Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- OTL logfile created on: 3.3.2012. 11:59:23 - Run 1
- OTL by OldTimer - Version 3.2.35.0 Folder = C:\Users\kahlina\Desktop
- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
- Internet Explorer (Version = 9.0.8112.16421)
- Locale: 0000041a | Country: Hrvatska | Language: HRV | Date Format: d.M.yyyy.
- 1023,29 Mb Total Physical Memory | 178,66 Mb Available Physical Memory | 17,46% Memory free
- 2,00 Gb Paging File | 0,72 Gb Available in Paging File | 36,16% Paging File free
- Paging file location(s): ?:\pagefile.sys [binary data]
- %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
- Drive C: | 39,06 Gb Total Space | 10,23 Gb Free Space | 26,20% Space Free | Partition Type: NTFS
- Drive D: | 221,35 Gb Total Space | 32,51 Gb Free Space | 14,69% Space Free | Partition Type: NTFS
- Computer Name: KAHLINA-PC | User Name: kahlina | Logged in as Administrator.
- Boot Mode: Normal | Scan Mode: Current user | Quick Scan
- Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
- [color=#E56717]========== Processes (SafeList) ==========[/color]
- PRC - [2012.03.03 11:57:27 | 000,585,216 | ---- | M] (OldTimer Tools) -- C:\Users\kahlina\Desktop\OTL.exe
- PRC - [2012.01.20 19:16:56 | 004,617,600 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
- PRC - [2012.01.04 20:20:50 | 001,391,272 | ---- | M] (Ask) -- C:\Program Files\Ask.com\Updater\Updater.exe
- PRC - [2011.12.24 13:39:37 | 000,399,736 | ---- | M] (BitTorrent, Inc.) -- C:\Program Files\uTorrent\uTorrent.exe
- PRC - [2011.09.23 18:08:19 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
- PRC - [2011.09.23 18:01:09 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
- PRC - [2011.09.23 12:08:37 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avwebgrd.exe
- PRC - [2011.09.23 11:38:21 | 000,258,512 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
- PRC - [2011.09.16 02:34:43 | 000,080,336 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
- PRC - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) -- C:\Program Files\SUPERAntiSpyware\SASCore.exe
- PRC - [2011.06.24 05:22:20 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
- PRC - [2011.05.21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
- PRC - [2011.05.21 06:01:00 | 000,839,272 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
- PRC - [2011.05.21 06:01:00 | 000,373,864 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
- PRC - [2011.03.28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
- PRC - [2011.02.25 06:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
- PRC - [2010.11.20 13:17:47 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
- PRC - [2010.09.21 02:42:38 | 000,064,048 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Player\hqtray.exe
- PRC - [2010.09.21 02:42:06 | 000,113,200 | ---- | M] (VMware, Inc.) -- C:\Program Files\VMware\VMware Player\vmware-authd.exe
- PRC - [2010.09.21 02:41:38 | 000,334,384 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnetdhcp.exe
- PRC - [2010.09.21 02:41:34 | 000,404,016 | ---- | M] (VMware, Inc.) -- C:\Windows\System32\vmnat.exe
- PRC - [2010.09.21 01:42:44 | 000,539,184 | ---- | M] (VMware, Inc.) -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe
- PRC - [2010.04.17 06:12:38 | 003,872,080 | ---- | M] (Microsoft Corporation) -- C:\Windows.old\Program Files\Windows Live\Messenger\msnmsgr.exe
- PRC - [2009.12.20 00:00:00 | 006,095,504 | ---- | M] (MySQL AB) -- D:\Program Files\xampplite\mysql\bin\mysqld.exe
- PRC - [2009.12.20 00:00:00 | 000,029,416 | ---- | M] (Apache Software Foundation) -- D:\Program Files\xampplite\apache\bin\httpd.exe
- PRC - [2008.08.29 17:27:30 | 000,143,360 | ---- | M] (Vimicro Corporation) -- C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe
- [color=#E56717]========== Modules (No Company Name) ==========[/color]
- MOD - [2012.03.03 11:55:45 | 000,065,024 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll
- MOD - [2012.03.03 11:55:45 | 000,052,736 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10007.dll
- MOD - [2012.02.23 13:11:52 | 000,117,760 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL
- MOD - [2012.02.23 13:11:52 | 000,052,224 | ---- | M] () -- C:\ProgramData\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll
- MOD - [2011.05.28 22:04:56 | 000,140,288 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
- MOD - [2010.09.21 02:42:38 | 000,068,656 | ---- | M] () -- C:\Program Files\VMware\VMware Player\zlib1.dll
- MOD - [2010.09.21 02:42:20 | 000,970,288 | ---- | M] () -- C:\Program Files\VMware\VMware Player\libxml2.dll
- [color=#E56717]========== Win32 Services (SafeList) ==========[/color]
- SRV - [2011.12.24 17:47:16 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
- SRV - [2011.09.23 18:08:19 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
- SRV - [2011.09.23 18:01:09 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
- SRV - [2011.09.23 12:08:37 | 000,463,824 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
- SRV - [2011.08.12 00:38:07 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE.EXE -- (!SASCORE)
- SRV - [2011.05.21 06:01:00 | 002,214,504 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
- SRV - [2011.04.01 11:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
- SRV - [2011.03.28 11:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
- SRV - [2010.09.21 02:42:06 | 000,113,200 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
- SRV - [2010.09.21 02:41:38 | 000,334,384 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnetdhcp.exe -- (VMnetDHCP)
- SRV - [2010.09.21 02:41:34 | 000,404,016 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\System32\vmnat.exe -- (VMware NAT Service)
- SRV - [2010.09.21 01:42:44 | 000,539,184 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files\Common Files\VMware\USB\vmware-usbarbitrator.exe -- (VMUSBArbService)
- SRV - [2010.08.19 13:57:14 | 000,191,024 | ---- | M] (VMware, Inc.) [On_Demand | Stopped] -- C:\Program Files\VMware\VMware Player\vmware-ufad.exe -- (ufad-ws60)
- SRV - [2009.12.20 00:00:00 | 006,095,504 | ---- | M] (MySQL AB) [Auto | Running] -- D:\Program Files\xampplite\mysql\bin\mysqld.exe -- (MySQL)
- SRV - [2009.12.20 00:00:00 | 000,029,416 | ---- | M] (Apache Software Foundation) [Auto | Running] -- D:\Program Files\xampplite\apache\bin\httpd.exe -- (Apache2.2)
- SRV - [2009.07.14 02:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
- SRV - [2009.07.14 02:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
- SRV - [2009.07.14 02:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
- SRV - [2009.07.14 02:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
- [color=#E56717]========== Driver Services (SafeList) ==========[/color]
- DRV - [2012.02.23 14:17:04 | 000,137,416 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avipbb.sys -- (avipbb)
- DRV - [2011.09.15 23:55:04 | 000,036,000 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\avkmgr.sys -- (avkmgr)
- DRV - [2011.09.15 23:55:03 | 000,074,640 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\System32\drivers\avgntflt.sys -- (avgntflt)
- DRV - [2011.07.22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
- DRV - [2011.07.12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
- DRV - [2011.05.21 06:01:00 | 010,589,800 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
- DRV - [2010.11.20 13:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmbus.sys -- (vmbus)
- DRV - [2010.11.20 13:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\drivers\vmstorfl.sys -- (storflt)
- DRV - [2010.11.20 13:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\storvsc.sys -- (storvsc)
- DRV - [2010.11.20 11:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
- DRV - [2010.11.20 10:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\VMBusHID.sys -- (VMBusHID)
- DRV - [2010.11.20 10:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\drivers\vms3cap.sys -- (s3cap)
- DRV - [2010.09.21 02:42:46 | 000,070,704 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmci.sys -- (vmci)
- DRV - [2010.09.21 02:42:44 | 000,854,064 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmx86.sys -- (vmx86)
- DRV - [2010.09.21 02:42:00 | 000,023,728 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmparport.sys -- (VMparport)
- DRV - [2010.09.21 02:41:08 | 000,024,624 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VMkbd.sys -- (vmkbd)
- DRV - [2010.09.21 02:40:04 | 000,026,288 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetuserif.sys -- (VMnetuserif)
- DRV - [2010.09.21 01:42:32 | 000,032,304 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\hcmon.sys -- (hcmon)
- DRV - [2010.09.20 23:18:14 | 000,036,400 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\vmnetbridge.sys -- (VMnetBridge)
- DRV - [2010.09.20 23:18:14 | 000,016,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vmnetadapter.sys -- (VMnetAdapter)
- DRV - [2010.08.19 13:56:38 | 000,022,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Program Files\VMware\VMware Player\vstor2-ws60.sys -- (vstor2-ws60)
- DRV - [2010.06.17 15:14:27 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\System32\drivers\ssmdrv.sys -- (ssmdrv)
- DRV - [2009.07.14 00:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
- DRV - [2009.07.13 23:02:53 | 000,044,032 | ---- | M] (VIA Technologies, Inc. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fetnd6.sys -- (FETNDIS)
- DRV - [2008.08.29 15:29:44 | 000,256,512 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMUVC.sys -- (VMUVC)
- DRV - [2008.07.01 11:12:32 | 000,398,720 | ---- | M] (Vimicro Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vvftUVC.sys -- (vvftUVC)
- DRV - [2004.08.13 09:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)
- [color=#E56717]========== Standard Registry (SafeList) ==========[/color]
- [color=#E56717]========== Internet Explorer ==========[/color]
- IE - HKLM\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
- IE - HKLM\..\SearchScopes,DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b}
- IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
- IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
- IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT2475029
- IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
- IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = hr
- IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 83 2F A2 FE 3C CE CC 01 [binary data]
- IE - HKCU\..\URLSearchHook: {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
- IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
- IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
- IE - HKCU\..\SearchScopes\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}: "URL" = http://www.crawler.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=60347
- IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2475029
- IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
- [color=#E56717]========== FireFox ==========[/color]
- FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32.dll ()
- FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
- FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
- FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
- FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
- FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
- FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4B3803EA-5230-4DC3-A7FC-33638F3D3542}: C:\Program Files\Crawler\Toolbar\firefox\ [2012.02.17 17:00:15 | 000,000,000 | ---D | M]
- FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.02.17 16:51:01 | 000,000,000 | ---D | M]
- FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
- [2011.12.23 13:06:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kahlina\AppData\Roaming\Mozilla\Extensions
- [2012.02.22 14:15:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\kahlina\AppData\Roaming\Mozilla\Firefox\Profiles\yymrku32.default\extensions
- [2012.02.14 20:08:34 | 000,000,000 | ---D | M] (MyAshampoo Community Toolbar) -- C:\Users\kahlina\AppData\Roaming\Mozilla\Firefox\Profiles\yymrku32.default\extensions\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}
- [2012.01.13 22:32:39 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\kahlina\AppData\Roaming\Mozilla\Firefox\Profiles\yymrku32.default\extensions\engine@conduit.com
- [2012.02.22 14:15:46 | 000,000,000 | ---D | M] (Avira SearchFree Toolbar plus Web Protection) -- C:\Users\kahlina\AppData\Roaming\Mozilla\Firefox\Profiles\yymrku32.default\extensions\toolbar@ask.com
- [2011.12.23 13:06:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
- [2012.02.17 16:51:01 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
- [2012.02.12 23:12:39 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
- [2012.02.12 23:12:39 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
- [2007.07.26 12:05:16 | 000,001,329 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\crawlersrch.xml
- [2012.02.12 23:12:39 | 000,000,769 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
- [2012.02.12 23:12:39 | 000,000,786 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eudict.xml
- [2012.02.12 23:12:39 | 000,002,040 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\twitter.xml
- [2012.02.12 23:12:39 | 000,001,193 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-hr.xml
- O1 HOSTS File: ([2012.02.15 16:48:31 | 000,441,346 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
- O1 - Hosts: 127.0.0.1 www.007guard.com
- O1 - Hosts: 127.0.0.1 007guard.com
- O1 - Hosts: 127.0.0.1 008i.com
- O1 - Hosts: 127.0.0.1 www.008k.com
- O1 - Hosts: 127.0.0.1 008k.com
- O1 - Hosts: 127.0.0.1 www.00hq.com
- O1 - Hosts: 127.0.0.1 00hq.com
- O1 - Hosts: 127.0.0.1 010402.com
- O1 - Hosts: 127.0.0.1 www.032439.com
- O1 - Hosts: 127.0.0.1 032439.com
- O1 - Hosts: 127.0.0.1 www.0scan.com
- O1 - Hosts: 127.0.0.1 0scan.com
- O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
- O1 - Hosts: 127.0.0.1 1000gratisproben.com
- O1 - Hosts: 127.0.0.1 1001namen.com
- O1 - Hosts: 127.0.0.1 www.1001namen.com
- O1 - Hosts: 127.0.0.1 100888290cs.com
- O1 - Hosts: 127.0.0.1 www.100888290cs.com
- O1 - Hosts: 127.0.0.1 www.100sexlinks.com
- O1 - Hosts: 127.0.0.1 100sexlinks.com
- O1 - Hosts: 127.0.0.1 www.10sek.com
- O1 - Hosts: 127.0.0.1 10sek.com
- O1 - Hosts: 127.0.0.1 www.1-2005-search.com
- O1 - Hosts: 127.0.0.1 1-2005-search.com
- O1 - Hosts: 127.0.0.1 www.123fporn.info
- O1 - Hosts: 15167 more lines...
- O2 - BHO: (&Crawler Toolbar Helper) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
- O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
- O2 - BHO: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
- O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
- O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
- O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
- O3 - HKLM\..\Toolbar: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
- O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
- O3 - HKLM\..\Toolbar: (MyAshampoo Toolbar) - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
- O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
- O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files\ConduitEngine\ConduitEngine.dll (Conduit Ltd.)
- O3 - HKCU\..\Toolbar\WebBrowser: (&Crawler Toolbar) - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
- O3 - HKCU\..\Toolbar\WebBrowser: (MyAshampoo Toolbar) - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - C:\Program Files\MyAshampoo\tbMyAs.dll (Conduit Ltd.)
- O3 - HKCU\..\Toolbar\WebBrowser: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
- O4 - HKLM..\Run: [] File not found
- O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
- O4 - HKLM..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui File not found
- O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
- O4 - HKLM..\Run: [VMonitorVMUVC] C:\Program Files\Vimicro Corporation\VMUVC\VMonitor.exe (Vimicro Corporation)
- O4 - HKLM..\Run: [VMware hqtray] C:\Program Files\VMware\VMware Player\hqtray.exe (VMware, Inc.)
- O4 - HKCU..\Run: [msnmsgr] C:\Windows.old\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
- O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
- O4 - HKCU..\Run: [uTorrent] C:\Program Files\uTorrent\uTorrent.exe (BitTorrent, Inc.)
- O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
- O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
- O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
- O8 - Extra context menu item: Crawler Search - tbr:iemenu File not found
- O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
- O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
- O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
- O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
- O10 - Protocol_Catalog9\Catalog_Entries\000000000035 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
- O10 - Protocol_Catalog9\Catalog_Entries\000000000036 - C:\Program Files\VMware\VMware Player\vsocklib.dll (VMware, Inc.)
- O10 - Protocol_Catalog9\Catalog_Entries\000000000037 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
- O13 - gopher Prefix: missing
- O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
- O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{83CD94C6-9D35-4B3C-8701-2FC2D15472D6}: DhcpNameServer = 192.168.1.1
- O18 - Protocol\Handler\tbr {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\Program Files\Crawler\Toolbar\ctbr.dll (Crawler.com)
- O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
- O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
- O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
- O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
- O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
- O32 - HKLM CDRom: AutoRun - 1
- O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
- O34 - HKLM BootExecute: (autocheck autochk *)
- O35 - HKLM\..comfile [open] -- "%1" %*
- O35 - HKLM\..exefile [open] -- "%1" %*
- O37 - HKLM\...com [@ = comfile] -- "%1" %*
- O37 - HKLM\...exe [@ = exefile] -- "%1" %*
- [color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
- [2012.03.03 11:57:23 | 000,585,216 | ---- | C] (OldTimer Tools) -- C:\Users\kahlina\Desktop\OTL.exe
- [2012.02.23 13:11:41 | 000,000,000 | ---D | C] -- C:\Users\kahlina\AppData\Roaming\SUPERAntiSpyware.com
- [2012.02.23 13:10:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
- [2012.02.23 13:10:48 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com
- [2012.02.23 13:10:48 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
- [2012.02.22 16:58:49 | 000,000,000 | ---D | C] -- C:\Users\kahlina\AppData\Local\AskToolbar
- [2012.02.22 14:16:32 | 000,000,000 | ---D | C] -- C:\Users\kahlina\AppData\Roaming\Avira
- [2012.02.22 14:16:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
- [2012.02.22 14:15:34 | 000,000,000 | ---D | C] -- C:\Program Files\Ask.com
- [2012.02.22 14:15:04 | 000,028,520 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\ssmdrv.sys
- [2012.02.22 14:15:02 | 000,137,416 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
- [2012.02.22 14:15:02 | 000,074,640 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avgntflt.sys
- [2012.02.22 14:15:02 | 000,036,000 | ---- | C] (Avira GmbH) -- C:\Windows\System32\drivers\avkmgr.sys
- [2012.02.22 14:14:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
- [2012.02.22 14:14:59 | 000,000,000 | ---D | C] -- C:\Program Files\Avira
- [2012.02.17 16:59:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crawler Toolbar
- [2012.02.17 16:59:40 | 000,000,000 | ---D | C] -- C:\Program Files\Crawler
- [2012.02.15 17:22:50 | 000,000,000 | -HSD | C] -- C:\Windows\System32\%APPDATA%
- [2012.02.15 16:37:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
- [2012.02.15 16:37:44 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
- [2012.02.15 12:00:59 | 000,334,384 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\vmnetdhcp.exe
- [2012.02.15 12:00:54 | 000,404,016 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\vmnat.exe
- [2012.02.15 12:00:53 | 000,026,288 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\drivers\vmnetuserif.sys
- [2012.02.15 12:00:47 | 000,760,368 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\vnetlib.dll
- [2012.02.15 12:00:33 | 000,024,624 | ---- | C] (VMware, Inc.) -- C:\Windows\System32\drivers\VMkbd.sys
- [2012.02.15 12:00:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
- [2012.02.15 11:59:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\VMware
- [2012.02.15 11:59:39 | 000,000,000 | ---D | C] -- C:\Program Files\VMware
- [2012.02.13 20:04:45 | 000,000,000 | ---D | C] -- C:\Users\kahlina\AppData\Local\NeoSmart_Technologies
- [2012.02.13 19:54:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NeoSmart Technologies
- [2012.02.13 19:54:01 | 000,000,000 | ---D | C] -- C:\Program Files\NeoSmart Technologies
- [2012.02.13 17:25:12 | 000,000,000 | ---D | C] -- C:\Users\kahlina\AppData\Local\VMware
- [2012.02.13 17:25:04 | 000,000,000 | ---D | C] -- C:\Users\kahlina\AppData\Roaming\VMware
- [2012.02.13 17:17:19 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware
- [color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
- [2012.03.03 11:57:27 | 000,585,216 | ---- | M] (OldTimer Tools) -- C:\Users\kahlina\Desktop\OTL.exe
- [2012.03.03 11:55:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
- [2012.03.03 11:55:12 | 804,745,216 | -HS- | M] () -- C:\hiberfil.sys
- [2012.03.03 10:44:59 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
- [2012.03.03 10:44:59 | 000,014,976 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
- [2012.02.27 13:58:43 | 000,028,421 | ---- | M] () -- C:\Users\kahlina\Desktop\books.jpg
- [2012.02.27 11:20:33 | 000,618,494 | ---- | M] () -- C:\Windows\System32\perfh009.dat
- [2012.02.27 11:20:33 | 000,107,400 | ---- | M] () -- C:\Windows\System32\perfc009.dat
- [2012.02.23 14:17:04 | 000,137,416 | ---- | M] (Avira GmbH) -- C:\Windows\System32\drivers\avipbb.sys
- [2012.02.23 13:10:52 | 000,001,961 | ---- | M] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
- [2012.02.22 16:56:50 | 000,001,407 | ---- | M] () -- C:\Users\kahlina\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
- [2012.02.22 16:23:13 | 000,072,822 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
- [2012.02.22 14:16:08 | 000,002,012 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
- [2012.02.22 09:30:38 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
- [2012.02.21 18:22:53 | 000,102,209 | ---- | M] () -- C:\Users\kahlina\Desktop\Green_wallpaper_by_LoveIsLostForever.jpg
- [2012.02.15 17:52:50 | 000,409,752 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
- [2012.02.15 16:48:31 | 000,441,346 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
- [2012.02.15 12:01:55 | 000,000,985 | ---- | M] () -- C:\Users\kahlina\Application Data\Microsoft\Internet Explorer\Quick Launch\VMware Player.lnk
- [2012.02.15 12:00:26 | 000,001,024 | ---- | M] () -- C:\.rnd
- [2012.02.15 12:00:11 | 000,001,989 | ---- | M] () -- C:\Users\Public\Desktop\VMware Player.lnk
- [2012.02.13 19:54:02 | 000,001,171 | ---- | M] () -- C:\Users\Public\Desktop\EasyBCD 2.1.1.lnk
- [color=#E56717]========== Files Created - No Company Name ==========[/color]
- [2012.02.27 13:58:32 | 000,028,421 | ---- | C] () -- C:\Users\kahlina\Desktop\books.jpg
- [2012.02.23 13:10:52 | 000,001,961 | ---- | C] () -- C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
- [2012.02.22 16:23:13 | 000,072,822 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
- [2012.02.22 14:16:08 | 000,002,012 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
- [2012.02.21 18:22:39 | 000,102,209 | ---- | C] () -- C:\Users\kahlina\Desktop\Green_wallpaper_by_LoveIsLostForever.jpg
- [2012.02.17 17:13:43 | 000,032,768 | ---- | C] () -- C:\Windows\System32\drivers\sp_rsdrv2.sys
- [2012.02.15 12:01:55 | 000,000,985 | ---- | C] () -- C:\Users\kahlina\Application Data\Microsoft\Internet Explorer\Quick Launch\VMware Player.lnk
- [2012.02.15 12:00:11 | 000,001,989 | ---- | C] () -- C:\Users\Public\Desktop\VMware Player.lnk
- [2012.02.13 19:54:02 | 000,001,171 | ---- | C] () -- C:\Users\Public\Desktop\EasyBCD 2.1.1.lnk
- [2011.12.25 14:11:29 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
- [color=#E56717]========== LOP Check ==========[/color]
- [2012.01.13 22:35:19 | 000,000,000 | ---D | M] -- C:\Users\kahlina\AppData\Roaming\Ashampoo
- [2011.12.24 15:38:55 | 000,000,000 | ---D | M] -- C:\Users\kahlina\AppData\Roaming\BSplayer
- [2011.12.24 15:35:48 | 000,000,000 | ---D | M] -- C:\Users\kahlina\AppData\Roaming\BSplayer Pro
- [2011.12.23 13:25:54 | 000,000,000 | ---D | M] -- C:\Users\kahlina\AppData\Roaming\JGsoft
- [2012.01.11 20:12:48 | 000,000,000 | ---D | M] -- C:\Users\kahlina\AppData\Roaming\SQLyog
- [2012.03.03 11:55:37 | 000,000,000 | ---D | M] -- C:\Users\kahlina\AppData\Roaming\uTorrent
- [2012.02.01 15:01:57 | 000,000,000 | ---D | M] -- C:\Users\kahlina\AppData\Roaming\Windows Live Writer
- [2009.07.14 05:53:46 | 000,030,310 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
- [color=#E56717]========== Purity Check ==========[/color]
- < End of report >
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement