API tools faq
paste
Advertisement
Guest User

otl log

a guest
Jan 6th, 2017
99
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 46.60 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 6.1.2017. 7:52:12 - Run 3
  2. OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Korisnik\Desktop
  3. 64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
  4. Internet Explorer (Version = 9.11.9600.16428)
  5. Locale: 0000041a | Country: Hrvatska | Language: HRV | Date Format: d.M.yyyy.
  6.  
  7. 3,90 Gb Total Physical Memory | 1,80 Gb Available Physical Memory | 46,11% Memory free
  8. 7,80 Gb Paging File | 5,55 Gb Available in Paging File | 71,18% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
  12. Drive C: | 78,03 Gb Total Space | 13,62 Gb Free Space | 17,45% Space Free | Partition Type: NTFS
  13. Drive D: | 387,63 Gb Total Space | 324,96 Gb Free Space | 83,83% Space Free | Partition Type: NTFS
  14.  
  15. Computer Name: KORISNIK-PC | User Name: Korisnik | Logged in as Administrator.
  16. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
  17. Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
  18.  
  19. [color=#E56717]========== Processes (SafeList) ==========[/color]
  20.  
  21. PRC - [2017.01.05 22:44:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Korisnik\Desktop\OTL.exe
  22. PRC - [2017.01.03 12:54:26 | 009,080,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
  23. PRC - [2017.01.03 12:51:43 | 000,197,128 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
  24. PRC - [2016.12.14 12:54:09 | 000,510,920 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
  25. PRC - [2016.11.17 01:28:54 | 001,269,048 | ---- | M] (Apple, Inc.) -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
  26. PRC - [2016.10.21 19:02:44 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
  27. PRC - [2012.02.28 03:01:58 | 000,291,608 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
  28. PRC - [2011.10.11 22:43:16 | 000,109,184 | ---- | M] (Conexant Systems, Inc.) -- C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe
  29.  
  30.  
  31. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  32.  
  33. MOD - [2017.01.03 12:52:12 | 048,936,448 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
  34. MOD - [2017.01.03 12:51:49 | 000,482,928 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\ffl2.dll
  35. MOD - [2017.01.03 12:51:44 | 000,169,064 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
  36. MOD - [2016.11.17 01:29:02 | 001,041,720 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
  37. MOD - [2016.09.01 17:13:20 | 000,080,184 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
  38.  
  39.  
  40. [color=#E56717]========== Services (SafeList) ==========[/color]
  41.  
  42. SRV:[b]64bit:[/b] - File not found [On_Demand | Stopped] -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe -- (AvastVBoxSvc)
  43. SRV:[b]64bit:[/b] - [2017.01.03 12:51:43 | 000,197,128 | ---- | M] (AVAST Software) [Auto | Stop_Pending] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
  44. SRV:[b]64bit:[/b] - [2016.10.17 08:52:13 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
  45. SRV:[b]64bit:[/b] - [2012.03.05 13:08:52 | 000,235,520 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
  46. SRV:[b]64bit:[/b] - [2012.02.02 02:31:02 | 000,945,440 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
  47. SRV:[b]64bit:[/b] - [2012.01.29 07:43:50 | 000,048,128 | ---- | M] (Dell Inc.) [Auto | Running] -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE -- (wltrysvc)
  48. SRV:[b]64bit:[/b] - [2011.10.11 22:43:16 | 000,109,184 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Program Files\CONEXANT\SA3\CxUtilSvc.exe -- (CxUtilSvc)
  49. SRV:[b]64bit:[/b] - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
  50. SRV:[b]64bit:[/b] - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
  51. SRV:[b]64bit:[/b] - [2008.03.28 17:55:34 | 000,263,720 | ---- | M] (ActivIdentity) [Auto | Running] -- C:\Program Files\ActivIdentity\ActivClient\accoca.exe -- (accoca)
  52. SRV - [2016.12.14 12:54:09 | 000,172,488 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
  53. SRV - [2016.12.14 12:47:17 | 000,270,936 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
  54. SRV - [2016.10.21 19:02:44 | 000,082,128 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
  55. SRV - [2016.09.20 11:54:54 | 000,324,224 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
  56. SRV - [2012.07.09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
  57. SRV - [2012.03.20 00:44:18 | 000,276,248 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
  58. SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
  59.  
  60.  
  61. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  62.  
  63. DRV:[b]64bit:[/b] - File not found [Kernel | Auto | Stopped] -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys -- (VBoxAswDrv)
  64. DRV:[b]64bit:[/b] - [2017.01.03 12:54:07 | 000,293,352 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
  65. DRV:[b]64bit:[/b] - [2017.01.03 12:54:04 | 000,513,632 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
  66. DRV:[b]64bit:[/b] - [2017.01.03 12:54:01 | 000,969,184 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
  67. DRV:[b]64bit:[/b] - [2017.01.03 12:52:27 | 000,163,416 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswStm.sys -- (aswStm)
  68. DRV:[b]64bit:[/b] - [2017.01.03 12:52:24 | 000,108,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
  69. DRV:[b]64bit:[/b] - [2017.01.03 12:52:24 | 000,074,544 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
  70. DRV:[b]64bit:[/b] - [2017.01.03 12:52:24 | 000,037,656 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
  71. DRV:[b]64bit:[/b] - [2017.01.03 12:52:22 | 000,103,064 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
  72. DRV:[b]64bit:[/b] - [2017.01.03 12:51:27 | 000,037,144 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
  73. DRV:[b]64bit:[/b] - [2015.11.05 15:23:52 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
  74. DRV:[b]64bit:[/b] - [2015.09.02 17:49:44 | 000,027,136 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
  75. DRV:[b]64bit:[/b] - [2014.04.17 08:19:29 | 000,283,064 | ---- | M] (Disc Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
  76. DRV:[b]64bit:[/b] - [2013.08.06 15:13:30 | 000,023,040 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
  77. DRV:[b]64bit:[/b] - [2012.09.12 15:20:04 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
  78. DRV:[b]64bit:[/b] - [2012.07.18 02:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
  79. DRV:[b]64bit:[/b] - [2012.03.20 00:32:02 | 014,745,600 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
  80. DRV:[b]64bit:[/b] - [2012.03.14 10:42:50 | 000,201,008 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
  81. DRV:[b]64bit:[/b] - [2012.03.10 04:41:16 | 000,685,160 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
  82. DRV:[b]64bit:[/b] - [2012.03.05 13:34:48 | 010,729,984 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
  83. DRV:[b]64bit:[/b] - [2012.03.05 12:05:44 | 000,328,192 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
  84. DRV:[b]64bit:[/b] - [2012.02.28 03:01:00 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
  85. DRV:[b]64bit:[/b] - [2012.02.28 03:01:00 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
  86. DRV:[b]64bit:[/b] - [2012.02.28 03:01:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
  87. DRV:[b]64bit:[/b] - [2012.02.02 03:07:18 | 000,615,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
  88. DRV:[b]64bit:[/b] - [2012.02.02 03:07:18 | 000,134,696 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcbtums.sys -- (bcbtums)
  89. DRV:[b]64bit:[/b] - [2012.02.02 03:07:12 | 000,211,496 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
  90. DRV:[b]64bit:[/b] - [2012.02.02 03:07:12 | 000,184,360 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
  91. DRV:[b]64bit:[/b] - [2012.02.02 03:07:12 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
  92. DRV:[b]64bit:[/b] - [2012.02.02 03:07:12 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
  93. DRV:[b]64bit:[/b] - [2012.02.01 20:54:56 | 000,031,872 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
  94. DRV:[b]64bit:[/b] - [2012.02.01 17:59:38 | 000,313,448 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsUVStor.sys -- (RSUSBVSTOR)
  95. DRV:[b]64bit:[/b] - [2012.01.29 07:43:50 | 000,022,592 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcm42rly.sys -- (BCM42RLY)
  96. DRV:[b]64bit:[/b] - [2012.01.22 17:59:50 | 005,439,040 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
  97. DRV:[b]64bit:[/b] - [2011.12.14 23:20:08 | 001,601,152 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
  98. DRV:[b]64bit:[/b] - [2011.12.06 12:23:08 | 000,331,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
  99. DRV:[b]64bit:[/b] - [2011.10.22 16:06:06 | 000,021,568 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bcmvwl64.sys -- (BcmVWL)
  100. DRV:[b]64bit:[/b] - [2011.01.20 16:11:09 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
  101. DRV:[b]64bit:[/b] - [2011.01.20 16:10:54 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
  102. DRV:[b]64bit:[/b] - [2011.01.20 16:09:36 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)
  103. DRV:[b]64bit:[/b] - [2011.01.20 16:09:36 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)
  104. DRV:[b]64bit:[/b] - [2011.01.20 16:09:36 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
  105. DRV:[b]64bit:[/b] - [2011.01.20 16:09:36 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
  106. DRV:[b]64bit:[/b] - [2011.01.20 16:09:34 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
  107. DRV:[b]64bit:[/b] - [2011.01.20 16:09:34 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
  108. DRV:[b]64bit:[/b] - [2011.01.20 16:09:34 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
  109. DRV:[b]64bit:[/b] - [2011.01.20 16:09:32 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
  110. DRV:[b]64bit:[/b] - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
  111. DRV:[b]64bit:[/b] - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
  112. DRV:[b]64bit:[/b] - [2009.07.14 02:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
  113. DRV:[b]64bit:[/b] - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
  114. DRV:[b]64bit:[/b] - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
  115. DRV:[b]64bit:[/b] - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
  116. DRV:[b]64bit:[/b] - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
  117. DRV:[b]64bit:[/b] - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
  118. DRV:[b]64bit:[/b] - [2008.06.27 06:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
  119. DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
  120.  
  121.  
  122. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  123.  
  124.  
  125. [color=#E56717]========== Internet Explorer ==========[/color]
  126.  
  127. IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  128. IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  129. IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
  130. IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  131. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  132.  
  133. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
  134. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie
  135. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
  136. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.hr/
  137. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
  138. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = hr
  139. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP =
  140. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
  141. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
  142. IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  143. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
  144. IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searcerms}&src=IE-SearchBox&FORM=IESR02
  145. IE - HKCU\..\SearchScopes\{9B531F9C-C052-4F10-922C-0475518CC5F4}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
  146. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  147. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
  148.  
  149. [color=#E56717]========== FireFox ==========[/color]
  150.  
  151. FF - prefs.js..browser.search.countryCode: "HR"
  152. FF - prefs.js..browser.search.region: "HR"
  153. FF - prefs.js..browser.startup.homepage: "www.google.hr"
  154. FF - prefs.js..extensions.enabledAddons: %7Bd40f5e7b-d2cf-4856-b441-cc613eeffbe3%7D:1.77
  155. FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:50.1.0
  156. FF - user.js - File not found
  157.  
  158. FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll File not found
  159. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll ()
  160. FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
  161. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
  162. FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll (Google Inc.)
  163. FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
  164. FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
  165. FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
  166. FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
  167. FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
  168. FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
  169. FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.4: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
  170. FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
  171.  
  172. 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF [2017.01.05 21:59:30 | 000,000,000 | ---D | M]
  173. 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\SAFEPRICE\FF [2017.01.05 21:59:30 | 000,000,000 | ---D | M]
  174. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2017.01.05 21:59:30 | 000,000,000 | ---D | M]
  175. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\sp@avast.com: C:\Program Files\AVAST Software\Avast\SafePrice\FF [2017.01.05 21:59:30 | 000,000,000 | ---D | M]
  176. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ocr@babylon.com: C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\ocr@babylon.com
  177. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
  178. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 50.1.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
  179. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 45.5.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
  180. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 45.5.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
  181.  
  182. [2016.11.30 09:06:08 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Korisnik\AppData\Roaming\Mozilla\Extensions
  183. [2016.11.30 08:47:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\9zczxlr8.default-1462637685184\extensions
  184. [2016.05.07 12:34:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\d5yk5qrg.default-1438020423371\extensions
  185. [2016.10.31 20:30:24 | 000,155,857 | ---- | M] () (No name found) -- C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\9zczxlr8.default-1462637685184\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
  186. [2016.05.07 12:34:28 | 000,150,384 | ---- | M] () (No name found) -- C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\d5yk5qrg.default-1438020423371\extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi
  187. [2016.04.29 23:46:11 | 000,319,627 | ---- | M] () (No name found) -- C:\Users\Korisnik\AppData\Roaming\Mozilla\Firefox\Profiles\d5yk5qrg.default-1438020423371\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
  188. [2016.12.14 12:54:09 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
  189.  
  190. [color=#E56717]========== Chrome ==========[/color]
  191.  
  192. CHR - default_search_provider: (Enabled)
  193. CHR - default_search_provider: search_url =
  194. CHR - default_search_provider: suggest_url =
  195. CHR - plugin: Error reading preferences file
  196. CHR - Extension: No name found = C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
  197. CHR - Extension: No name found = C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
  198. CHR - Extension: No name found = C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.60_0\
  199. CHR - Extension: No name found = C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_0\
  200. CHR - Extension: No name found = C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.0_0\
  201. CHR - Extension: No name found = C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5416.905.0.6_0\
  202. CHR - Extension: No name found = C:\Users\Korisnik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\5516.1005.0.3_0\
  203.  
  204. O1 HOSTS File: ([2015.03.18 00:52:59 | 000,450,922 | R--- | M]) - C:\Windows\SysNative\drivers\etc\hosts
  205. O1 - Hosts: 127.0.0.1 activate.adobe.com
  206. O1 - Hosts: 127.0.0.1 www.007guard.com
  207. O1 - Hosts: 127.0.0.1 007guard.com
  208. O1 - Hosts: 127.0.0.1 008i.com
  209. O1 - Hosts: 127.0.0.1 www.008k.com
  210. O1 - Hosts: 127.0.0.1 008k.com
  211. O1 - Hosts: 127.0.0.1 www.00hq.com
  212. O1 - Hosts: 127.0.0.1 00hq.com
  213. O1 - Hosts: 127.0.0.1 010402.com
  214. O1 - Hosts: 127.0.0.1 www.032439.com
  215. O1 - Hosts: 127.0.0.1 032439.com
  216. O1 - Hosts: 127.0.0.1 www.0scan.com
  217. O1 - Hosts: 127.0.0.1 0scan.com
  218. O1 - Hosts: 127.0.0.1 1000gratisproben.com
  219. O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
  220. O1 - Hosts: 127.0.0.1 1001namen.com
  221. O1 - Hosts: 127.0.0.1 www.1001namen.com
  222. O1 - Hosts: 127.0.0.1 100888290cs.com
  223. O1 - Hosts: 127.0.0.1 www.100888290cs.com
  224. O1 - Hosts: 127.0.0.1 www.100sexlinks.com
  225. O1 - Hosts: 127.0.0.1 100sexlinks.com
  226. O1 - Hosts: 127.0.0.1 10sek.com
  227. O1 - Hosts: 127.0.0.1 www.10sek.com
  228. O1 - Hosts: 127.0.0.1 www.1-2005-search.com
  229. O1 - Hosts: 127.0.0.1 1-2005-search.com
  230. O1 - Hosts: 15474 more lines...
  231. O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
  232. O2 - BHO: (no name) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - No CLSID value found.
  233. O4:[b]64bit:[/b] - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
  234. O4:[b]64bit:[/b] - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
  235. O4:[b]64bit:[/b] - HKLM..\Run: [SmartAudio] C:\Program Files\CONEXANT\SA3\SACpl.exe (Conexant Systems, Inc.)
  236. O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
  237. O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
  238. O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
  239. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
  240. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
  241. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
  242. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  243. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
  244. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
  245. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
  246. O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
  247. O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
  248. O13[b]64bit:[/b] - gopher Prefix: missing
  249. O13 - gopher Prefix: missing
  250. O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
  251. O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab (Reg Error: Key error.)
  252. O16 - DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Reg Error: Key error.)
  253. O16 - DPF: {CAFEEFAC-0018-0000-0025-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab (Reg Error: Key error.)
  254. O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.8.0/jinstall-1_8_0_25-windows-i586.cab (Reg Error: Key error.)
  255. O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
  256. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
  257. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{426E8BAF-5ED9-4EE8-8ED7-0217731FC58C}: DhcpNameServer = 192.168.1.1 192.168.1.1
  258. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4AE37400-E338-49EC-A7EA-629BA33E45D4}: DhcpNameServer = 172.20.10.1
  259. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{72513F98-EAF5-43DA-8697-186E8D7582EE}: DhcpNameServer = 91.148.126.2
  260. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CD6F6739-A9F5-41B4-BA9D-61EB3C97DD56}: DhcpNameServer = 172.20.10.1
  261. O18:[b]64bit:[/b] - Protocol\Handler\grooveLocalGWS - No CLSID value found
  262. O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
  263. O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
  264. O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
  265. O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
  266. O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
  267. O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
  268. O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
  269. O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  270. O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
  271. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
  272. O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
  273. O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
  274. O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  275. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  276. O32 - HKLM CDRom: AutoRun - 1
  277. O34 - HKLM BootExecute: (autocheck autochk *)
  278. O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
  279. O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
  280. O35 - HKLM\..comfile [open] -- "%1" %*
  281. O35 - HKLM\..exefile [open] -- "%1" %*
  282. O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
  283. O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
  284. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  285. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  286. O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
  287. O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
  288. O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
  289.  
  290. NetSvcs:[b]64bit:[/b] AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
  291.  
  292. Drivers32:[b]64bit:[/b] msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
  293. Drivers32: msacm.ac3filter - C:\Windows\SysWow64\ac3filter.acm ()
  294. Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
  295. Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
  296.  
  297. CREATERESTOREPOINT
  298. Restore point Set: OTL Restore Point
  299.  
  300. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  301.  
  302. [2017.01.05 22:43:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Korisnik\Desktop\OTL.exe
  303. [2017.01.05 21:59:31 | 000,391,496 | ---- | C] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
  304. [2017.01.03 12:51:51 | 000,053,208 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
  305. [2016.12.26 10:05:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
  306. [2016.12.26 10:04:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
  307. [2016.12.09 17:02:36 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\AppData\Local\Opera Software
  308. [2016.12.09 11:06:01 | 000,000,000 | ---D | C] -- C:\Users\Korisnik\AppData\Local\CEF
  309. [9 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
  310.  
  311. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  312.  
  313. [2017.01.06 07:51:54 | 000,783,792 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
  314. [2017.01.06 07:51:54 | 000,655,590 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
  315. [2017.01.06 07:51:54 | 000,121,932 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
  316. [2017.01.06 07:48:57 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
  317. [2017.01.06 07:48:56 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-403930124-1647038812-4077872958-1000UA.job
  318. [2017.01.06 07:48:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  319. [2017.01.05 22:44:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Korisnik\Desktop\OTL.exe
  320. [2017.01.05 22:18:09 | 000,293,814 | ---- | M] () -- C:\Users\Korisnik\Documents\cc_20170105_221755.reg
  321. [2017.01.05 22:13:15 | 000,002,070 | ---- | M] () -- C:\Users\Korisnik\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
  322. [2017.01.05 22:05:19 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  323. [2017.01.05 22:05:19 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  324. [2017.01.05 21:56:14 | 3142,864,896 | -HS- | M] () -- C:\hiberfil.sys
  325. [2017.01.05 12:49:56 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-403930124-1647038812-4077872958-1000Core.job
  326. [2017.01.04 17:50:15 | 000,048,850 | ---- | M] () -- C:\Users\Korisnik\Desktop\struja4.jpg
  327. [2017.01.04 17:49:50 | 000,056,988 | ---- | M] () -- C:\Users\Korisnik\Desktop\struja3.jpg
  328. [2017.01.04 17:44:47 | 000,016,409 | ---- | M] () -- C:\Users\Korisnik\Desktop\struja2.jpg
  329. [2017.01.04 17:44:27 | 000,126,705 | ---- | M] () -- C:\Users\Korisnik\Desktop\struja1.jpg
  330. [2017.01.03 12:54:07 | 000,293,352 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswVmm.sys
  331. [2017.01.03 12:54:04 | 000,513,632 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSP.sys
  332. [2017.01.03 12:54:01 | 000,969,184 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswSnx.sys
  333. [2017.01.03 12:52:27 | 000,163,416 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswStm.sys
  334. [2017.01.03 12:52:24 | 000,513,496 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsp.sys.148344444472910
  335. [2017.01.03 12:52:24 | 000,391,496 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\aswBoot.exe
  336. [2017.01.03 12:52:24 | 000,292,704 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswvmm.sys.148344444714712
  337. [2017.01.03 12:52:24 | 000,108,816 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
  338. [2017.01.03 12:52:24 | 000,074,544 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRvrt.sys
  339. [2017.01.03 12:52:24 | 000,037,656 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswHwid.sys
  340. [2017.01.03 12:52:22 | 000,103,064 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswRdr2.sys
  341. [2017.01.03 12:51:51 | 000,053,208 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
  342. [2017.01.03 12:51:28 | 000,969,560 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswsnx.sys.148344444165607
  343. [2017.01.03 12:51:27 | 000,037,144 | ---- | M] (AVAST Software) -- C:\Windows\SysNative\drivers\aswKbd.sys
  344. [2017.01.03 12:42:23 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player PPAPI Notifier.job
  345. [2016.12.28 17:17:50 | 001,263,033 | ---- | M] () -- C:\Users\Korisnik\Desktop\braco i seka.JPG
  346. [2016.12.22 08:08:41 | 000,054,944 | ---- | M] () -- C:\Users\Korisnik\Desktop\ss.jpg
  347. [2016.12.11 09:51:22 | 000,160,937 | ---- | M] () -- C:\Users\Korisnik\Desktop\nba.png
  348. [9 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]
  349.  
  350. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  351.  
  352. [2017.01.05 22:18:00 | 000,293,814 | ---- | C] () -- C:\Users\Korisnik\Documents\cc_20170105_221755.reg
  353. [2017.01.04 17:50:15 | 000,048,850 | ---- | C] () -- C:\Users\Korisnik\Desktop\struja4.jpg
  354. [2017.01.04 17:49:50 | 000,056,988 | ---- | C] () -- C:\Users\Korisnik\Desktop\struja3.jpg
  355. [2017.01.04 17:44:47 | 000,016,409 | ---- | C] () -- C:\Users\Korisnik\Desktop\struja2.jpg
  356. [2017.01.04 17:44:27 | 000,126,705 | ---- | C] () -- C:\Users\Korisnik\Desktop\struja1.jpg
  357. [2016.12.28 17:22:43 | 001,263,033 | ---- | C] () -- C:\Users\Korisnik\Desktop\braco i seka.JPG
  358. [2016.12.22 08:08:40 | 000,054,944 | ---- | C] () -- C:\Users\Korisnik\Desktop\ss.jpg
  359. [2016.12.11 09:51:21 | 000,160,937 | ---- | C] () -- C:\Users\Korisnik\Desktop\nba.png
  360. [2016.02.21 00:09:30 | 000,000,017 | ---- | C] () -- C:\Users\Korisnik\AppData\Local\resmon.resmoncfg
  361. [2015.09.28 08:25:18 | 000,007,168 | ---- | C] () -- C:\Users\Korisnik\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
  362. [2015.04.17 13:44:54 | 000,000,085 | ---- | C] () -- C:\Windows\wininit.ini
  363.  
  364. [color=#E56717]========== ZeroAccess Check ==========[/color]
  365.  
  366. [2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
  367.  
  368. [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  369.  
  370. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  371.  
  372. [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
  373.  
  374. [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
  375.  
  376. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
  377. "" = C:\Windows\SysNative\shell32.dll -- [2011.01.20 16:09:47 | 014,174,208 | ---- | M] (Microsoft Corporation)
  378. "ThreadingModel" = Apartment
  379.  
  380. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
  381. "" = %SystemRoot%\system32\shell32.dll -- [2011.01.20 16:10:01 | 012,872,192 | ---- | M] (Microsoft Corporation)
  382. "ThreadingModel" = Apartment
  383.  
  384. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
  385. "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
  386. "ThreadingModel" = Free
  387.  
  388. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
  389. "" = %systemroot%\system32\wbem\fastprox.dll -- [2011.01.20 16:10:38 | 000,606,208 | ---- | M] (Microsoft Corporation)
  390. "ThreadingModel" = Free
  391.  
  392. [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
  393. "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
  394. "ThreadingModel" = Both
  395.  
  396. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
  397.  
  398. [color=#E56717]========== LOP Check ==========[/color]
  399.  
  400. [2015.06.02 18:37:05 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\.ACEStream
  401. [2014.01.22 02:29:50 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\.Torrent Stream
  402. [2013.10.25 13:41:42 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\AVAST Software
  403. [2012.11.02 17:42:16 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\BSplayer Pro
  404. [2016.04.07 11:56:18 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\DAEMON Tools Lite
  405. [2014.05.17 18:28:55 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Dropbox
  406. [2015.07.27 16:38:32 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\IrfanView
  407. [2014.04.17 08:27:26 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Leadertech
  408. [2013.03.04 10:49:55 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\libimobiledevice
  409. [2016.04.28 13:21:11 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Opera Software
  410. [2015.08.13 17:58:43 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\PCDr
  411. [2012.11.02 17:46:37 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Softland
  412. [2013.03.05 20:21:32 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\Thunderbird
  413. [2017.01.04 17:45:19 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\ViberPC
  414. [2017.01.05 21:47:39 | 000,000,000 | ---D | M] -- C:\Users\Korisnik\AppData\Roaming\WhatsApp
  415.  
  416. [color=#E56717]========== Purity Check ==========[/color]
  417.  
  418.  
  419.  
  420. [color=#E56717]========== Custom Scans ==========[/color]
  421.  
  422. [color=#A23BEC]< %SYSTEMDRIVE%\*.* >[/color]
  423. [2015.06.03 09:30:56 | 000,000,717 | ---- | M] () -- C:\DelFix.txt
  424. [2017.01.05 21:56:14 | 3142,864,896 | -HS- | M] () -- C:\hiberfil.sys
  425. [2017.01.05 21:56:17 | 4190,486,528 | -HS- | M] () -- C:\pagefile.sys
  426.  
  427. [color=#A23BEC]< %systemroot%\Fonts\*.com >[/color]
  428. [2009.07.14 06:32:31 | 000,026,040 | ---- | M] () -- C:\Windows\Fonts\GlobalMonospace.CompositeFont
  429. [2009.07.14 06:32:31 | 000,026,489 | ---- | M] () -- C:\Windows\Fonts\GlobalSansSerif.CompositeFont
  430. [2009.07.14 06:32:31 | 000,029,779 | ---- | M] () -- C:\Windows\Fonts\GlobalSerif.CompositeFont
  431. [2009.07.14 06:32:31 | 000,043,318 | ---- | M] () -- C:\Windows\Fonts\GlobalUserInterface.CompositeFont
  432.  
  433. [color=#A23BEC]< %systemroot%\Fonts\*.dll >[/color]
  434.  
  435. [color=#A23BEC]< %systemroot%\Fonts\*.ini >[/color]
  436. [2009.06.10 21:49:50 | 000,000,065 | ---- | M] () -- C:\Windows\Fonts\desktop.ini
  437.  
  438. [color=#A23BEC]< %systemroot%\Fonts\*.ini2 >[/color]
  439.  
  440. [color=#A23BEC]< %systemroot%\Fonts\*.exe >[/color]
  441.  
  442. [color=#A23BEC]< %systemroot%\system32\spool\prtprocs\w32x86\*.* >[/color]
  443.  
  444. [color=#A23BEC]< %systemroot%\REPAIR\*.bak1 >[/color]
  445.  
  446. [color=#A23BEC]< %systemroot%\REPAIR\*.ini >[/color]
  447.  
  448. [color=#A23BEC]< %systemroot%\system32\*.jpg >[/color]
  449.  
  450. [color=#A23BEC]< %systemroot%\*.jpg >[/color]
  451.  
  452. [color=#A23BEC]< %systemroot%\*.png >[/color]
  453.  
  454. [color=#A23BEC]< %systemroot%\*.scr >[/color]
  455. [2017.01.03 12:51:51 | 000,053,208 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
  456. [2012.09.12 15:57:44 | 000,322,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\WLXPGSS.SCR
  457.  
  458. [color=#A23BEC]< %systemroot%\*._sy >[/color]
  459.  
  460. [color=#A23BEC]< %APPDATA%\Adobe\Update\*.* >[/color]
  461.  
  462. [color=#A23BEC]< %ALLUSERSPROFILE%\Favorites\*.* >[/color]
  463.  
  464. [color=#A23BEC]< %APPDATA%\Microsoft\*.* >[/color]
  465.  
  466. [color=#A23BEC]< %PROGRAMFILES%\*.* >[/color]
  467. [2009.07.14 05:54:24 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
  468.  
  469. [color=#A23BEC]< %APPDATA%\Update\*.* >[/color]
  470.  
  471. [color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
  472.  
  473. [color=#A23BEC]< %systemroot%\System32\config\*.sav >[/color]
  474.  
  475. [color=#A23BEC]< %PROGRAMFILES%\bak. /s >[/color]
  476.  
  477. [color=#A23BEC]< %systemroot%\system32\bak. /s >[/color]
  478.  
  479. [color=#A23BEC]< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >[/color]
  480.  
  481. [color=#A23BEC]< %systemroot%\system32\config\systemprofile\*.dat /x >[/color]
  482.  
  483. [color=#A23BEC]< %systemroot%\*.config >[/color]
  484.  
  485. [color=#A23BEC]< %systemroot%\system32\*.db >[/color]
  486.  
  487. [color=#A23BEC]< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >[/color]
  488. [2012.11.02 17:43:26 | 000,000,221 | -HS- | M] () -- C:\Users\Korisnik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
  489.  
  490. [color=#A23BEC]< %USERPROFILE%\Desktop\*.exe >[/color]
  491. [2017.01.05 22:44:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Korisnik\Desktop\OTL.exe
  492.  
  493. [color=#A23BEC]< %PROGRAMFILES%\Common Files\*.* >[/color]
  494.  
  495. [color=#A23BEC]< %systemroot%\*.src >[/color]
  496.  
  497. [color=#A23BEC]< %systemroot%\install\*.* >[/color]
  498.  
  499. [color=#A23BEC]< %systemroot%\system32\DLL\*.* >[/color]
  500.  
  501. [color=#A23BEC]< %systemroot%\system32\HelpFiles\*.* >[/color]
  502.  
  503. [color=#A23BEC]< %systemroot%\system32\rundll\*.* >[/color]
  504.  
  505. [color=#A23BEC]< %systemroot%\winn32\*.* >[/color]
  506.  
  507. [color=#A23BEC]< %systemroot%\Java\*.* >[/color]
  508.  
  509. [color=#A23BEC]< %systemroot%\system32\test\*.* >[/color]
  510.  
  511. [color=#A23BEC]< %systemroot%\system32\Rundll32\*.* >[/color]
  512.  
  513. [color=#A23BEC]< %systemroot%\AppPatch\Custom\*.* >[/color]
  514.  
  515. [color=#A23BEC]< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >[/color]
  516.  
  517. [color=#A23BEC]< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >[/color]
  518.  
  519. [color=#A23BEC]< %PROGRAMFILES%\Internet Explorer\*.tmp >[/color]
  520.  
  521. [color=#A23BEC]< %PROGRAMFILES%\Internet Explorer\*.dat >[/color]
  522.  
  523. [color=#A23BEC]< %USERPROFILE%\My Documents\*.exe >[/color]
  524.  
  525. [color=#A23BEC]< %USERPROFILE%\*.exe >[/color]
  526.  
  527. [color=#A23BEC]< %systemroot%\ADDINS\*.* >[/color]
  528. [2009.06.10 22:20:04 | 000,000,802 | ---- | M] () -- C:\Windows\ADDINS\FXSEXT.ecf
  529.  
  530. [color=#A23BEC]< %systemroot%\assembly\*.bak2 >[/color]
  531.  
  532. [color=#A23BEC]< %systemroot%\Config\*.* >[/color]
  533.  
  534. [color=#A23BEC]< %systemroot%\REPAIR\*.bak2 >[/color]
  535.  
  536. [color=#A23BEC]< %systemroot%\SECURITY\Database\*.sdb /x >[/color]
  537. [2012.11.02 18:01:12 | 000,008,192 | ---- | M] () -- C:\Windows\SECURITY\Database\edb.chk
  538. [2012.11.02 18:01:12 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edb.log
  539. [2012.11.02 18:01:12 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edbres00001.jrs
  540. [2012.11.02 18:01:12 | 001,048,576 | ---- | M] () -- C:\Windows\SECURITY\Database\edbres00002.jrs
  541. [2012.11.02 18:01:11 | 000,786,432 | ---- | M] () -- C:\Windows\SECURITY\Database\edbtmp.log
  542. [2012.11.02 18:01:12 | 001,056,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SECURITY\Database\tmp.edb
  543.  
  544. [color=#A23BEC]< %systemroot%\SYSTEM\*.bak2 >[/color]
  545.  
  546. [color=#A23BEC]< %systemroot%\Web\*.bak2 >[/color]
  547.  
  548. [color=#A23BEC]< %systemroot%\Driver Cache\*.* >[/color]
  549.  
  550. [color=#A23BEC]< %PROGRAMFILES%\Mozilla Firefox\0*.exe >[/color]
  551.  
  552. [color=#A23BEC]< %ProgramFiles%\Microsoft Common\*.* >[/color]
  553.  
  554. [color=#A23BEC]< %ProgramFiles%\TinyProxy. >[/color]
  555.  
  556. [color=#A23BEC]< %USERPROFILE%\Favorites\*.url /x >[/color]
  557. [2012.11.02 17:17:37 | 000,000,402 | -HS- | M] () -- C:\Users\Korisnik\Favorites\desktop.ini
  558.  
  559. [color=#A23BEC]< %systemroot%\System32\Wbem\*.exe >[/color]
  560. [2009.07.14 02:14:24 | 000,019,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\mofcomp.exe
  561. [2009.07.14 02:14:45 | 000,078,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\WinMgmt.exe
  562. [2009.07.14 02:14:46 | 000,115,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\WMIADAP.exe
  563. [2009.07.14 02:14:46 | 000,395,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\WMIC.exe
  564. [2011.01.20 16:10:41 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\Wbem\WmiPrvSE.exe
  565.  
  566. [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color]
  567.  
  568. [color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color]
  569.  
  570. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!