension: No name found = C:\Documents and Settings\NIKOLA 67\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.1.1.0_0\
  209. CHR - Extension: No name found = C:\Documents and Settings\NIKOLA 67\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch\3.1_0\
  210. CHR - Extension: No name found = C:\Documents and Settings\NIKOLA 67\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
  211.  
  212. O1 HOSTS File: ([2015.04.01 19:02:29 | 000,000,812 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
  213. O1 - Hosts: 127.0.0.1 activation.cloud.techsmith.com
  214. O1 - Hosts: 127.0.0.1 localhost
  215. O1 - Hosts: 127.0.0.1 mpa.one.microsoft.com
  216. O2 - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
  217. O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (Avast Software s.r.o.)
  218. O3 - HKLM\..\Toolbar: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
  219. O3 - HKCU\..\Toolbar\ShellBrowser: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files\IObit\IObit Uninstaller\UninstallExplorer32.dll (IObit)
  220. O4 - HKLM..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe (Alpha Networks Inc.)
  221. O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o.)
  222. O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
  223. O4 - HKLM..\Run: [WGA Remover] C:\Program Files\WGA Remover\wgaremover.exe ()
  224. O4 - HKCU..\Run: [] File not found
  225. O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
  226. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
  227. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
  228. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
  229. O13 - gopher Prefix: missing
  230. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
  231. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9E648E16-E334-4E65-99F9-68CC1737C9B2}: DhcpNameServer = 192.168.1.254
  232. O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
  233. O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
  234. O20 - Winlogon\Notify\AtiExtEvent: DllName - (Ati2evxx.dll) - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.)
  235. O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
  236. O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
  237. O32 - HKLM CDRom: AutoRun - 1
  238. O32 - AutoRun File - [2015.02.15 23:02:53 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
  239. O34 - HKLM BootExecute: (autocheck autochk *)
  240. O35 - HKLM\..comfile [open] -- "%1" %*
  241. O35 - HKLM\..exefile [open] -- "%1" %*
  242. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  243. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  244. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  245. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
  246.  
  247. NetSvcs: 6to4 - File not found
  248. NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
  249. NetSvcs: Ias - File not found
  250. NetSvcs: Iprip - File not found
  251. NetSvcs: Irmon - File not found
  252. NetSvcs: NWCWorkstation - File not found
  253. NetSvcs: Nwsapagent - File not found
  254. NetSvcs: WmdmPmSp - File not found
  255.  
  256. CREATERESTOREPOINT
  257. Restore point Set: OTL Restore Point
  258.  
  259. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  260.  
  261. [2020.02.16 20:38:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\NewBlue
  262. [2015.06.18 08:18:49 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\NIKOLA 67\Desktop\OTL.exe
  263. [2015.06.18 07:55:18 | 000,000,000 | ---D | C] -- C:\AdwCleaner
  264. [2015.06.17 23:33:54 | 004,197,016 | ---- | C] (Kaspersky Lab ZAO) -- C:\Documents and Settings\NIKOLA 67\Desktop\tdsskiller.exe
  265. [2015.06.17 20:02:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Nitro
  266. [2015.06.17 20:02:39 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\NIKOLA 67\Recent
  267. [2015.06.17 20:02:25 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Revo Uninstaller Pro
  268. [2015.06.17 20:02:22 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
  269. [2015.06.17 15:16:04 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
  270. [2015.06.03 14:37:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NIKOLA 67\Application Data\Nitro
  271. [2015.06.03 14:36:17 | 000,027,144 | ---- | C] (Nitro PDF Software) -- C:\WINDOWS\System32\nitrolocalmon9.dll
  272. [2015.06.03 14:36:17 | 000,018,440 | ---- | C] (Nitro PDF Software) -- C:\WINDOWS\System32\nitrolocalui9.dll
  273. [2015.06.03 14:36:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Nitro
  274. [2015.06.03 14:35:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NIKOLA 67\Application Data\Downloaded Installations
  275. [2015.05.23 10:36:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NIKOLA 67\My Documents\NeroVision
  276. [2015.05.21 09:41:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NIKOLA 67\Local Settings\Application Data\CurrentCode
  277. [2015.05.21 09:41:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NIKOLA 67\Local Settings\Application Data\Barcode Generator
  278. [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
  279.  
  280. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  281.  
  282. [2015.06.18 10:13:14 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
  283. [2015.06.18 08:18:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\NIKOLA 67\Desktop\OTL.exe
  284. [2015.06.18 08:08:26 | 000,505,302 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
  285. [2015.06.18 08:08:26 | 000,088,940 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
  286. [2015.06.18 08:04:47 | 000,119,512 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
  287. [2015.06.18 08:04:35 | 000,000,007 | ---- | M] () -- C:\WINDOWS\System32\ANIWZCSUSERNAME
  288. [2015.06.18 08:04:00 | 000,000,364 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
  289. [2015.06.18 08:03:50 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag4_Update.job
  290. [2015.06.18 08:03:47 | 000,000,000 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\cm-lock
  291. [2015.06.18 08:03:44 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
  292. [2015.06.18 08:03:42 | 000,000,288 | ---- | M] () -- C:\WINDOWS\tasks\SmartDefrag4_Startup.job
  293. [2015.06.18 08:03:33 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
  294. [2015.06.18 07:54:29 | 002,231,296 | ---- | M] () -- C:\Documents and Settings\NIKOLA 67\Desktop\AdwCleaner.exe
  295. [2015.06.18 01:40:30 | 000,001,845 | ---- | M] () -- C:\Documents and Settings\NIKOLA 67\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced SystemCare 8.lnk
  296. [2015.06.17 23:33:57 | 004,197,016 | ---- | M] (Kaspersky Lab ZAO) -- C:\Documents and Settings\NIKOLA 67\Desktop\tdsskiller.exe
  297. [2015.06.17 09:32:43 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
  298. [2015.06.09 18:01:19 | 000,002,383 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FotoSlate 4.lnk
  299. [2015.06.09 16:55:19 | 000,327,423 | ---- | M] () -- C:\Documents and Settings\NIKOLA 67\Desktop\šalica.png
  300. [2015.06.09 16:55:18 | 000,000,132 | ---- | M] () -- C:\Documents and Settings\NIKOLA 67\Application Data\Adobe PNG Format CS5 Prefs
  301. [2015.06.09 16:51:23 | 000,270,724 | ---- | M] () -- C:\Documents and Settings\NIKOLA 67\Desktop\šalica.jpg
  302. [2015.06.05 08:53:13 | 000,054,460 | ---- | M] () -- C:\Documents and Settings\NIKOLA 67\Desktop\majmun.png
  303. [2015.06.05 08:49:38 | 000,054,400 | ---- | M] () -- C:\Documents and Settings\NIKOLA 67\Desktop\majmun.jpg
  304. [2015.06.03 15:14:58 | 157,253,632 | ---- | M] () -- C:\Documents and Settings\NIKOLA 67\Desktop\Štikovo.mpg
  305. [2015.06.02 06:36:51 | 014,506,093 | ---- | M] () -- C:\Documents and Settings\NIKOLA 67\Desktop\Vrlika2.png
  306. [2015.06.02 06:36:51 | 000,001,456 | ---- | M] () -- C:\Documents and Settings\NIKOLA 67\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
  307. [2015.06.02 06:34:15 | 000,765,988 | ---- | M] () -- C:\Documents and Settings\NIKOLA 67\Desktop\Vrlika1.png
  308. [2015.05.23 10:38:42 | 000,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
  309. [2015.05.21 19:07:56 | 000,055,553 | ---- | M] () -- C:\Documents and Settings\NIKOLA 67\Desktop\Sv Spas 100.jpg
  310. [2015.05.21 18:49:36 | 000,002,535 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\CorelDRAW X5.lnk
  311. [1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
  312.  
  313. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  314.  
  315. [2015.06.18 08:03:47 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\cm-lock
  316. [2015.06.18 07:54:28 | 002,231,296 | ---- | C] () -- C:\Documents and Settings\NIKOLA 67\Desktop\AdwCleaner.exe
  317. [2015.06.09 16:55:16 | 000,327,423 | ---- | C] () -- C:\Documents and Settings\NIKOLA 67\Desktop\šalica.png
  318. [2015.06.09 16:51:22 | 000,270,724 | ---- | C] () -- C:\Documents and Settings\NIKOLA 67\Desktop\šalica.jpg
  319. [2015.06.05 08:53:10 | 000,054,460 | ---- | C] () -- C:\Documents and Settings\NIKOLA 67\Desktop\majmun.png
  320. [2015.06.05 08:49:37 | 000,054,400 | ---- | C] () -- C:\Documents and Settings\NIKOLA 67\Desktop\majmun.jpg
  321. [2015.06.03 15:13:41 | 157,253,632 | ---- | C] () -- C:\Documents and Settings\NIKOLA 67\Desktop\Štikovo.mpg
  322. [2015.06.03 14:36:13 | 000,001,777 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Nitro Pro 9.lnk
  323. [2015.06.02 06:35:52 | 014,506,093 | ---- | C] () -- C:\Documents and Settings\NIKOLA 67\Desktop\Vrlika2.png
  324. [2015.06.02 06:34:10 | 000,765,988 | ---- | C] () -- C:\Documents and Settings\NIKOLA 67\Desktop\Vrlika1.png
  325. [2015.05.21 19:41:27 | 000,055,553 | ---- | C] () -- C:\Documents and Settings\NIKOLA 67\Desktop\Sv Spas 100.jpg
  326. [2015.04.02 17:08:44 | 000,000,737 | ---- | C] () -- C:\WINDOWS\XMLEditor4.INI
  327. [2015.04.01 09:13:27 | 001,580,126 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-790525478-1677128483-682003330-1003-0.dat
  328. [2015.04.01 09:13:26 | 000,392,558 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
  329. [2015.03.28 22:00:20 | 000,004,608 | ---- | C] () -- C:\Documents and Settings\NIKOLA 67\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
  330. [2015.03.25 19:58:34 | 000,010,292 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\regid.2011-06.com.youtubebyclick_3C521B99-9ACE-47EA-AC9F-26075467D03B.swidtag
  331. [2015.03.25 16:31:05 | 000,001,456 | ---- | C] () -- C:\Documents and Settings\NIKOLA 67\Local Settings\Application Data\Adobe Save for Web 12.0 Prefs
  332. [2015.03.13 18:37:22 | 000,000,218 | ---- | C] () -- C:\Documents and Settings\NIKOLA 67\Local Settings\Application Data\recently-used.xbel
  333. [2015.02.27 12:31:20 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\NIKOLA 67\Application Data\Adobe GIF Format CS5 Prefs
  334. [2015.02.26 16:53:15 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\mp4norm.dll
  335. [2015.02.18 18:58:51 | 000,209,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
  336. [2015.02.18 18:58:50 | 000,049,904 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
  337. [2015.02.18 18:58:50 | 000,024,144 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswHwid.sys
  338. [2015.02.18 18:51:15 | 000,000,207 | ---- | C] () -- C:\Documents and Settings\NIKOLA 67\.swfinfo
  339. [2015.02.18 01:02:33 | 002,894,848 | ---- | C] () -- C:\WINDOWS\System32\pwNative.exe
  340. [2015.02.18 01:02:23 | 000,016,744 | ---- | C] () -- C:\WINDOWS\System32\pwdrvio.sys
  341. [2015.02.18 01:02:22 | 000,012,656 | ---- | C] () -- C:\WINDOWS\System32\pwdspio.sys
  342. [2015.02.18 00:47:29 | 000,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
  343. [2015.02.18 00:27:05 | 000,000,014 | ---- | C] () -- C:\WINDOWS\System32\systeminfo.dll
  344. [2015.02.17 09:47:03 | 000,000,132 | ---- | C] () -- C:\Documents and Settings\NIKOLA 67\Application Data\Adobe PNG Format CS5 Prefs
  345. [2015.02.17 09:21:39 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
  346. [2015.02.16 08:35:02 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\JJAKEn.dll
  347. [2015.02.16 08:34:50 | 000,008,192 | R--- | C] () -- C:\WINDOWS\System32\drivers\rt2661.bin
  348. [2015.02.16 08:34:50 | 000,008,192 | R--- | C] () -- C:\WINDOWS\System32\drivers\rt2561s.bin
  349. [2015.02.16 08:34:50 | 000,008,192 | R--- | C] () -- C:\WINDOWS\System32\drivers\rt2561.bin
  350. [2015.02.16 08:34:48 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\rt73.bin
  351. [2015.02.16 02:22:09 | 000,000,058 | ---- | C] () -- C:\WINDOWS\System32\DonationCoder_ScreenshotCaptor_InstallInfo.dat
  352. [2015.02.16 02:22:09 | 000,000,058 | ---- | C] () -- C:\Documents and Settings\NIKOLA 67\Local Settings\Application Data\DonationCoder_ScreenshotCaptor_InstallInfo.dat
  353. [2015.02.16 02:04:58 | 000,363,520 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll
  354. [2015.02.16 01:52:15 | 000,218,200 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
  355. [2015.02.16 01:50:31 | 000,088,064 | ---- | C] () -- C:\WINDOWS\PreConvertPro.dll
  356. [2015.02.16 01:33:42 | 000,001,769 | ---- | C] () -- C:\WINDOWS\Language_trs.ini
  357. [2015.02.15 23:52:43 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
  358. [2015.02.15 23:51:36 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
  359. [2015.02.15 23:51:30 | 000,887,724 | ---- | C] () -- C:\WINDOWS\System32\ativva6x.dat
  360. [2015.02.15 23:51:29 | 000,242,430 | ---- | C] () -- C:\WINDOWS\System32\atiicdxx.dat
  361. [2015.02.15 23:51:29 | 000,000,003 | ---- | C] () -- C:\WINDOWS\System32\ativva5x.dat
  362. [2015.02.15 23:51:18 | 003,601,344 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
  363. [2015.02.15 23:39:49 | 000,807,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
  364. [2015.02.15 23:30:14 | 002,336,384 | ---- | C] () -- C:\WINDOWS\System32\BootMan.exe
  365. [2015.02.15 23:30:14 | 000,086,408 | ---- | C] () -- C:\WINDOWS\System32\setupempdrv03.exe
  366. [2015.02.15 23:30:14 | 000,014,848 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll
  367. [2015.02.15 23:30:14 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys
  368. [2015.02.15 23:30:14 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys
  369. [2015.02.15 23:04:45 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
  370. [2015.02.15 22:59:57 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
  371. [2014.11.12 18:35:02 | 000,210,944 | ---- | C] () -- C:\WINDOWS\System32\msvcrt10.dll
  372. [2014.11.12 18:34:53 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
  373. [2014.11.12 18:34:52 | 000,006,144 | ---- | C] () -- C:\WINDOWS\System32\FontReg.exe
  374.  
  375. [color=#E56717]========== ZeroAccess Check ==========[/color]
  376.  
  377. [2015.02.15 23:38:15 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
  378.  
  379. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  380.  
  381. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  382.  
  383. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  384. "" = %SystemRoot%\system32\shdocvw.dll -- [2014.11.12 18:34:19 | 001,510,400 | ---- | M] (Microsoft Corporation)
  385. "ThreadingModel" = Apartment
  386.  
  387. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  388. "" = C:\WINDOWS\system32\wbem\fastprox.dll -- [2014.11.12 18:33:49 | 000,473,600 | ---- | M] (Microsoft Corporation)
  389. "ThreadingModel" = Free
  390.  
  391. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  392. "" = C:\WINDOWS\system32\wbem\wbemess.dll -- [2008.04.14 11:00:00 | 000,273,920 | ---- | M] (Microsoft Corporation)
  393. "ThreadingModel" = Both
  394.  
  395. [color=#E56717]========== LOP Check ==========[/color]
  396.  
  397. [2015.02.23 00:48:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ACD Systems
  398. [2015.02.18 18:54:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
  399. [2015.02.25 22:15:18 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\CanonBJ
  400. [2015.02.16 02:22:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DonationCoder
  401. [2015.02.16 02:04:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DVD X Studios
  402. [2015.03.24 20:13:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HitmanPro
  403. [2015.02.23 19:18:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
  404. [2015.02.16 12:48:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\install_clap
  405. [2015.02.16 21:55:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterVideo
  406. [2015.02.16 19:16:13 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\IObit
  407. [2015.06.03 14:36:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nitro
  408. [2015.03.28 17:32:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Nokia
  409. [2015.03.28 17:30:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NokiaInstallerCache
  410. [2015.02.16 08:58:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Package Cache
  411. [2015.02.23 19:33:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
  412. [2015.06.17 09:34:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ProductData
  413. [2015.02.16 10:36:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1986-12.com.adobe
  414. [2015.04.01 19:07:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\regid.1995-08.com.techsmith
  415. [2015.02.16 21:57:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
  416. [2015.02.16 12:43:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Sony
  417. [2015.04.01 19:06:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TechSmith
  418. [2015.04.10 08:33:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
  419. [2015.02.21 20:43:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WebcamMax
  420. [2015.03.29 16:47:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wondershare
  421. [2015.02.16 01:41:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{BAF091CA-86C4-4627-ADA1-897E2621C1B0}
  422. [2015.02.16 01:53:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\Apowersoft
  423. [2015.03.13 17:31:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\Audacity
  424. [2015.02.18 19:01:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\AVAST Software
  425. [2015.02.16 02:29:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\CasaPortale.de
  426. [2015.02.16 02:22:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\DonationCoder
  427. [2015.06.03 14:35:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\Downloaded Installations
  428. [2015.02.25 23:29:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\FairStars CD Ripper
  429. [2015.03.02 19:14:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\GmailNotifierPro
  430. [2015.05.20 09:49:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\HandBrake
  431. [2015.03.29 16:47:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\HMYGSetting
  432. [2015.03.14 12:09:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\inkscape
  433. [2015.06.17 20:02:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\IObit
  434. [2015.02.16 10:06:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\LEAPS
  435. [2015.02.25 17:39:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\Mira6
  436. [2015.03.29 16:29:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\MOBILedit
  437. [2015.02.16 02:20:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\mojosoft
  438. [2015.02.16 22:48:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\MPC-HC
  439. [2015.06.04 17:28:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\Nitro
  440. [2015.03.29 16:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\Nokia
  441. [2015.03.29 16:29:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\Nokia Suite
  442. [2015.02.17 09:03:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\OpenOffice.org
  443. [2015.03.28 17:48:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\PC Suite
  444. [2015.02.16 10:06:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\Pegasys Inc
  445. [2015.02.15 23:34:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\PowerISO
  446. [2015.02.16 11:59:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\ProductData
  447. [2015.02.16 12:46:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\Publish Providers
  448. [2015.02.16 12:46:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\Sony
  449. [2015.02.18 00:06:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\SumatraPDF
  450. [2015.02.16 02:11:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\TagScanner
  451. [2015.04.01 19:08:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\TechSmith
  452. [2015.02.27 17:43:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\Thunderbird
  453. [2015.02.16 13:09:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\Titler 2.0
  454. [2015.06.10 11:34:44 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\Ulead Systems
  455. [2015.06.11 14:45:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\uTorrent
  456. [2015.06.08 18:19:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\ViberPC
  457. [2015.02.16 02:15:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\VS Revo Group
  458. [2015.02.21 20:42:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\WebcamMax
  459. [2015.03.06 12:17:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\WinAVI
  460. [2015.03.29 16:43:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\Wondershare
  461. [2015.04.01 09:05:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\NIKOLA 67\Application Data\YouTubeByClick
  462.  
  463. [color=#E56717]========== Purity Check ==========[/color]
  464.  
  465.  
  466.  
  467. [color=#E56717]========== Custom Scans ==========[/color]
  468.  
  469. [color=#A23BEC]< %SYSTEMDRIVE%\*.exe >[/color]
  470.  
  471. [color=#A23BEC]< MD5 for: AGP440.SYS >[/color]
  472. [2014.11.12 18:38:23 | 018,095,826 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys
  473.  
  474. [color=#A23BEC]< MD5 for: ATAPI.SYS >[/color]
  475. [2014.11.12 18:38:23 | 018,095,826 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys
  476. [2008.04.14 00:10:32 | 000,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys
  477.  
  478. [color=#A23BEC]< MD5 for: EVENTLOG.DLL >[/color]
  479. [2008.04.14 11:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\dllcache\eventlog.dll
  480. [2008.04.14 11:00:00 | 000,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll
  481.  
  482. [color=#A23BEC]< MD5 for: NETLOGON.DLL >[/color]
  483. [2014.11.12 18:34:11 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=06CF9EEDB7E827205C6948C9DAF56974 -- C:\WINDOWS\system32\dllcache\netlogon.dll
  484. [2014.11.12 18:34:11 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=06CF9EEDB7E827205C6948C9DAF56974 -- C:\WINDOWS\system32\netlogon.dll
  485.  
  486. [color=#A23BEC]< MD5 for: SCECLI.DLL >[/color]
  487. [2008.04.14 11:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\dllcache\scecli.dll
  488. [2008.04.14 11:00:00 | 000,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll
  489.  
  490. [color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
  491.  
  492. [color=#A23BEC]< %systemroot%\system32\*.dll /lockedfiles >[/color]
  493.  
  494. [color=#E56717]========== Alternate Data Streams ==========[/color]
  495.  
  496. @Alternate Data Stream - 192 bytes -> C:\WINDOWS:nlsPreferences
  497. @Alternate Data Stream - 166 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:8CE646EE
  498. @Alternate Data Stream - 15 bytes -> C:\WINDOWS\System32\mp4norm.dll:ExtraData
  499.  
  500. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!