API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 3rd, 2012
200
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 31.49 KB | None | 0 0
raw download clone embed print report
  1. OTL logfile created on: 3.3.2012. 11:59:23 - Run 1
  2. OTL by OldTimer - Version 3.2.35.0 Folder = C:\Users\kahlina\Desktop
  3. Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
  4. Internet Explorer (Version = 9.0.8112.16421)
  5. Locale: 0000041a | Country: Hrvatska | Language: HRV | Date Format: d.M.yyyy.
  6.  
  7. 1023,29 Mb Total Physical Memory | 178,66 Mb Available Physical Memory | 17,46% Memory free
  8. 2,00 Gb Paging File | 0,72 Gb Available in Paging File | 36,16% Paging File free
  9. Paging file location(s): ?:\pagefile.sys [binary data]
  10.  
  11. %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
  12. Drive C: | 39,06 Gb Total Space | 10,23 Gb Free Space | 26,20% Space Free | Partition Type: NTFS
  13. Drive D: | 221,35 Gb Total Space | 32,51 Gb Free Space | 14,69% Space Free | Partition Type: NTFS
  14.  
  15. Computer Name: KAHLINA-PC | User Name: kahlina | Logged in as Administrator.
  16. Boot Mode: Normal | Scan Mode: Current user | Quick Scan
  17. Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
  18.  
  19. [color=#E56717]========== Processes (SafeList) ==========[/color]
  20.  
  21. PRC - [2012.03.03 11:57:27 | 000,585,216 | ---- | M] (OldTimer Tools) -- C:\Users\kahlina\Desktop\OTL.exe
  22. PRC - [2012.01.20 19:16:56 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
  23. PRC - [2012.01.04 20:20:50 | 001,391,272 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
  24. PRC - [2011.12.24 13:39:37 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
  25. PRC - [2011.09.23 18:08:19 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
  26. PRC - [2011.09.23 18:01:09 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
  27. PRC - [2011.09.23 12:08:37 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
  28. PRC - [2011.09.23 11:38:21 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
  29. PRC - [2011.09.16 02:34:43 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
  30. PRC - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
  31. PRC - [2011.06.24 05:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
  32. PRC - [2011.05.21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
  33. PRC - [2011.05.21 06:01:00 | 000,839,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
  34. PRC - [2011.05.21 06:01:00 | 000,373,864 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
  35. PRC - [2011.03.28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
  36. PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
  37. PRC - [2010.11.20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
  38. PRC - [2010.09.21 02:42:38 | 000,064,048 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Player\hqtray.exe
  39. PRC - [2010.09.21 02:42:06 | 000,113,200 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Player\vmware-authd.exe
  40. PRC - [2010.09.21 02:41:38 | 000,334,384 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnetdhcp.exe
  41. PRC - [2010.09.21 02:41:34 | 000,404,016 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnat.exe
  42. PRC - [2010.09.21 01:42:44 | 000,539,184 | ---- | M] (VMware, Inc.) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
  43. PRC - [2010.04.17 06:12:38 | 003,872,080 | ---- | M] (Microsoft Corporation) -- C:\Windows.old\Program Files\Windows Live\Messenger\msnmsgr.exe
  44. PRC - [2009.12.20 00:00:00 | 006,095,504 | ---- | M] (MySQL AB) -- D:\Program Files\xampplite\mysql\bin\mysqld.exe
  45. PRC - [2009.12.20 00:00:00 | 000,029,416 | ---- | M] (Apache Software Foundation) -- D:\Program Files\xampplite\apache\bin\httpd.exe
  46. PRC - [2008.08.29 17:27:30 | 000,143,360 | ---- | M] (Vimicro Corporation) -- C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe
  47.  
  48.  
  49. [color=#E56717]========== Modules (No Company Name) ==========[/color]
  50.  
  51. MOD - [2012.03.03 11:55:45 | 000,065,024 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
  52. MOD - [2012.03.03 11:55:45 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
  53. MOD - [2012.02.23 13:11:52 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
  54. MOD - [2012.02.23 13:11:52 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
  55. MOD - [2011.05.28 22:04:56 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
  56. MOD - [2010.09.21 02:42:38 | 000,068,656 | ---- | M] () -- C:\Program Files\VMware\VMware Player\zlib1.dll
  57. MOD - [2010.09.21 02:42:20 | 000,970,288 | ---- | M] () -- C:\Program Files\VMware\VMware Player\libxml2.dll
  58.  
  59.  
  60. [color=#E56717]========== Win32 Services (SafeList) ==========[/color]
  61.  
  62. SRV - [2011.12.24 17:47:16 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
  63. SRV - [2011.09.23 18:08:19 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
  64. SRV - [2011.09.23 18:01:09 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
  65. SRV - [2011.09.23 12:08:37 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
  66. SRV - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
  67. SRV - [2011.05.21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
  68. SRV - [2011.04.01 11:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
  69. SRV - [2011.03.28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
  70. SRV - [2010.09.21 02:42:06 | 000,113,200 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
  71. SRV - [2010.09.21 02:41:38 | 000,334,384 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnetdhcp.exe -- (VMnetDHCP)
  72. SRV - [2010.09.21 02:41:34 | 000,404,016 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnat.exe -- (VMware NAT Service)
  73. SRV - [2010.09.21 01:42:44 | 000,539,184 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
  74. SRV - [2010.08.19 13:57:14 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Player\vmware-ufad.exe -- (ufad-ws60)
  75. SRV - [2009.12.20 00:00:00 | 006,095,504 | ---- | M] (MySQL AB) [Auto | Running] -- D:\Program Files\xampplite\mysql\bin\mysqld.exe -- (MySQL)
  76. SRV - [2009.12.20 00:00:00 | 000,029,416 | ---- | M] (Apache Software Foundation) [Auto | Running] -- D:\Program Files\xampplite\apache\bin\httpd.exe -- (Apache2.2)
  77. SRV - [2009.07.14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
  78. SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
  79. SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
  80. SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
  81.  
  82.  
  83. [color=#E56717]========== Driver Services (SafeList) ==========[/color]
  84.  
  85. DRV - [2012.02.23 14:17:04 | 000,137,416 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
  86. DRV - [2011.09.15 23:55:04 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
  87. DRV - [2011.09.15 23:55:03 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
  88. DRV - [2011.07.22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
  89. DRV - [2011.07.12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
  90. DRV - [2011.05.21 06:01:00 | 010,589,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
  91. DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
  92. DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
  93. DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
  94. DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
  95. DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
  96. DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
  97. DRV - [2010.09.21 02:42:46 | 000,070,704 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmci.sys -- (vmci)
  98. DRV - [2010.09.21 02:42:44 | 000,854,064 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmx86.sys -- (vmx86)
  99. DRV - [2010.09.21 02:42:00 | 000,023,728 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmparport.sys -- (VMparport)
  100. DRV - [2010.09.21 02:41:08 | 000,024,624 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMkbd.sys -- (vmkbd)
  101. DRV - [2010.09.21 02:40:04 | 000,026,288 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetuserif.sys -- (VMnetuserif)
  102. DRV - [2010.09.21 01:42:32 | 000,032,304 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hcmon.sys -- (hcmon)
  103. DRV - [2010.09.20 23:18:14 | 000,036,400 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetbridge.sys -- (VMnetBridge)
  104. DRV - [2010.09.20 23:18:14 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmnetadapter.sys -- (VMnetAdapter)
  105. DRV - [2010.08.19 13:56:38 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\VMware\VMware Player\vstor2-ws60.sys -- (vstor2-ws60)
  106. DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
  107. DRV - [2009.07.14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
  108. DRV - [2009.07.13 23:02:53 | 000,044,032 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fetnd6.sys -- (FETNDIS)
  109. DRV - [2008.08.29 15:29:44 | 000,256,512 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMUVC.sys -- (VMUVC)
  110. DRV - [2008.07.01 11:12:32 | 000,398,720 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vvftUVC.sys -- (vvftUVC)
  111. DRV - [2004.08.13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
  112.  
  113.  
  114. [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
  115.  
  116.  
  117. [color=#E56717]========== Internet Explorer ==========[/color]
  118.  
  119. IE - HKLM\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
  120. IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
  121. IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
  122. IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
  123.  
  124. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2475029
  125. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
  126. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = hr
  127. IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 83 2F A2 FE 3C CE CC 01 [binary data]
  128. IE - HKCU\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
  129. IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
  130. IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
  131. IE - HKCU\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=60347
  132. IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
  133. IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
  134.  
  135. [color=#E56717]========== FireFox ==========[/color]
  136.  
  137.  
  138. FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
  139. FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
  140. FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
  141. FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
  142. FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
  143. FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
  144.  
  145. FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\ [2012.02.17 17:00:15 | 000,000,000 | ---D | M]
  146. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.17 16:51:01 | 000,000,000 | ---D | M]
  147. FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
  148.  
  149. [2011.12.23 13:06:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kahlina\AppData\Roaming\Mozilla\Extensions
  150. [2012.02.22 14:15:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kahlina\AppData\Roaming\Mozilla\Firefox\Profiles\yymrku32.default\extensions
  151. [2012.02.14 20:08:34 | 000,000,000 | ---D | M] (MyAshampoo Community Toolbar) -- C:\Users\kahlina\AppData\Roaming\Mozilla\Firefox\Profiles\yymrku32.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
  152. [2012.01.13 22:32:39 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\kahlina\AppData\Roaming\Mozilla\Firefox\Profiles\yymrku32.default\extensions\engine@conduit.com
  153. [2012.02.22 14:15:46 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Users\kahlina\AppData\Roaming\Mozilla\Firefox\Profiles\yymrku32.default\extensions\toolbar@ask.com
  154. [2011.12.23 13:06:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
  155. [2012.02.17 16:51:01 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
  156. [2012.02.12 23:12:39 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
  157. [2012.02.12 23:12:39 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
  158. [2007.07.26 12:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml
  159. [2012.02.12 23:12:39 | 000,000,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
  160. [2012.02.12 23:12:39 | 000,000,786 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eudict.xml
  161. [2012.02.12 23:12:39 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
  162. [2012.02.12 23:12:39 | 000,001,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-hr.xml
  163.  
  164. O1 HOSTS File: ([2012.02.15 16:48:31 | 000,441,346 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
  165. O1 - Hosts: 127.0.0.1 www.007guard.com
  166. O1 - Hosts: 127.0.0.1 007guard.com
  167. O1 - Hosts: 127.0.0.1 008i.com
  168. O1 - Hosts: 127.0.0.1 www.008k.com
  169. O1 - Hosts: 127.0.0.1 008k.com
  170. O1 - Hosts: 127.0.0.1 www.00hq.com
  171. O1 - Hosts: 127.0.0.1 00hq.com
  172. O1 - Hosts: 127.0.0.1 010402.com
  173. O1 - Hosts: 127.0.0.1 www.032439.com
  174. O1 - Hosts: 127.0.0.1 032439.com
  175. O1 - Hosts: 127.0.0.1 www.0scan.com
  176. O1 - Hosts: 127.0.0.1 0scan.com
  177. O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
  178. O1 - Hosts: 127.0.0.1 1000gratisproben.com
  179. O1 - Hosts: 127.0.0.1 1001namen.com
  180. O1 - Hosts: 127.0.0.1 www.1001namen.com
  181. O1 - Hosts: 127.0.0.1 100888290cs.com
  182. O1 - Hosts: 127.0.0.1 www.100888290cs.com
  183. O1 - Hosts: 127.0.0.1 www.100sexlinks.com
  184. O1 - Hosts: 127.0.0.1 100sexlinks.com
  185. O1 - Hosts: 127.0.0.1 www.10sek.com
  186. O1 - Hosts: 127.0.0.1 10sek.com
  187. O1 - Hosts: 127.0.0.1 www.1-2005-search.com
  188. O1 - Hosts: 127.0.0.1 1-2005-search.com
  189. O1 - Hosts: 127.0.0.1 www.123fporn.info
  190. O1 - Hosts: 15167 more lines...
  191. O2 - BHO: (&Crawler Toolbar Helper) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
  192. O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
  193. O2 - BHO: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
  194. O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
  195. O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
  196. O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
  197. O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
  198. O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
  199. O3 - HKLM\..\Toolbar: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
  200. O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
  201. O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
  202. O3 - HKCU\..\Toolbar\WebBrowser: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
  203. O3 - HKCU\..\Toolbar\WebBrowser: (MyAshampoo Toolbar) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - C:\Program Files\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
  204. O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
  205. O4 - HKLM..\Run: [] File not found
  206. O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
  207. O4 - HKLM..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui File not found
  208. O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
  209. O4 - HKLM..\Run: [VMonitorVMUVC] C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe (Vimicro Corporation)
  210. O4 - HKLM..\Run: [VMware hqtray] C:\Program Files\VMware\VMware Player\hqtray.exe (VMware, Inc.)
  211. O4 - HKCU..\Run: [msnmsgr] C:\Windows.old\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
  212. O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
  213. O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
  214. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
  215. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
  216. O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
  217. O8 - Extra context menu item: Crawler Search - tbr:iemenu File not found
  218. O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
  219. O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
  220. O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
  221. O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
  222. O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
  223. O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
  224. O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
  225. O13 - gopher Prefix: missing
  226. O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
  227. O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{83CD94C6-9D35-4B3C-8701-2FC2D15472D6}: DhcpNameServer = 192.168.1.1
  228. O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
  229. O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
  230. O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
  231. O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
  232. O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
  233. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
  234. O32 - HKLM CDRom: AutoRun - 1
  235. O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
  236. O34 - HKLM BootExecute: (autocheck autochk *)
  237. O35 - HKLM\..comfile [open] -- "%1" %*
  238. O35 - HKLM\..exefile [open] -- "%1" %*
  239. O37 - HKLM\...com [@ = comfile] -- "%1" %*
  240. O37 - HKLM\...exe [@ = exefile] -- "%1" %*
  241.  
  242. [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
  243.  
  244. [2012.03.03 11:57:23 | 000,585,216 | ---- | C] (OldTimer Tools) -- C:\Users\kahlina\Desktop\OTL.exe
  245. [2012.02.23 13:11:41 | 000,000,000 | ---D | C] -- C:\Users\kahlina\AppData\Roaming\SUPERAntiSpyware.com
  246. [2012.02.23 13:10:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
  247. [2012.02.23 13:10:48 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
  248. [2012.02.23 13:10:48 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
  249. [2012.02.22 16:58:49 | 000,000,000 | ---D | C] -- C:\Users\kahlina\AppData\Local\AskToolbar
  250. [2012.02.22 14:16:32 | 000,000,000 | ---D | C] -- C:\Users\kahlina\AppData\Roaming\Avira
  251. [2012.02.22 14:16:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
  252. [2012.02.22 14:15:34 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
  253. [2012.02.22 14:15:04 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
  254. [2012.02.22 14:15:02 | 000,137,416 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
  255. [2012.02.22 14:15:02 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
  256. [2012.02.22 14:15:02 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
  257. [2012.02.22 14:14:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
  258. [2012.02.22 14:14:59 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
  259. [2012.02.17 16:59:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler Toolbar
  260. [2012.02.17 16:59:40 | 000,000,000 | ---D | C] -- C:\Program Files\Crawler
  261. [2012.02.15 17:22:50 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
  262. [2012.02.15 16:37:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
  263. [2012.02.15 16:37:44 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
  264. [2012.02.15 12:00:59 | 000,334,384 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\vmnetdhcp.exe
  265. [2012.02.15 12:00:54 | 000,404,016 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\vmnat.exe
  266. [2012.02.15 12:00:53 | 000,026,288 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\drivers\vmnetuserif.sys
  267. [2012.02.15 12:00:47 | 000,760,368 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\vnetlib.dll
  268. [2012.02.15 12:00:33 | 000,024,624 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\drivers\VMkbd.sys
  269. [2012.02.15 12:00:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
  270. [2012.02.15 11:59:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VMware
  271. [2012.02.15 11:59:39 | 000,000,000 | ---D | C] -- C:\Program Files\VMware
  272. [2012.02.13 20:04:45 | 000,000,000 | ---D | C] -- C:\Users\kahlina\AppData\Local\NeoSmart_Technologies
  273. [2012.02.13 19:54:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies
  274. [2012.02.13 19:54:01 | 000,000,000 | ---D | C] -- C:\Program Files\NeoSmart Technologies
  275. [2012.02.13 17:25:12 | 000,000,000 | ---D | C] -- C:\Users\kahlina\AppData\Local\VMware
  276. [2012.02.13 17:25:04 | 000,000,000 | ---D | C] -- C:\Users\kahlina\AppData\Roaming\VMware
  277. [2012.02.13 17:17:19 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware
  278.  
  279. [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
  280.  
  281. [2012.03.03 11:57:27 | 000,585,216 | ---- | M] (OldTimer Tools) -- C:\Users\kahlina\Desktop\OTL.exe
  282. [2012.03.03 11:55:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
  283. [2012.03.03 11:55:12 | 804,745,216 | -HS- | M] () -- C:\hiberfil.sys
  284. [2012.03.03 10:44:59 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
  285. [2012.03.03 10:44:59 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
  286. [2012.02.27 13:58:43 | 000,028,421 | ---- | M] () -- C:\Users\kahlina\Desktop\books.jpg
  287. [2012.02.27 11:20:33 | 000,618,494 | ---- | M] () -- C:\Windows\System32\perfh009.dat
  288. [2012.02.27 11:20:33 | 000,107,400 | ---- | M] () -- C:\Windows\System32\perfc009.dat
  289. [2012.02.23 14:17:04 | 000,137,416 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
  290. [2012.02.23 13:10:52 | 000,001,961 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
  291. [2012.02.22 16:56:50 | 000,001,407 | ---- | M] () -- C:\Users\kahlina\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
  292. [2012.02.22 16:23:13 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
  293. [2012.02.22 14:16:08 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
  294. [2012.02.22 09:30:38 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
  295. [2012.02.21 18:22:53 | 000,102,209 | ---- | M] () -- C:\Users\kahlina\Desktop\Green_wallpaper_by_LoveIsLostForever.jpg
  296. [2012.02.15 17:52:50 | 000,409,752 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
  297. [2012.02.15 16:48:31 | 000,441,346 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
  298. [2012.02.15 12:01:55 | 000,000,985 | ---- | M] () -- C:\Users\kahlina\Application Data\Microsoft\Internet Explorer\Quick Launch\VMware Player.lnk
  299. [2012.02.15 12:00:26 | 000,001,024 | ---- | M] () -- C:\.rnd
  300. [2012.02.15 12:00:11 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\VMware Player.lnk
  301. [2012.02.13 19:54:02 | 000,001,171 | ---- | M] () -- C:\Users\Public\Desktop\EasyBCD 2.1.1.lnk
  302.  
  303. [color=#E56717]========== Files Created - No Company Name ==========[/color]
  304.  
  305. [2012.02.27 13:58:32 | 000,028,421 | ---- | C] () -- C:\Users\kahlina\Desktop\books.jpg
  306. [2012.02.23 13:10:52 | 000,001,961 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
  307. [2012.02.22 16:23:13 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
  308. [2012.02.22 14:16:08 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
  309. [2012.02.21 18:22:39 | 000,102,209 | ---- | C] () -- C:\Users\kahlina\Desktop\Green_wallpaper_by_LoveIsLostForever.jpg
  310. [2012.02.17 17:13:43 | 000,032,768 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
  311. [2012.02.15 12:01:55 | 000,000,985 | ---- | C] () -- C:\Users\kahlina\Application Data\Microsoft\Internet Explorer\Quick Launch\VMware Player.lnk
  312. [2012.02.15 12:00:11 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\VMware Player.lnk
  313. [2012.02.13 19:54:02 | 000,001,171 | ---- | C] () -- C:\Users\Public\Desktop\EasyBCD 2.1.1.lnk
  314. [2011.12.25 14:11:29 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
  315.  
  316. [color=#E56717]========== LOP Check ==========[/color]
  317.  
  318. [2012.01.13 22:35:19 | 000,000,000 | ---D | M] -- C:\Users\kahlina\AppData\Roaming\Ashampoo
  319. [2011.12.24 15:38:55 | 000,000,000 | ---D | M] -- C:\Users\kahlina\AppData\Roaming\BSplayer
  320. [2011.12.24 15:35:48 | 000,000,000 | ---D | M] -- C:\Users\kahlina\AppData\Roaming\BSplayer Pro
  321. [2011.12.23 13:25:54 | 000,000,000 | ---D | M] -- C:\Users\kahlina\AppData\Roaming\JGsoft
  322. [2012.01.11 20:12:48 | 000,000,000 | ---D | M] -- C:\Users\kahlina\AppData\Roaming\SQLyog
  323. [2012.03.03 11:55:37 | 000,000,000 | ---D | M] -- C:\Users\kahlina\AppData\Roaming\uTorrent
  324. [2012.02.01 15:01:57 | 000,000,000 | ---D | M] -- C:\Users\kahlina\AppData\Roaming\Windows Live Writer
  325. [2009.07.14 05:53:46 | 000,030,310 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
  326.  
  327. [color=#E56717]========== Purity Check ==========[/color]
  328.  
  329.  
  330.  
  331. < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!