API tools faq
paste
Advertisement
Guest User

OTL

a guest
Nov 11th, 2017
514
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 52.02 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 11/11/2017 8:10:42 PM - Run 1
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kacrut\Downloads\Programs
  3. 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
  4. Internet Explorer (Version = 8.0.7601.17514)
  5. Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
  6.  
  7. 3.45 Gb Total Physical Memory | 2.44 Gb Available Physical Memory | 70.81% Memory free
  8. 6.90 Gb Paging File | 5.87 Gb Available in Paging File | 85.12% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
  12. Drive C: | 172.60 Gb Total Space | 8.93 Gb Free Space | 5.17% Space Free | Partition Type: NTFS
  13. Drive D: | 244.14 Gb Total Space | 37.59 Gb Free Space | 15.40% Space Free | Partition Type: NTFS
  14. Drive E: | 48.73 Gb Total Space | 10.16 Gb Free Space | 20.84% Space Free | Partition Type: NTFS
  15. Drive H: | 1.84 Gb Total Space | 1.26 Gb Free Space | 68.44% Space Free | Partition Type: FAT
  16.  
  17. Computer Name: KACRUT-PC | User Name: Kacrut | Logged in as Administrator.
  18. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
  19. Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
  20.  
  21. [color=#E56717]========== Processes (SafeList) ==========[/color]
  22.  
  23. PRC - C:\Users\Kacrut\Downloads\Programs\OTL.exe (OldTimer Tools)
  24. PRC - C:\Program Files (x86)\Garena Plus\ggdllhost.exe ()
  25. PRC - C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
  26. PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
  27. PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.)
  28. PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
  29. PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUSTek Computer Inc.)
  30. PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
  31. PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
  32.  
  33.  
  34. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  35.  
  36. MOD - C:\Program Files (x86)\Garena Plus\ggspawn.dll ()
  37. MOD - C:\Program Files (x86)\Garena Plus\ggdllhost.exe ()
  38. MOD - C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll ()
  39. MOD - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF ()
  40.  
  41.  
  42. [color=#E56717]========== Services (SafeList) ==========[/color]
  43.  
  44. SRV:[b]64bit:[/b] - (igfxCUIService1.0.0.0) -- C:\Windows\SysNative\igfxCUIService.exe (Intel Corporation)
  45. SRV:[b]64bit:[/b] - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
  46. SRV:[b]64bit:[/b] - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
  47. SRV:[b]64bit:[/b] - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
  48. SRV:[b]64bit:[/b] - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
  49. SRV:[b]64bit:[/b] - (NisSrv) -- c:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
  50. SRV:[b]64bit:[/b] - (MsMpSvc) -- c:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
  51. SRV:[b]64bit:[/b] - (Service KMSELDI) -- C:\Program Files\KMSpico\Service_KMS.exe (@ByELDI)
  52. SRV:[b]64bit:[/b] - (ss_conn_service) -- C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe (DEVGURU Co., LTD.)
  53. SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
  54. SRV - (uSHAREitSvc) -- C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe (SHAREit Technologies Co.Ltd)
  55. SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
  56. SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
  57. SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
  58. SRV - (Framework) -- C:\ProgramData\WindowsSQL\System.exe ()
  59. SRV - (DirectX11b) -- C:\ProgramData\DirectX11b\System.exe ()
  60. SRV - (MinerGate) -- C:\ProgramData\Framework\System.exe ()
  61. SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
  62. SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
  63. SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
  64. SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
  65. SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
  66.  
  67.  
  68. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  69.  
  70. DRV:[b]64bit:[/b] - (gaprotect) -- C:\Windows\SysNative\drivers\gaprotect.sys ()
  71. DRV:[b]64bit:[/b] - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
  72. DRV:[b]64bit:[/b] - (RSBASTOR) -- C:\Windows\SysNative\drivers\RtsBaStor.sys (Realtek Semiconductor Corp.)
  73. DRV:[b]64bit:[/b] - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
  74. DRV:[b]64bit:[/b] - (Revoflt) -- C:\Windows\SysNative\drivers\revoflt.sys (VS Revo Group)
  75. DRV:[b]64bit:[/b] - (AsusTP) -- C:\Windows\SysNative\drivers\AsusTP.sys (ASUS Corporation)
  76. DRV:[b]64bit:[/b] - (semav6msr64) -- C:\Windows\SysNative\drivers\semav6msr64.sys ()
  77. DRV:[b]64bit:[/b] - (IDMWFP) -- C:\Windows\SysNative\drivers\idmwfp.sys (Tonec Inc.)
  78. DRV:[b]64bit:[/b] - (RZSURROUNDVADService) -- C:\Windows\SysNative\drivers\RzSurroundVAD.sys (Windows (R) Win 7 DDK provider)
  79. DRV:[b]64bit:[/b] - (rzpnk) -- C:\Windows\SysNative\drivers\rzpnk.sys (Razer, Inc.)
  80. DRV:[b]64bit:[/b] - (rzpmgrk) -- C:\Windows\SysNative\drivers\rzpmgrk.sys (Razer, Inc.)
  81. DRV:[b]64bit:[/b] - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (Disc Soft Ltd)
  82. DRV:[b]64bit:[/b] - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys (Intel Corporation)
  83. DRV:[b]64bit:[/b] - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
  84. DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
  85. DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
  86. DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
  87. DRV:[b]64bit:[/b] - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
  88. DRV:[b]64bit:[/b] - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
  89. DRV:[b]64bit:[/b] - (bcmsmbsp7) -- C:\Windows\SysNative\drivers\bcmsmbsp7.sys (Broadcom Corporation.)
  90. DRV:[b]64bit:[/b] - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
  91. DRV:[b]64bit:[/b] - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
  92. DRV:[b]64bit:[/b] - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Qualcomm Atheros Communications, Inc.)
  93. DRV:[b]64bit:[/b] - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
  94. DRV:[b]64bit:[/b] - (iaStorF) -- C:\Windows\SysNative\drivers\iaStorF.sys (Intel Corporation)
  95. DRV:[b]64bit:[/b] - (WsAudioDevice_383S(1) -- C:\Windows\SysNative\drivers\WsAudioDevice_383S(1).sys (Wondershare)
  96. DRV:[b]64bit:[/b] - (ssudserd) -- C:\Windows\SysNative\drivers\ssudserd.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
  97. DRV:[b]64bit:[/b] - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
  98. DRV:[b]64bit:[/b] - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
  99. DRV:[b]64bit:[/b] - (ndisrd) -- C:\Windows\SysNative\drivers\ndisrd.sys (NT Kernel Resources)
  100. DRV:[b]64bit:[/b] - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
  101. DRV:[b]64bit:[/b] - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
  102. DRV:[b]64bit:[/b] - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
  103. DRV:[b]64bit:[/b] - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
  104. DRV:[b]64bit:[/b] - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
  105. DRV:[b]64bit:[/b] - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
  106. DRV:[b]64bit:[/b] - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
  107. DRV:[b]64bit:[/b] - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
  108. DRV:[b]64bit:[/b] - (AsusVBus) -- C:\Windows\SysNative\drivers\AsusVBus.sys (Windows (R) Win 7 DDK provider)
  109. DRV:[b]64bit:[/b] - (AsusVTouch) -- C:\Windows\SysNative\drivers\AsusVTouch.sys (ASUS)
  110. DRV:[b]64bit:[/b] - (REN2CAP_DRIVER) -- C:\Windows\SysNative\drivers\ren2cap.sys ()
  111. DRV:[b]64bit:[/b] - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
  112. DRV:[b]64bit:[/b] - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
  113. DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
  114. DRV:[b]64bit:[/b] - (HtcUsbMdmV64) -- C:\Windows\SysNative\drivers\HtcUsbMdmV64.sys (QUALCOMM Incorporated)
  115. DRV:[b]64bit:[/b] - (MBfilt) -- C:\Windows\SysNative\drivers\mbfilt64.sys (Creative Technology Ltd.)
  116. DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
  117. DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
  118. DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
  119. DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
  120. DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
  121. DRV:[b]64bit:[/b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
  122. DRV:[b]64bit:[/b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
  123. DRV:[b]64bit:[/b] - (gwfilt64) -- C:\Windows\SysNative\drivers\gwfilt64.sys (Creative Technology Ltd.)
  124. DRV - (KernelMemory) -- C:\Windows\SysWOW64\drivers\KernelMemory.sys ()
  125. DRV - (DrvAgent64) -- C:\Windows\SysWOW64\drivers\DrvAgent64.SYS (Phoenix Technologies)
  126. DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
  127. DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
  128. DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
  129.  
  130.  
  131. [color=#E56717]========== Standard Registry (All) ==========[/color]
  132.  
  133.  
  134. [color=#E56717]========== Internet Explorer ==========[/color]
  135.  
  136. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  137. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  138. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
  139. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
  140. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  141. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
  142. IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  143. IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  144. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  145. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
  146. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  147. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
  148. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
  149. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  150. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
  151. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
  152. IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  153. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  154.  
  155. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,IE11UpgradePageShownTime = 4E 22 EA 76 81 58 D3 01 [binary data]
  156. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  157. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
  158. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/id-id/?ocid=iehp
  159. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
  160. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 60 03 4B 9F 22 5A D3 01 [binary data]
  161. IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
  162. IE - HKCU\..\SearchScopes,DefaultScope = {FFEBBF0A-C22C-4172-89FF-45215A135AC7}
  163. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
  164. IE - HKCU\..\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}: "URL" = http://go.mail.ru/distib/ep/?q={searchTerms}&fr=ntg&product_id=%7B46A696ED-7413-4722-8096-54506F0BD2DB%7D&gp=811142
  165. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  166.  
  167.  
  168. [color=#E56717]========== FireFox ==========[/color]
  169.  
  170. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_183.dll File not found
  171. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  172. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
  173. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_183.dll ()
  174. FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.121.2: C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
  175. FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.121.2: C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll (Oracle Corporation)
  176. FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  177. FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
  178. FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
  179. FF - HKLM\Software\MozillaPlugins\@t.garena.com/garenatalk: C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
  180. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
  181. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll (Google Inc.)
  182.  
  183. FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc@internetdownloadmanager.com: C:\Users\Kacrut\AppData\Roaming\IDM\idmmzcc5 [2017/11/10 18:59:26 | 000,000,000 | ---D | M]
  184. FF - HKEY_CURRENT_USER\software\mozilla\SeaMonkey\Extensions\\mozilla_cc2@internetdownloadmanager.com: C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017/01/26 17:35:54 | 000,030,383 | ---- | M] ()
  185.  
  186. [2016/08/17 20:13:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kacrut\AppData\Roaming\Mozilla\Extensions
  187.  
  188. [color=#E56717]========== Chrome ==========[/color]
  189.  
  190. CHR - Extension: No name found = C:\Users\Kacrut\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\
  191. CHR - Extension: No name found = C:\Users\Kacrut\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_0\
  192. CHR - Extension: No name found = C:\Users\Kacrut\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
  193. CHR - Extension: No name found = C:\Users\Kacrut\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
  194. CHR - Extension: No name found = C:\Users\Kacrut\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_0\
  195. CHR - Extension: No name found = C:\Users\Kacrut\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
  196. CHR - Extension: No name found = C:\Users\Kacrut\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\
  197. CHR - Extension: No name found = C:\Users\Kacrut\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojedkepkekklpjcgdfiahladdbopbooh\2.15.0_0\
  198. CHR - Extension: No name found = C:\Users\Kacrut\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
  199. CHR - Extension: No name found = C:\Users\Kacrut\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6217.911.0.3_0\
  200.  
  201. O1 - HOSTS file present but inaccessible!
  202. O2:[b]64bit:[/b] - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
  203. O2:[b]64bit:[/b] - BHO: (no name) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - No CLSID value found.
  204. O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
  205. O2 - BHO: (IDM integration (IDMIEHlprObj Class)) - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
  206. O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
  207. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll (Oracle Corporation)
  208. O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
  209. O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll (Oracle Corporation)
  210. O4:[b]64bit:[/b] - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
  211. O4:[b]64bit:[/b] - HKLM..\Run: [Dolby Tuning and Profile Creator] C:\Program Files\Dolby Tuning and Profile Creator\pcee4.exe (Dolby Laboratories Inc.)
  212. O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
  213. O4:[b]64bit:[/b] - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
  214. O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
  215. O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
  216. O4 - HKCU..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe (Tonec Inc.)
  217. O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
  218. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
  219. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
  220. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
  221. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
  222. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  223. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
  224. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1
  225. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
  226. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
  227. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
  228. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
  229. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
  230. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
  231. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
  232. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
  233. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
  234. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
  235. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
  236. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
  237. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousMachineGroupPolicy = 1
  238. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 1
  239. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
  240. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
  241. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
  242. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
  243. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
  244. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
  245. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
  246. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
  247. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
  248. O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0
  249. O8:[b]64bit:[/b] - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
  250. O8:[b]64bit:[/b] - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
  251. O8:[b]64bit:[/b] - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
  252. O8:[b]64bit:[/b] - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
  253. O8 - Extra context menu item: Download all links with IDM - C:\Program Files (x86)\Internet Download Manager\IEGetAll.htm ()
  254. O8 - Extra context menu item: Download with IDM - C:\Program Files (x86)\Internet Download Manager\IEExt.htm ()
  255. O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
  256. O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
  257. O9:[b]64bit:[/b] - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
  258. O9:[b]64bit:[/b] - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
  259. O9:[b]64bit:[/b] - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
  260. O9:[b]64bit:[/b] - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
  261. O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
  262. O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
  263. O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
  264. O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
  265. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
  266. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
  267. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
  268. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
  269. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
  270. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
  271. O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
  272. O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
  273. O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
  274. O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
  275. O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
  276. O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
  277. O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
  278. O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
  279. O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
  280. O10:[b]64bit:[/b] - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
  281. O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
  282. O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
  283. O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
  284. O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
  285. O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
  286. O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
  287. O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
  288. O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
  289. O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
  290. O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
  291. O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
  292. O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
  293. O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
  294. O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
  295. O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
  296. O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
  297. O13[b]64bit:[/b] - gopher Prefix: missing
  298. O13 - gopher Prefix: missing
  299. O15 - HKCU\..Trusted Domains: drp.su ([update] http in Local intranet)
  300. O15 - HKCU\..Trusted Domains: drp.su ([update] https in Local intranet)
  301. O15 - HKCU\..Trusted Domains: drp.su ([update-test2] http in Local intranet)
  302. O15 - HKCU\..Trusted Domains: drp.su ([update-test2] https in Local intranet)
  303. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.43.1
  304. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{99C5993E-6E16-4EA7-AE58-0441B1969DBC}: DhcpNameServer = 192.168.43.1
  305. O18:[b]64bit:[/b] - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
  306. O18:[b]64bit:[/b] - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
  307. O18:[b]64bit:[/b] - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
  308. O18:[b]64bit:[/b] - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
  309. O18:[b]64bit:[/b] - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
  310. O18:[b]64bit:[/b] - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
  311. O18:[b]64bit:[/b] - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
  312. O18:[b]64bit:[/b] - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
  313. O18:[b]64bit:[/b] - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
  314. O18:[b]64bit:[/b] - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
  315. O18:[b]64bit:[/b] - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
  316. O18:[b]64bit:[/b] - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
  317. O18:[b]64bit:[/b] - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
  318. O18:[b]64bit:[/b] - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
  319. O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
  320. O18:[b]64bit:[/b] - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
  321. O18:[b]64bit:[/b] - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
  322. O18:[b]64bit:[/b] - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
  323. O18:[b]64bit:[/b] - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
  324. O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
  325. O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
  326. O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
  327. O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
  328. O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
  329. O18 - Protocol\Handler\gopher - No CLSID value found
  330. O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
  331. O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
  332. O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
  333. O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
  334. O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
  335. O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
  336. O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
  337. O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
  338. O18 - Protocol\Handler\ms-help - No CLSID value found
  339. O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
  340. O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
  341. O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
  342. O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
  343. O18:[b]64bit:[/b] - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
  344. O18:[b]64bit:[/b] - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
  345. O18:[b]64bit:[/b] - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
  346. O18:[b]64bit:[/b] - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
  347. O18:[b]64bit:[/b] - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
  348. O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
  349. O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
  350. O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
  351. O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
  352. O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
  353. O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
  354. O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
  355. O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  356. O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
  357. O20:[b]64bit:[/b] - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
  358. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
  359. O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
  360. O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
  361. O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  362. O21:[b]64bit:[/b] - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\SysNative\WPDShServiceObj.dll (Microsoft Corporation)
  363. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  364. O28:[b]64bit:[/b] - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - No CLSID value found.
  365. O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
  366. O29:[b]64bit:[/b] - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
  367. O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
  368. O30:[b]64bit:[/b] - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
  369. O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
  370. O30:[b]64bit:[/b] - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
  371. O30:[b]64bit:[/b] - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
  372. O30:[b]64bit:[/b] - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
  373. O30:[b]64bit:[/b] - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
  374. O30:[b]64bit:[/b] - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
  375. O30:[b]64bit:[/b] - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
  376. O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
  377. O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
  378. O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
  379. O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
  380. O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
  381. O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
  382. O31 - SafeBoot: AlternateShell - cmd.exe
  383. O32 - HKLM CDRom: AutoRun - 1
  384. O32 - AutoRun File - [2014/09/11 11:55:19 | 000,000,000 | RHS- | M] () - D:\autorun.inf -- [ NTFS ]
  385. O32 - AutoRun File - [2014/09/11 11:55:52 | 000,000,000 | RHS- | M] () - E:\autorun.inf -- [ NTFS ]
  386. O33 - MountPoints2\{26e42f53-8c6a-11e7-8a37-806e6f6e6963}\Shell - "" = AutoRun
  387. O33 - MountPoints2\{26e42f53-8c6a-11e7-8a37-806e6f6e6963}\Shell\AutoRun\command - "" = F:\autorun.exe
  388. O33 - MountPoints2\{999fc43d-64c8-11e6-a503-fd9d0d6337b7}\Shell - "" = AutoRun
  389. O33 - MountPoints2\{999fc43d-64c8-11e6-a503-fd9d0d6337b7}\Shell\AutoRun\command - "" = G:\Autorun.exe
  390. O33 - MountPoints2\{be9fe306-8850-11e7-9539-08606e95def3}\Shell - "" = AutoRun
  391. O33 - MountPoints2\{be9fe306-8850-11e7-9539-08606e95def3}\Shell\AutoRun\command - "" = H:\setup.exe
  392. O33 - MountPoints2\{f6a94b1f-7f5f-11e7-9bcc-08606e95def3}\Shell - "" = AutoRun
  393. O33 - MountPoints2\{f6a94b1f-7f5f-11e7-9bcc-08606e95def3}\Shell\AutoRun\command - "" = I:\Setup.exe
  394. O33 - MountPoints2\I\Shell - "" = AutoRun
  395. O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\Setup.exe
  396. O34 - HKLM BootExecute: (autocheck autochk *)
  397. O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
  398. O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
  399. O35 - HKLM\..comfile [open] -- "%1" %*
  400. O35 - HKLM\..exefile [open] -- "%1" %*
  401. O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
  402. O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
  403. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  404. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  405. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  406. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
  407. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  408.  
  409. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  410.  
  411. [2017/11/10 19:53:33 | 000,000,000 | ---D | C] -- C:\Users\Kacrut\AppData\Local\Deployment
  412. [2017/11/08 22:02:07 | 000,000,000 | ---D | C] -- C:\AdwCleaner
  413. [2017/11/08 17:49:05 | 000,000,000 | ---D | C] -- C:\Users\Kacrut\AppData\Local\Unity
  414. [2017/11/08 17:42:52 | 000,000,000 | R--D | C] -- C:\ProgramData\Framework
  415. [2017/11/08 17:42:52 | 000,000,000 | ---D | C] -- C:\ProgramData\WindowsSQL
  416. [2017/11/08 17:42:52 | 000,000,000 | ---D | C] -- C:\ProgramData\DirectX11b
  417. [2017/10/18 18:36:09 | 000,000,000 | ---D | C] -- C:\Users\Kacrut\Desktop\FLAS
  418. [2017/10/14 03:06:10 | 000,000,000 | ---D | C] -- C:\Users\Kacrut\AppData\Roaming\HandBrake Team
  419. [2017/10/14 03:06:07 | 000,000,000 | ---D | C] -- C:\Users\Kacrut\AppData\Roaming\HandBrake
  420. [2017/10/14 03:05:19 | 000,000,000 | ---D | C] -- C:\Users\Kacrut\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HandBrake
  421. [2017/10/14 03:05:19 | 000,000,000 | ---D | C] -- C:\Program Files\HandBrake
  422. [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  423.  
  424. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  425.  
  426. [2017/11/11 20:08:40 | 000,026,576 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  427. [2017/11/11 20:08:40 | 000,026,576 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  428. [2017/11/11 20:01:54 | 000,414,312 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
  429. [2017/11/11 20:01:21 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  430. [2017/11/11 20:01:10 | 2779,049,984 | -HS- | M] () -- C:\hiberfil.sys
  431. [2017/11/10 19:55:48 | 000,002,289 | ---- | M] () -- C:\Users\Kacrut\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
  432. [2017/11/10 19:55:27 | 000,002,265 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
  433. [2017/11/10 02:06:03 | 000,000,144 | ---- | M] () -- C:\Windows\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
  434. [2017/11/08 21:00:38 | 000,000,400 | RHS- | M] () -- C:\ProgramData\ntuser.pol
  435. [2017/11/08 18:04:52 | 001,081,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mscomctl.ocx
  436. [2017/11/08 18:04:52 | 000,774,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msvcr100.dll
  437. [2017/11/08 18:04:52 | 000,163,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\comdlg32.ocx
  438. [2017/11/08 18:04:52 | 000,132,880 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msinet.ocx
  439. [2017/11/02 14:55:39 | 000,803,328 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
  440. [2017/11/02 14:55:39 | 000,144,896 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
  441. [2017/10/31 12:19:22 | 000,061,904 | ---- | M] () -- C:\Windows\SysNative\drivers\gaprotect.sys
  442. [2017/10/21 19:54:29 | 000,001,774 | ---- | M] () -- C:\Users\Public\Desktop\Defraggler.lnk
  443. [2017/10/21 19:54:29 | 000,000,872 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
  444. [2017/10/18 18:39:37 | 000,785,306 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
  445. [2017/10/18 18:39:37 | 000,664,978 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
  446. [2017/10/18 18:39:37 | 000,122,754 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
  447. [2017/10/14 18:56:37 | 000,001,027 | ---- | M] () -- C:\Users\Kacrut\Desktop\nfsu2-tr - Shortcut.lnk
  448. [2017/10/14 03:05:55 | 000,000,987 | ---- | M] () -- C:\Users\Kacrut\Desktop\HandBrake.lnk
  449. [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
  450.  
  451. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  452.  
  453. [2017/11/11 20:01:14 | 000,414,312 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
  454. [2017/11/10 19:55:27 | 000,002,289 | ---- | C] () -- C:\Users\Kacrut\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
  455. [2017/11/10 19:55:27 | 000,002,277 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
  456. [2017/11/10 19:55:27 | 000,002,265 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
  457. [2017/11/10 02:06:03 | 000,000,144 | ---- | C] () -- C:\Windows\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
  458. [2017/11/08 03:17:24 | 001,835,831 | ---- | C] () -- C:\Users\Kacrut\Desktop\BurningHall_Col.i3Pack
  459. [2017/11/08 03:17:24 | 000,499,852 | ---- | C] () -- C:\Users\Kacrut\Desktop\BurningHall_Col_Hero.i3Pack
  460. [2017/11/08 02:51:24 | 001,034,773 | ---- | C] () -- C:\Users\Kacrut\Desktop\Construction_Col.i3Pack
  461. [2017/11/08 02:51:24 | 000,393,085 | ---- | C] () -- C:\Users\Kacrut\Desktop\Construction_Col_Hero.i3Pack
  462. [2017/11/08 02:47:46 | 000,986,537 | ---- | C] () -- C:\Users\Kacrut\Desktop\Crackdown_Col.i3Pack
  463. [2017/11/08 02:47:46 | 000,599,864 | ---- | C] () -- C:\Users\Kacrut\Desktop\Crackdown_Col_Hero.i3Pack
  464. [2017/10/14 18:56:37 | 000,001,027 | ---- | C] () -- C:\Users\Kacrut\Desktop\nfsu2-tr - Shortcut.lnk
  465. [2017/10/14 03:05:20 | 000,000,987 | ---- | C] () -- C:\Users\Kacrut\Desktop\HandBrake.lnk
  466. [2017/07/27 22:39:21 | 000,002,432 | ---- | C] () -- C:\Windows\SysWow64\drivers\KernelMemory.sys
  467. [2017/07/19 18:36:39 | 000,000,000 | ---- | C] () -- C:\Users\Kacrut\AppData\Local\{044D9A7F-DF88-4560-B0A3-735D8A81D3D1}
  468. [2017/05/18 15:11:34 | 000,200,192 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
  469. [2017/05/18 15:11:32 | 000,161,280 | ---- | C] () -- C:\Windows\SysWow64\igdail32.dll
  470. [2017/03/14 02:22:04 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
  471. [2017/03/14 02:20:13 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
  472. [2017/03/06 12:00:34 | 000,218,200 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
  473. [2017/01/24 01:06:43 | 000,064,000 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
  474. [2017/01/15 05:24:31 | 000,000,400 | RHS- | C] () -- C:\ProgramData\ntuser.pol
  475. [2016/09/27 13:57:09 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
  476. [2016/08/18 02:53:06 | 000,281,688 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
  477. [2016/08/18 02:52:39 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
  478. [2016/08/18 02:18:10 | 000,210,944 | ---- | C] () -- C:\Windows\SysWow64\msvcrt10.dll
  479. [2016/08/18 00:32:31 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
  480. [2016/08/18 00:32:30 | 000,674,816 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
  481. [2016/08/18 00:32:30 | 000,282,112 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
  482. [2016/08/18 00:32:30 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
  483. [2016/08/17 18:57:51 | 000,778,008 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
  484. [2016/08/17 15:24:35 | 000,007,608 | ---- | C] () -- C:\Users\Kacrut\AppData\Local\Resmon.ResmonCfg
  485.  
  486. [color=#E56717]========== ZeroAccess Check ==========[/color]
  487.  
  488. [2009/07/14 11:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
  489.  
  490. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  491.  
  492. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  493.  
  494. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
  495.  
  496. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  497.  
  498. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  499. "" = C:\Windows\SysNative\shell32.dll -- [2016/08/29 22:31:19 | 014,183,424 | ---- | M] (Microsoft Corporation)
  500. "ThreadingModel" = Apartment
  501.  
  502. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  503. "" = %SystemRoot%\system32\shell32.dll -- [2016/08/29 22:12:50 | 012,880,384 | ---- | M] (Microsoft Corporation)
  504. "ThreadingModel" = Apartment
  505.  
  506. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
  507. "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 08:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
  508. "ThreadingModel" = Free
  509.  
  510. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  511. "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 10:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
  512. "ThreadingModel" = Free
  513.  
  514. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
  515. "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 08:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
  516. "ThreadingModel" = Both
  517.  
  518. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  519.  
  520. [color=#E56717]========== LOP Check ==========[/color]
  521.  
  522. [2017/03/10 03:29:49 | 000,000,000 | ---D | M] -- C:\Users\Kacrut\AppData\Roaming\ADBDriverInstaller
  523. [2017/10/07 01:20:20 | 000,000,000 | ---D | M] -- C:\Users\Kacrut\AppData\Roaming\DAEMON Tools Lite
  524. [2017/11/11 04:04:00 | 000,000,000 | ---D | M] -- C:\Users\Kacrut\AppData\Roaming\DMCache
  525. [2017/08/29 10:15:28 | 000,000,000 | ---D | M] -- C:\Users\Kacrut\AppData\Roaming\DRPNano
  526. [2017/08/29 10:30:55 | 000,000,000 | ---D | M] -- C:\Users\Kacrut\AppData\Roaming\DRPNPS
  527. [2017/11/11 01:50:25 | 000,000,000 | ---D | M] -- C:\Users\Kacrut\AppData\Roaming\foobar2000
  528. [2017/08/03 22:05:40 | 000,000,000 | ---D | M] -- C:\Users\Kacrut\AppData\Roaming\GAH
  529. [2016/08/18 00:56:32 | 000,000,000 | ---D | M] -- C:\Users\Kacrut\AppData\Roaming\Garena
  530. [2017/11/10 02:24:13 | 000,000,000 | ---D | M] -- C:\Users\Kacrut\AppData\Roaming\GarenaPlus
  531. [2017/10/14 14:35:44 | 000,000,000 | ---D | M] -- C:\Users\Kacrut\AppData\Roaming\HandBrake
  532. [2017/10/14 03:06:10 | 000,000,000 | ---D | M] -- C:\Users\Kacrut\AppData\Roaming\HandBrake Team
  533. [2017/11/11 20:09:16 | 000,000,000 | ---D | M] -- C:\Users\Kacrut\AppData\Roaming\IDM
  534. [2017/09/23 10:03:10 | 000,000,000 | ---D | M] -- C:\Users\Kacrut\AppData\Roaming\Infinity
  535. [2017/08/16 05:37:51 | 000,000,000 | ---D | M] -- C:\Users\Kacrut\AppData\Roaming\library_dir
  536. [2017/11/11 19:57:48 | 000,000,000 | ---D | M] -- C:\Users\Kacrut\AppData\Roaming\MPC-HC
  537. [2016/08/28 18:28:00 | 000,000,000 | ---D | M] -- C:\Users\Kacrut\AppData\Roaming\Nokia
  538. [2016/08/28 17:43:39 | 000,000,000 | ---D | M] -- C:\Users\Kacrut\AppData\Roaming\PC Suite
  539. [2017/08/16 05:39:11 | 000,000,000 | ---D | M] -- C:\Users\Kacrut\AppData\Roaming\PlaysTV
  540. [2016/08/18 23:22:52 | 000,000,000 | ---D | M] -- C:\Users\Kacrut\AppData\Roaming\Steam
  541. [2017/07/23 03:05:48 | 000,000,000 | ---D | M] -- C:\Users\Kacrut\AppData\Roaming\Steinberg
  542. [2017/01/24 17:01:51 | 000,000,000 | ---D | M] -- C:\Users\Kacrut\AppData\Roaming\Theta
  543. [2017/04/22 18:57:11 | 000,000,000 | ---D | M] -- C:\Users\Kacrut\AppData\Roaming\Umeng
  544. [2016/10/21 12:58:58 | 000,000,000 | ---D | M] -- C:\Users\Kacrut\AppData\Roaming\WhatsApp
  545. [2016/10/12 21:26:02 | 000,000,000 | ---D | M] -- C:\Users\Kacrut\AppData\Roaming\Wondershare
  546. [2017/07/28 18:35:15 | 000,000,000 | ---D | M] -- C:\Users\Kacrut\AppData\Roaming\Xiaomi
  547.  
  548. [color=#E56717]========== Purity Check ==========[/color]
  549.  
  550. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!