Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Having lots of problems [Closed]

Started by tinksayshi , Jan 04 2015 11:58 AM

  • This topic is locked This topic is locked

#1
tinksayshi
Posted 04 January 2015 - 11:58 AM

tinksayshi

    New Member

  • Member
  • Pip
  • 1 posts
OTL logfile created on: 1/4/2015 10:35:01 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = D:\Users\Tink\Downloads
Windows Vista Home Premium Edition  (Version = 6.0.6000) - Type = NTWorkstation
Internet Explorer (Version = 7.0.6000.16386)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
2.97 Gb Total Physical Memory | 1.14 Gb Available Physical Memory | 38.61% Memory free
6.13 Gb Paging File | 4.30 Gb Available in Paging File | 70.16% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = D: | %SystemRoot% = D:\Windows | %ProgramFiles% = D:\Program Files
Drive C: | 342.02 Gb Total Space | 251.33 Gb Free Space | 73.48% Space Free | Partition Type: NTFS
Drive D: | 341.97 Gb Total Space | 267.77 Gb Free Space | 78.30% Space Free | Partition Type: NTFS
 
Computer Name: TINK-PC | User Name: Tink | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2015/01/04 10:23:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Users\Tink\Downloads\OTL.exe
PRC - [2014/12/28 19:22:53 | 005,226,600 | ---- | M] (AVAST Software) -- D:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/12/28 19:22:24 | 000,050,344 | ---- | M] (AVAST Software) -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/12/28 19:22:03 | 000,104,416 | ---- | M] (AVAST Software) -- D:\Program Files\AVAST Software\Avast\afwServ.exe
PRC - [2014/12/28 16:49:11 | 001,006,264 | ---- | M] (Microsoft Corporation) -- D:\Program Files\Windows Defender\MSASCui.exe
PRC - [2014/12/28 16:16:12 | 002,923,520 | ---- | M] (Microsoft Corporation) -- D:\Windows\explorer.exe
PRC - [2014/12/17 09:03:23 | 000,535,160 | ---- | M] () -- D:\Program Files\Opera\26.0.1656.60\opera_crashreporter.exe
PRC - [2014/12/17 09:03:22 | 050,337,912 | ---- | M] (Opera Software) -- D:\Program Files\Opera\26.0.1656.60\opera.exe
PRC - [2014/12/14 09:48:39 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) -- D:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe
PRC - [2014/11/17 15:24:36 | 005,817,216 | ---- | M] (PC Drivers Headquarters) -- D:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe
PRC - [2014/10/15 14:15:08 | 000,154,096 | ---- | M] (Coupons.com Inc.) -- D:\Program Files\Coupons\CouponPrinterService.exe
PRC - [2014/06/27 11:52:26 | 002,088,408 | ---- | M] (Safer-Networking Ltd.) -- D:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2014/06/24 10:42:12 | 004,101,576 | ---- | M] (Safer-Networking Ltd.) -- D:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2014/06/24 10:41:42 | 001,738,168 | ---- | M] (Safer-Networking Ltd.) -- D:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2014/04/25 14:12:20 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- D:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013/12/09 17:01:52 | 008,385,240 | ---- | M] () -- D:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
PRC - [2013/11/11 15:10:40 | 000,307,928 | ---- | M] () -- D:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
PRC - [2006/11/02 02:44:50 | 000,088,064 | ---- | M] (Microsoft Corporation) -- D:\Windows\System32\audiodg.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/12/28 19:22:32 | 038,562,088 | ---- | M] () -- D:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/12/28 17:48:40 | 005,450,752 | ---- | M] () -- D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\7208ffa39630e9b923331f9df0947a12\System.Xml.ni.dll
MOD - [2014/12/28 17:48:28 | 012,430,848 | ---- | M] () -- D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\1941d7639299344ae28fb6b23da65247\System.Windows.Forms.ni.dll
MOD - [2014/12/28 17:48:20 | 001,587,200 | ---- | M] () -- D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6312464f64727a2a50d5ce3fd73ad1bb\System.Drawing.ni.dll
MOD - [2014/12/28 17:48:11 | 006,616,576 | ---- | M] () -- D:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\813556b5a2722045b0ea14467fd00227\System.Data.ni.dll
MOD - [2014/12/28 17:47:34 | 007,868,416 | ---- | M] () -- D:\Windows\assembly\NativeImages_v2.0.50727_32\System\52e1ea3c7491e05cda766d7b3ce3d559\System.ni.dll
MOD - [2014/12/28 17:47:29 | 011,486,720 | ---- | M] () -- D:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\17f572b09facdc5fda9431558eb7a26e\mscorlib.ni.dll
MOD - [2014/12/28 13:57:20 | 005,242,880 | ---- | M] () -- D:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
MOD - [2014/12/28 13:56:13 | 000,425,984 | ---- | M] () -- D:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2014/12/28 13:56:11 | 000,372,736 | ---- | M] () -- D:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2014/12/28 13:56:11 | 000,303,104 | ---- | M] () -- D:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2014/12/28 13:56:10 | 000,839,680 | ---- | M] () -- D:\Windows\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
MOD - [2014/12/28 13:55:29 | 002,933,248 | ---- | M] () -- D:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2014/12/17 09:03:24 | 009,312,888 | ---- | M] () -- D:\Program Files\Opera\26.0.1656.60\pdf.dll
MOD - [2014/12/17 09:03:23 | 000,535,160 | ---- | M] () -- D:\Program Files\Opera\26.0.1656.60\opera_crashreporter.exe
MOD - [2014/12/17 09:03:16 | 000,991,352 | ---- | M] () -- D:\Program Files\Opera\26.0.1656.60\ffmpegsumo.dll
MOD - [2014/11/17 15:24:50 | 000,321,912 | ---- | M] () -- D:\Program Files\PC Drivers HeadQuarters\Driver Detective\Agent.Common.XmlSerializers.dll
MOD - [2014/11/17 15:24:39 | 000,461,192 | ---- | M] () -- D:\Program Files\PC Drivers HeadQuarters\Driver Detective\Agent.Communication.XmlSerializers.dll
MOD - [2014/11/17 15:24:29 | 000,819,560 | ---- | M] () -- D:\Program Files\PC Drivers HeadQuarters\Driver Detective\ThemePack.Default.dll
MOD - [2014/10/17 10:35:46 | 000,067,960 | ---- | M] () -- D:\Program Files\PC Drivers HeadQuarters\Driver Detective\RuleEngine.XmlSerializers.dll
MOD - [2014/10/11 12:06:16 | 000,073,544 | ---- | M] () -- D:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/10/11 12:05:58 | 001,044,776 | ---- | M] () -- D:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/05/13 12:04:48 | 000,167,768 | ---- | M] () -- D:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2014/05/13 12:04:46 | 000,109,400 | ---- | M] () -- D:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2014/05/13 12:04:42 | 000,416,600 | ---- | M] () -- D:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2013/12/09 17:01:52 | 008,385,240 | ---- | M] () -- D:\Program Files\NETGEAR\WNDA3100v2\WNDA3100v2.exe
MOD - [2013/11/01 17:31:02 | 000,278,528 | ---- | M] () -- D:\Program Files\NETGEAR\WNDA3100v2\WifiSvcLib.dll
 
 
========== Services (SafeList) ==========
 
SRV - File not found [Auto | Running] -- D:\Program Files\Spybot -- (SDWSCService)
SRV - File not found [Auto | Running] -- D:\Program Files\Spybot -- (SDUpdateService)
SRV - File not found [Auto | Running] -- D:\Program Files\Spybot -- (SDScannerService)
SRV - [2014/12/28 19:22:24 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- D:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/12/28 19:22:03 | 000,104,416 | ---- | M] (AVAST Software) [Auto | Running] -- D:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV - [2014/12/28 16:49:11 | 000,265,912 | ---- | M] (Microsoft Corporation) [Auto | Running] -- D:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2014/12/14 09:48:39 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- D:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/10/15 14:15:08 | 000,154,096 | ---- | M] (Coupons.com Inc.) [Auto | Running] -- D:\Program Files\Coupons\CouponPrinterService.exe -- (CouponPrinterService)
SRV - [2013/11/11 15:10:40 | 000,307,928 | ---- | M] () [Auto | Running] -- D:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe -- (WSWNDA3100v2)
 
 
========== Driver Services (SafeList) ==========
 
DRV - File not found [Kernel | On_Demand | Stopped] -- D:\Windows\system32\drivers\usbstor.sys -- (USBSTOR)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | Disabled | Stopped] -- D:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - [2014/12/28 19:22:55 | 000,787,800 | ---- | M] (AVAST Software) [File_System | System | Running] -- D:\Windows\System32\drivers\aswsnx.sys -- (aswSnx)
DRV - [2014/12/28 19:22:51 | 000,423,784 | ---- | M] (AVAST Software) [File_System | System | Running] -- D:\Windows\System32\drivers\aswsp.sys -- (aswSP)
DRV - [2014/12/28 19:22:35 | 000,206,248 | ---- | M] () [Kernel | Boot | Running] -- D:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/12/28 19:22:35 | 000,070,384 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- D:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/12/28 19:22:35 | 000,057,928 | ---- | M] (AVAST Software) [Kernel | System | Running] -- D:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2014/12/28 19:22:35 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- D:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/12/28 19:22:35 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- D:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2014/12/28 19:22:34 | 000,055,240 | ---- | M] (AVAST Software) [Kernel | System | Running] -- D:\Windows\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2014/12/28 19:22:19 | 000,026,136 | ---- | M] (AVAST Software) [Kernel | System | Running] -- D:\Windows\System32\drivers\aswKbd.sys -- (aswKbd)
DRV - [2014/12/28 19:22:03 | 000,253,640 | ---- | M] (AVAST Software) [Kernel | Boot | Running] -- D:\Windows\System32\drivers\aswNdis2.sys -- (aswNdis2)
DRV - [2014/12/28 19:10:42 | 000,012,112 | ---- | M] (ALWIL Software) [Kernel | Boot | Running] -- D:\Windows\System32\drivers\aswNdis.sys -- (aswNdis)
DRV - [2014/11/15 21:44:31 | 000,232,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\e1y6032.sys -- (e1yexpress)
DRV - [2014/09/16 22:24:00 | 000,214,232 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV - [2011/12/12 17:37:00 | 001,074,944 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\bcmwlhigh6.sys -- (BCMH43XX)
DRV - [2010/03/15 07:44:48 | 000,127,488 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- D:\Windows\System32\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV - [2010/02/03 11:20:32 | 000,050,704 | ---- | M] (CACE Technologies, Inc.) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\npf.sys -- (NPF)
DRV - [2007/01/19 18:20:54 | 000,021,728 | R--- | M] (Windows ® Codename Longhorn DDK provider) [Kernel | Boot | Running] -- D:\Windows\System32\drivers\SCMNdisP.sys -- (SCMNdisP)
DRV - [2006/11/02 02:15:23 | 000,016,896 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- D:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.co...ast&type=agc511
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo...p={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...ast&type=agc511
IE - HKLM\..\SearchScopes,DefaultScope = {9CB96984-43C3-4D44-90EF-01466EFCF7BB}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKLM\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = https://search.yahoo...p={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.yahoo.co...ast&type=agc511
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo...p={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.yahoo.co...ast&type=agc511
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\..\SearchScopes,DefaultScope = {9CB96984-43C3-4D44-90EF-01466EFCF7BB}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://search.live.c...ferrer:source?}
IE - HKCU\..\SearchScopes\{9CB96984-43C3-4D44-90EF-01466EFCF7BB}: "URL" = https://search.yahoo...p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.highlightCount: 0
FF - prefs.js..browser.search.isUS: true
FF - prefs.js..browser.startup.homepage: "http://news.yahoo.co...JmMQR2dGlkAw--"
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:10.0.2502.149
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:34.0.5
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: D:\Windows\system32\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: D:\Windows\system32\Adobe\Director\np32dsw_1214154.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: D:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: D:\Program Files\AVAST Software\Avast\WebRep\FF [2014/12/28 19:22:39 | 000,000,000 | ---D | M]
 
[2014/09/07 14:32:04 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Tink\AppData\Roaming\Mozilla\Extensions
[2014/12/04 14:27:51 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Tink\AppData\Roaming\Mozilla\Firefox\Profiles\x2rotchr.default-1416633844146\extensions
[2014/12/28 19:22:39 | 000,000,000 | ---D | M] ("Avast Online Security") -- D:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
 
========== Chrome  ==========
 
CHR - plugin: Error reading preferences file
CHR - Extension: Google Slides = D:\Users\Tink\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.8_0\
CHR - Extension: Google Docs = D:\Users\Tink\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = D:\Users\Tink\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = D:\Users\Tink\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: YouTube = D:\Users\Tink\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = D:\Users\Tink\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Google Sheets = D:\Users\Tink\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.0_0\
CHR - Extension: avast! Online Security = D:\Users\Tink\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2022.121_0\
CHR - Extension: Google Wallet = D:\Users\Tink\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = D:\Users\Tink\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2014/12/25 22:58:38 | 000,450,690 | R--- | M]) - D:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 15473 more lines...
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - D:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [AvastUI.exe] D:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [SDTray] D:\Program Files\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [Windows Defender] D:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Driver Detective] D:\Program Files\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe (PC Drivers Headquarters)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] D:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [WindowsWelcomeCenter] D:\Windows\System32\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - D:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.5.24.0.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1 205.171.2.25
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{193BE946-4CC9-4C2A-A1D9-5B79AA40A024}: DhcpNameServer = 192.168.0.1 205.171.2.25
O20 - HKLM Winlogon: Shell - (explorer.exe) - D:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (D:\Windows\system32\userinit.exe) - D:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2006/09/18 14:43:36 | 000,000,024 | ---- | M] () - D:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2015/01/04 09:18:23 | 000,000,000 | ---D | C] -- D:\ProgramData\B0FFCDD9-5261-4e59-B29A-17A4FABDEBAB
[2015/01/03 23:52:55 | 000,000,000 | -HSD | C] -- D:\Jumpshot
[2015/01/03 23:50:36 | 000,000,000 | ---D | C] -- D:\Windows\jumpshot.com
[2014/12/28 19:23:13 | 000,000,000 | ---D | C] -- D:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[2014/12/28 19:22:40 | 000,291,352 | ---- | C] (AVAST Software) -- D:\Windows\System32\aswBoot.exe
[2014/12/28 19:22:34 | 000,043,152 | ---- | C] (AVAST Software) -- D:\Windows\avastSS.scr
[2014/12/28 19:12:45 | 000,000,000 | ---D | C] -- D:\Users\Tink\AppData\Roaming\AVAST Software
[2014/12/28 19:11:24 | 000,787,800 | ---- | C] (AVAST Software) -- D:\Windows\System32\drivers\aswsnx.sys
[2014/12/28 19:11:24 | 000,423,784 | ---- | C] (AVAST Software) -- D:\Windows\System32\drivers\aswsp.sys
[2014/12/28 19:11:24 | 000,057,928 | ---- | C] (AVAST Software) -- D:\Windows\System32\drivers\aswTdi.sys
[2014/12/28 19:11:23 | 000,253,640 | ---- | C] (AVAST Software) -- D:\Windows\System32\drivers\aswNdis2.sys
[2014/12/28 19:11:23 | 000,070,384 | ---- | C] (AVAST Software) -- D:\Windows\System32\drivers\aswMonFlt.sys
[2014/12/28 19:11:23 | 000,055,240 | ---- | C] (AVAST Software) -- D:\Windows\System32\drivers\aswRdr.sys
[2014/12/28 19:11:23 | 000,026,136 | ---- | C] (AVAST Software) -- D:\Windows\System32\drivers\aswKbd.sys
[2014/12/28 19:10:42 | 000,012,112 | ---- | C] (ALWIL Software) -- D:\Windows\System32\drivers\aswNdis.sys
[2014/12/28 19:09:33 | 000,000,000 | ---D | C] -- D:\Program Files\AVAST Software
[2014/12/28 18:55:54 | 186,654,536 | ---- | C] (AVAST Software) -- D:\Users\Public\Desktop\avast_internet_security_setup(2).exe
[2014/12/28 13:46:10 | 000,000,000 | ---D | C] -- D:\Windows\Panther
[2014/12/28 13:45:50 | 001,374,720 | ---- | C] (Eastman Kodak Company) -- D:\Windows\System32\EKAiO2MON.dll
[2014/12/28 13:45:49 | 000,163,328 | ---- | C] (Eastman Kodak Company) -- D:\Windows\System32\EKAiO2COI11.dll
[2014/12/28 13:45:20 | 000,426,944 | ---- | C] (DTS) -- D:\Windows\System32\DTSU2PLFX32.dll
[2014/12/28 13:45:20 | 000,403,392 | ---- | C] (DTS) -- D:\Windows\System32\DTSU2PGFX32.dll
[2014/12/28 13:45:20 | 000,357,712 | ---- | C] (Knowles Acoustics ) -- D:\Windows\System32\KAAPORT.dll
[2014/12/28 13:45:20 | 000,346,048 | ---- | C] (DTS) -- D:\Windows\System32\DTSU2PREC32.dll
[2014/12/28 13:45:20 | 000,091,920 | ---- | C] (Dolby Laboratories) -- D:\Windows\System32\R4EEA32A.dll
[2014/12/28 13:45:19 | 007,162,128 | ---- | C] (Dolby Laboratories) -- D:\Windows\System32\R4EEP32A.dll
[2014/12/28 13:45:19 | 001,292,904 | ---- | C] (DTS) -- D:\Windows\System32\DTSS2HeadphoneDLL.dll
[2014/12/28 13:45:19 | 001,220,200 | ---- | C] (DTS) -- D:\Windows\System32\DTSBoostDLL.dll
[2014/12/28 13:45:19 | 000,654,952 | ---- | C] (DTS) -- D:\Windows\System32\DTSBassEnhancementDLL.dll
[2014/12/28 13:45:19 | 000,631,400 | ---- | C] (DTS) -- D:\Windows\System32\DTSSymmetryDLL.dll
[2014/12/28 13:45:19 | 000,389,736 | ---- | C] (DTS) -- D:\Windows\System32\DTSGainCompensatorDLL.dll
[2014/12/28 13:45:19 | 000,375,400 | ---- | C] (DTS) -- D:\Windows\System32\DTSLimiterDLL.dll
[2014/12/28 13:45:19 | 000,352,016 | ---- | C] (Dolby Laboratories) -- D:\Windows\System32\R4EED32A.dll
[2014/12/28 13:45:19 | 000,106,768 | ---- | C] (Dolby Laboratories) -- D:\Windows\System32\R4EEL32A.dll
[2014/12/28 13:45:19 | 000,062,224 | ---- | C] (Dolby Laboratories) -- D:\Windows\System32\R4EEG32A.dll
[2014/12/28 13:45:18 | 001,509,480 | ---- | C] (DTS) -- D:\Windows\System32\DTSS2SpeakerDLL.dll
[2014/12/28 13:45:18 | 000,601,704 | ---- | C] (DTS) -- D:\Windows\System32\DTSVoiceClarityDLL.dll
[2014/12/28 13:45:18 | 000,458,344 | ---- | C] (DTS) -- D:\Windows\System32\DTSNeoPCDLL.dll
[2014/12/28 13:45:18 | 000,359,768 | ---- | C] (Dolby Laboratories, Inc.) -- D:\Windows\System32\RTEEP32A.dll
[2014/12/28 13:45:18 | 000,265,376 | ---- | C] (ICEpower a/s) -- D:\Windows\System32\ICEsoundAPO.dll
[2014/12/28 13:45:18 | 000,218,728 | ---- | C] (DTS) -- D:\Windows\System32\DTSGFXAPONS.dll
[2014/12/28 13:45:18 | 000,218,728 | ---- | C] (DTS) -- D:\Windows\System32\DTSGFXAPO.dll
[2014/12/28 13:45:18 | 000,218,216 | ---- | C] (DTS) -- D:\Windows\System32\DTSLFXAPO.dll
[2014/12/28 13:45:18 | 000,170,840 | ---- | C] (Dolby Laboratories, Inc.) -- D:\Windows\System32\RTEED32A.dll
[2014/12/28 13:45:18 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- D:\Windows\System32\RTEEL32A.dll
[2014/12/28 13:45:18 | 000,064,856 | ---- | C] (Dolby Laboratories, Inc.) -- D:\Windows\System32\RTEEG32A.dll
[2014/12/28 13:45:17 | 011,821,656 | ---- | C] (Waves Audio Ltd.) -- D:\Windows\System32\MaxxVoiceAPO30.dll
[2014/12/28 13:45:17 | 001,116,248 | ---- | C] (Waves Audio Ltd.) -- D:\Windows\System32\MaxxAudioAPO60.dll
[2014/12/28 13:45:16 | 006,177,624 | ---- | C] (Dolby Laboratories) -- D:\Windows\System32\DDPP32A.dll
[2014/12/28 13:45:16 | 003,683,416 | ---- | C] (Waves Audio Ltd.) -- D:\Windows\System32\MaxxAudioVnN.dll
[2014/12/28 13:45:16 | 001,490,264 | ---- | C] (Dolby Laboratories) -- D:\Windows\System32\DDPD32A.dll
[2014/12/28 13:45:16 | 000,948,336 | ---- | C] (Waves Audio Ltd.) -- D:\Windows\System32\MaxxSpeechAPO.dll
[2014/12/28 13:45:16 | 000,274,264 | ---- | C] (Dolby Laboratories) -- D:\Windows\System32\DDPO32A.dll
[2014/12/28 13:45:16 | 000,221,528 | ---- | C] (Dolby Laboratories) -- D:\Windows\System32\DDPA32.dll
[2014/12/28 13:45:15 | 028,062,296 | ---- | C] (Waves Audio Ltd.) -- D:\Windows\System32\MaxxAudioVnA.dll
[2014/12/28 13:45:15 | 000,890,160 | ---- | C] (Nahimic Inc) -- D:\Windows\System32\NAHIMICAPOSettingsIPC.dll
[2014/12/28 13:45:14 | 005,086,984 | ---- | C] (Nahimic Inc) -- D:\Windows\System32\NAHIMICAPOlfx.dll
[2014/12/28 13:45:14 | 000,966,904 | ---- | C] (SRS Labs, Inc.) -- D:\Windows\System32\slcnt32.dll
[2014/12/28 13:45:14 | 000,818,936 | ---- | C] (DTS, Inc.) -- D:\Windows\System32\sl3apo32.dll
[2014/12/28 13:45:14 | 000,606,968 | ---- | C] (DTS, Inc.) -- D:\Windows\System32\sltech32.dll
[2014/12/28 13:45:14 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- D:\Windows\System32\RP3DHT32.dll
[2014/12/28 13:45:14 | 000,295,768 | ---- | C] (Dolby Laboratories, Inc.) -- D:\Windows\System32\RP3DAA32.dll
[2014/12/28 13:45:14 | 000,219,896 | ---- | C] (TODO: <Company name>) -- D:\Windows\System32\slprp32.dll
[2014/12/28 13:45:14 | 000,214,368 | ---- | C] (Synopsys, Inc.) -- D:\Windows\System32\SFNHK.dll
[2014/12/28 13:45:14 | 000,092,584 | ---- | C] (Real Sound Lab SIA) -- D:\Windows\System32\CONEQMSAPOGUILibrary.dll
[2014/12/28 13:45:14 | 000,074,080 | ---- | C] (Synopsys, Inc.) -- D:\Windows\System32\SFCOM.dll
[2014/12/28 13:45:14 | 000,068,960 | ---- | C] (Synopsys, Inc.) -- D:\Windows\System32\SFAPO.dll
[2014/12/28 13:45:13 | 014,585,432 | ---- | C] (Waves Audio Ltd.) -- D:\Windows\System32\MaxxAudioRealtek.dll
[2014/12/28 13:45:13 | 001,823,320 | ---- | C] (Waves Audio Ltd.) -- D:\Windows\System32\WavesGUILib.dll
[2014/12/28 13:45:13 | 001,691,224 | ---- | C] (Waves Audio Ltd.) -- D:\Windows\System32\MaxxAudioRealtek2.dll
[2014/12/28 13:45:13 | 000,987,224 | ---- | C] (Waves Audio Ltd.) -- D:\Windows\System32\MaxxAudioAPO50.dll
[2014/12/28 13:45:13 | 000,966,744 | ---- | C] (Waves Audio Ltd.) -- D:\Windows\System32\MaxxAudioAPO40.dll
[2014/12/28 13:45:13 | 000,798,296 | ---- | C] (Waves Audio Ltd.) -- D:\Windows\System32\MaxxVoiceAPO20.dll
[2014/12/28 13:45:13 | 000,509,184 | ---- | C] (Waves Audio Ltd.) -- D:\Windows\System32\MaxxVolumeSDAPO.dll
[2014/12/28 13:45:13 | 000,509,184 | ---- | C] (Waves Audio Ltd.) -- D:\Windows\System32\MaxxAudioAPO30.dll
[2014/12/28 13:45:12 | 002,421,792 | ---- | C] (Fortemedia Corporation) -- D:\Windows\System32\FMAPO.dll
[2014/12/28 13:45:12 | 001,940,056 | ---- | C] (Waves Audio Ltd.) -- D:\Windows\System32\MaxxAudioEQ.dll
[2014/12/28 13:45:12 | 001,783,056 | ---- | C] (Waves Audio Ltd.) -- D:\Windows\System32\WavesLib.dll
[2014/12/28 13:45:12 | 000,900,696 | ---- | C] (Waves Audio Ltd.) -- D:\Windows\System32\MaxxAudioAPOShell.dll
[2014/12/28 13:45:12 | 000,345,328 | ---- | C] (SRS Labs, Inc.) -- D:\Windows\System32\SRSTSXT.dll
[2014/12/28 13:45:12 | 000,232,792 | ---- | C] (Waves Audio Ltd.) -- D:\Windows\System32\MaxxAudioAPO20.dll
[2014/12/28 13:45:12 | 000,185,584 | ---- | C] (SRS Labs, Inc.) -- D:\Windows\System32\SRSTSHD.dll
[2014/12/28 13:45:12 | 000,173,296 | ---- | C] (SRS Labs, Inc.) -- D:\Windows\System32\SRSHP360.dll
[2014/12/28 13:45:12 | 000,140,528 | ---- | C] (SRS Labs, Inc.) -- D:\Windows\System32\SRSWOW.dll
[2014/12/28 13:45:12 | 000,132,368 | ---- | C] (Waves Audio Ltd.) -- D:\Windows\System32\MaxxAudioAPO.dll
[2014/12/28 13:44:42 | 000,000,000 | ---D | C] -- D:\Windows\Debug
[2014/12/28 13:31:59 | 000,000,000 | -H-D | C] -- D:\$WINDOWS.~Q
[2014/12/28 13:29:03 | 000,000,000 | -H-D | C] -- D:\$INPLACE.~TR
[2014/12/28 12:54:22 | 000,000,000 | --SD | C] -- D:\Users\Tink\AppData\Roaming\Microsoft
[2014/12/28 12:54:22 | 000,000,000 | R--D | C] -- D:\Users\Tink\Videos
[2014/12/28 12:54:22 | 000,000,000 | R--D | C] -- D:\Users\Tink\Saved Games
[2014/12/28 12:54:22 | 000,000,000 | R--D | C] -- D:\Users\Tink\Pictures
[2014/12/28 12:54:22 | 000,000,000 | R--D | C] -- D:\Users\Tink\Music
[2014/12/28 12:54:22 | 000,000,000 | R--D | C] -- D:\Users\Tink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/12/28 12:54:22 | 000,000,000 | R--D | C] -- D:\Users\Tink\Links
[2014/12/28 12:54:22 | 000,000,000 | R--D | C] -- D:\Users\Tink\Favorites
[2014/12/28 12:54:22 | 000,000,000 | R--D | C] -- D:\Users\Tink\Downloads
[2014/12/28 12:54:22 | 000,000,000 | R--D | C] -- D:\Users\Tink\Documents
[2014/12/28 12:54:22 | 000,000,000 | R--D | C] -- D:\Users\Tink\Desktop
[2014/12/28 12:54:22 | 000,000,000 | R--D | C] -- D:\Users\Tink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/12/28 12:54:22 | 000,000,000 | -HSD | C] -- D:\Users\Tink\AppData\Local\Temporary Internet Files
[2014/12/28 12:54:22 | 000,000,000 | -HSD | C] -- D:\Users\Tink\Templates
[2014/12/28 12:54:22 | 000,000,000 | -HSD | C] -- D:\Users\Tink\Start Menu
[2014/12/28 12:54:22 | 000,000,000 | -HSD | C] -- D:\Users\Tink\SendTo
[2014/12/28 12:54:22 | 000,000,000 | -HSD | C] -- D:\Users\Tink\Recent
[2014/12/28 12:54:22 | 000,000,000 | -HSD | C] -- D:\Users\Tink\PrintHood
[2014/12/28 12:54:22 | 000,000,000 | -HSD | C] -- D:\Users\Tink\NetHood
[2014/12/28 12:54:22 | 000,000,000 | -HSD | C] -- D:\Users\Tink\Documents\My Videos
[2014/12/28 12:54:22 | 000,000,000 | -HSD | C] -- D:\Users\Tink\Documents\My Pictures
[2014/12/28 12:54:22 | 000,000,000 | -HSD | C] -- D:\Users\Tink\Documents\My Music
[2014/12/28 12:54:22 | 000,000,000 | -HSD | C] -- D:\Users\Tink\My Documents
[2014/12/28 12:54:22 | 000,000,000 | -HSD | C] -- D:\Users\Tink\Local Settings
[2014/12/28 12:54:22 | 000,000,000 | -HSD | C] -- D:\Users\Tink\AppData\Local\History
[2014/12/28 12:54:22 | 000,000,000 | -HSD | C] -- D:\Users\Tink\Cookies
[2014/12/28 12:54:22 | 000,000,000 | -HSD | C] -- D:\Users\Tink\Application Data
[2014/12/28 12:54:22 | 000,000,000 | -HSD | C] -- D:\Users\Tink\AppData\Local\Application Data
[2014/12/28 12:54:22 | 000,000,000 | -H-D | C] -- D:\Users\Tink\AppData
[2014/12/28 12:54:22 | 000,000,000 | ---D | C] -- D:\Users\Tink\AppData\Local\Temp
[2014/12/28 12:54:22 | 000,000,000 | ---D | C] -- D:\Users\Tink\AppData\Local\Microsoft
[2014/12/28 12:54:22 | 000,000,000 | ---D | C] -- D:\Users\Tink\AppData\Roaming\Media Center Programs
[2014/12/28 12:52:44 | 000,000,000 | ---D | C] -- D:\Windows\System32\RTCOM
[2014/12/28 12:52:44 | 000,000,000 | ---D | C] -- D:\Program Files\Realtek
[2014/12/28 12:47:46 | 000,000,000 | ---D | C] -- D:\Windows\Prefetch
[2014/12/08 22:28:35 | 000,000,000 | ---D | C] -- D:\Program Files\Mozilla Firefox
[1 D:\Users\Tink\AppData\Local\*.tmp files -> D:\Users\Tink\AppData\Local\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2015/01/04 10:35:15 | 000,000,830 | ---- | M] () -- D:\Windows\tasks\Adobe Flash Player Updater.job
[2015/01/04 10:34:28 | 000,000,644 | ---- | M] () -- D:\Windows\tasks\Check for updates (Spybot - Search & Destroy).job
[2015/01/04 10:33:38 | 000,003,856 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2015/01/04 10:33:38 | 000,003,856 | -H-- | M] () -- D:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2015/01/04 10:33:35 | 000,067,584 | --S- | M] () -- D:\Windows\bootstat.dat
[2015/01/04 10:33:33 | 3184,676,864 | -HS- | M] () -- D:\hiberfil.sys
[2015/01/04 09:19:17 | 000,001,664 | ---- | M] () -- D:\Users\Public\Desktop\iTunes.lnk
[2015/01/04 02:19:45 | 000,618,410 | ---- | M] () -- D:\Windows\System32\perfh009.dat
[2015/01/04 02:19:45 | 000,103,818 | ---- | M] () -- D:\Windows\System32\perfc009.dat
[2015/01/03 23:30:37 | 000,019,510 | ---- | M] () -- D:\Windows\System32\results.xml
[2014/12/31 11:04:46 | 000,000,616 | ---- | M] () -- D:\Windows\tasks\Refresh immunization (Spybot - Search & Destroy).job
[2014/12/28 19:23:13 | 000,001,937 | ---- | M] () -- D:\Users\Public\Desktop\Avast SafeZone.lnk
[2014/12/28 19:23:13 | 000,001,877 | ---- | M] () -- D:\Users\Public\Desktop\Avast Internet Security.lnk
[2014/12/28 19:22:55 | 000,787,800 | ---- | M] (AVAST Software) -- D:\Windows\System32\drivers\aswsnx.sys
[2014/12/28 19:22:51 | 000,423,784 | ---- | M] (AVAST Software) -- D:\Windows\System32\drivers\aswsp.sys
[2014/12/28 19:22:35 | 000,206,248 | ---- | M] () -- D:\Windows\System32\drivers\aswVmm.sys
[2014/12/28 19:22:35 | 000,070,384 | ---- | M] (AVAST Software) -- D:\Windows\System32\drivers\aswMonFlt.sys
[2014/12/28 19:22:35 | 000,057,928 | ---- | M] (AVAST Software) -- D:\Windows\System32\drivers\aswTdi.sys
[2014/12/28 19:22:35 | 000,049,944 | ---- | M] () -- D:\Windows\System32\drivers\aswRvrt.sys
[2014/12/28 19:22:35 | 000,024,184 | ---- | M] () -- D:\Windows\System32\drivers\aswHwid.sys
[2014/12/28 19:22:34 | 000,291,352 | ---- | M] (AVAST Software) -- D:\Windows\System32\aswBoot.exe
[2014/12/28 19:22:34 | 000,055,240 | ---- | M] (AVAST Software) -- D:\Windows\System32\drivers\aswRdr.sys
[2014/12/28 19:22:34 | 000,043,152 | ---- | M] (AVAST Software) -- D:\Windows\avastSS.scr
[2014/12/28 19:22:19 | 000,026,136 | ---- | M] (AVAST Software) -- D:\Windows\System32\drivers\aswKbd.sys
[2014/12/28 19:22:03 | 000,253,640 | ---- | M] (AVAST Software) -- D:\Windows\System32\drivers\aswNdis2.sys
[2014/12/28 19:10:42 | 000,012,112 | ---- | M] (ALWIL Software) -- D:\Windows\System32\drivers\aswNdis.sys
[2014/12/28 19:00:16 | 186,654,536 | ---- | M] (AVAST Software) -- D:\Users\Public\Desktop\avast_internet_security_setup(2).exe
[2014/12/28 17:05:08 | 000,228,176 | ---- | M] () -- D:\Windows\System32\FNTCACHE.DAT
[2014/12/28 16:50:52 | 000,001,820 | ---- | M] () -- D:\Windows\System32\rasctrnm.h
[2014/12/28 16:20:20 | 001,657,350 | ---- | M] () -- D:\Windows\System32\wlan.tmf
[2014/12/28 15:43:16 | 023,134,208 | ---- | M] () -- D:\Windows\ocsetup_install_NetFx3.etl
[2014/12/28 15:43:16 | 001,835,008 | ---- | M] () -- D:\Windows\ocsetup_cbs_install_NetFx3.perf
[2014/12/28 15:43:16 | 000,065,536 | ---- | M] () -- D:\Windows\ocsetup_cbs_install_NetFx3.dpx
[2014/12/28 13:25:45 | 000,000,943 | ---- | M] () -- D:\Users\Tink\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/12/28 13:12:48 | 000,043,530 | ---- | M] () -- D:\Windows\System32\license.rtf
[2014/12/28 13:10:05 | 000,021,412 | ---- | M] () -- D:\Windows\System32\emptyregdb.dat
[2014/12/28 12:53:53 | 000,000,000 | -H-- | M] () -- D:\Windows\System32\drivers\Msft_Kernel_bcmwlhigh6_01005.Wdf
[2014/12/28 12:53:09 | 000,000,000 | -H-- | M] () -- D:\ProgramData\DP45977C.lfl
[2014/12/28 11:55:29 | 000,001,887 | ---- | M] () -- D:\Windows\diagwrn.xml
[2014/12/28 11:55:29 | 000,001,887 | ---- | M] () -- D:\Windows\diagerr.xml
[2014/12/25 22:58:38 | 000,450,690 | R--- | M] () -- D:\Windows\System32\drivers\etc\hosts
[2014/12/24 09:15:08 | 000,450,690 | R--- | M] () -- D:\Windows\System32\drivers\etc\hosts.20141225-225837.backup
[2014/12/14 09:42:10 | 000,450,690 | R--- | M] () -- D:\Windows\System32\drivers\etc\hosts.20141224-091508.backup
[2014/12/09 17:37:38 | 000,450,690 | R--- | M] () -- D:\Windows\System32\drivers\etc\hosts.20141209-173850.backup
[2014/12/09 17:37:38 | 000,450,690 | ---- | M] () -- D:\Windows\System32\drivers\etc\hosts.20141214-094210.backup
[2014/12/05 23:36:36 | 000,450,690 | R--- | M] () -- D:\Windows\System32\drivers\etc\hosts.20141209-173737.backup
[1 D:\Users\Tink\AppData\Local\*.tmp files -> D:\Users\Tink\AppData\Local\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2015/01/03 16:30:39 | 3184,676,864 | -HS- | C] () -- D:\hiberfil.sys
[2015/01/01 16:53:59 | 000,008,830 | ---- | C] () -- D:\Windows\System32\RacUR.xml
[2015/01/01 16:53:59 | 000,000,153 | ---- | C] () -- D:\Windows\System32\RacUREx.xml
[2014/12/28 19:23:13 | 000,001,937 | ---- | C] () -- D:\Users\Public\Desktop\Avast SafeZone.lnk
[2014/12/28 19:23:13 | 000,001,877 | ---- | C] () -- D:\Users\Public\Desktop\Avast Internet Security.lnk
[2014/12/28 19:11:24 | 000,206,248 | ---- | C] () -- D:\Windows\System32\drivers\aswVmm.sys
[2014/12/28 19:11:24 | 000,049,944 | ---- | C] () -- D:\Windows\System32\drivers\aswRvrt.sys
[2014/12/28 19:11:23 | 000,024,184 | ---- | C] () -- D:\Windows\System32\drivers\aswHwid.sys
[2014/12/28 16:50:52 | 000,001,820 | ---- | C] () -- D:\Windows\System32\rasctrnm.h
[2014/12/28 16:20:19 | 001,657,350 | ---- | C] () -- D:\Windows\System32\wlan.tmf
[2014/12/28 13:45:55 | 000,189,494 | ---- | C] () -- D:\Windows\System32\Gfxres.th-TH.resources
[2014/12/28 13:45:55 | 000,178,349 | ---- | C] () -- D:\Windows\System32\Gfxres.el-GR.resources
[2014/12/28 13:45:55 | 000,165,337 | ---- | C] () -- D:\Windows\System32\Gfxres.ru-RU.resources
[2014/12/28 13:45:55 | 000,139,851 | ---- | C] () -- D:\Windows\System32\Gfxres.ar-SA.resources
[2014/12/28 13:45:55 | 000,136,343 | ---- | C] () -- D:\Windows\System32\Gfxres.ja-JP.resources
[2014/12/28 13:45:55 | 000,133,688 | ---- | C] () -- D:\Windows\System32\Gfxres.he-IL.resources
[2014/12/28 13:45:55 | 000,125,500 | ---- | C] () -- D:\Windows\System32\Gfxres.it-IT.resources
[2014/12/28 13:45:55 | 000,123,172 | ---- | C] () -- D:\Windows\System32\Gfxres.ko-KR.resources
[2014/12/28 13:45:55 | 000,122,869 | ---- | C] () -- D:\Windows\System32\Gfxres.es-ES.resources
[2014/12/28 13:45:55 | 000,122,651 | ---- | C] () -- D:\Windows\System32\Gfxres.de-DE.resources
[2014/12/28 13:45:55 | 000,121,115 | ---- | C] () -- D:\Windows\System32\Gfxres.tr-TR.resources
[2014/12/28 13:45:55 | 000,120,742 | ---- | C] () -- D:\Windows\System32\Gfxres.fr-FR.resources
[2014/12/28 13:45:55 | 000,120,308 | ---- | C] () -- D:\Windows\System32\Gfxres.pt-BR.resources
[2014/12/28 13:45:55 | 000,119,558 | ---- | C] () -- D:\Windows\System32\Gfxres.hu-HU.resources
[2014/12/28 13:45:55 | 000,119,528 | ---- | C] () -- D:\Windows\System32\Gfxres.nl-NL.resources
[2014/12/28 13:45:55 | 000,119,302 | ---- | C] () -- D:\Windows\System32\Gfxres.sv-SE.resources
[2014/12/28 13:45:55 | 000,119,009 | ---- | C] () -- D:\Windows\System32\Gfxres.pt-PT.resources
[2014/12/28 13:45:55 | 000,118,687 | ---- | C] () -- D:\Windows\System32\Gfxres.cs-CZ.resources
[2014/12/28 13:45:55 | 000,118,639 | ---- | C] () -- D:\Windows\System32\Gfxres.fi-FI.resources
[2014/12/28 13:45:55 | 000,118,351 | ---- | C] () -- D:\Windows\System32\Gfxres.pl-PL.resources
[2014/12/28 13:45:55 | 000,118,000 | ---- | C] () -- D:\Windows\System32\Gfxres.sk-SK.resources
[2014/12/28 13:45:55 | 000,114,794 | ---- | C] () -- D:\Windows\System32\Gfxres.nb-NO.resources
[2014/12/28 13:45:55 | 000,114,314 | ---- | C] () -- D:\Windows\System32\Gfxres.sl-SI.resources
[2014/12/28 13:45:55 | 000,114,203 | ---- | C] () -- D:\Windows\System32\Gfxres.da-DK.resources
[2014/12/28 13:45:55 | 000,110,156 | ---- | C] () -- D:\Windows\System32\Gfxres.en-US.resources
[2014/12/28 13:45:55 | 000,103,986 | ---- | C] () -- D:\Windows\System32\Gfxres.zh-TW.resources
[2014/12/28 13:45:55 | 000,102,825 | ---- | C] () -- D:\Windows\System32\Gfxres.zh-CN.resources
[2014/12/28 13:45:55 | 000,004,096 | ---- | C] ( ) -- D:\Windows\System32\IGFXDEVLib.dll
[2014/12/28 13:45:55 | 000,000,151 | ---- | C] () -- D:\Windows\System32\GfxUI.exe.config
[2014/12/28 13:45:54 | 000,051,644 | ---- | C] () -- D:\Windows\System32\iglhxs32.vp
[2014/12/28 13:45:48 | 000,005,120 | ---- | C] () -- D:\Windows\System32\HdmiCoin.dll
[2014/12/28 13:45:39 | 001,921,265 | ---- | C] () -- D:\Windows\System32\iglhxa32.cpa
[2014/12/28 13:45:39 | 000,060,254 | ---- | C] () -- D:\Windows\System32\iglhxg32.vp
[2014/12/28 13:45:39 | 000,060,226 | ---- | C] () -- D:\Windows\System32\iglhxc32.vp
[2014/12/28 13:45:39 | 000,060,015 | ---- | C] () -- D:\Windows\System32\iglhxo32.vp
[2014/12/28 13:45:39 | 000,001,090 | ---- | C] () -- D:\Windows\System32\iglhxa32.vp
[2014/12/28 13:45:38 | 000,982,240 | ---- | C] () -- D:\Windows\System32\igkrng500.bin
[2014/12/28 13:45:38 | 000,439,308 | ---- | C] () -- D:\Windows\System32\igcompkrng500.bin
[2014/12/28 13:45:38 | 000,092,356 | ---- | C] () -- D:\Windows\System32\igfcg500m.bin
[2014/12/28 13:45:22 | 000,002,823 | ---- | C] () -- D:\Windows\System32\e1y6032.din
[2014/12/28 13:45:20 | 000,188,696 | ---- | C] () -- D:\Windows\System32\AcpiServiceVnA.dll
[2014/12/28 13:45:18 | 002,140,976 | ---- | C] () -- D:\Windows\System32\SStudio.dll
[2014/12/28 13:45:16 | 000,029,496 | ---- | C] () -- D:\Windows\System32\audioLibVc.dll
[2014/12/28 13:45:08 | 005,804,772 | ---- | C] () -- D:\Windows\System32\drivers\rtvienna.dat
[2014/12/28 13:45:08 | 001,099,203 | ---- | C] () -- D:\Windows\System32\drivers\RTAIODAT.DAT
[2014/12/28 13:25:45 | 000,000,949 | ---- | C] () -- D:\Users\Tink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014/12/28 13:25:41 | 000,000,944 | ---- | C] () -- D:\Users\Tink\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2014/12/28 12:54:22 | 000,000,258 | ---- | C] () -- D:\Users\Tink\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2014/12/28 12:54:22 | 000,000,240 | ---- | C] () -- D:\Users\Tink\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2014/12/28 12:53:53 | 000,000,000 | -H-- | C] () -- D:\Windows\System32\drivers\Msft_Kernel_bcmwlhigh6_01005.Wdf
[2014/12/28 12:53:09 | 000,000,000 | -H-- | C] () -- D:\ProgramData\DP45977C.lfl
[2014/11/17 12:38:53 | 000,204,434 | ---- | C] () -- D:\Users\Tink\BPROCIDE.COM
[2014/11/17 12:38:53 | 000,055,637 | ---- | C] () -- D:\Users\Tink\_COMTMP.FID
[2014/11/17 12:38:53 | 000,040,941 | ---- | C] () -- D:\Users\Tink\_DOSTMP.FID
[2014/11/17 12:38:53 | 000,024,566 | ---- | C] () -- D:\Users\Tink\BTWRITE.EXE
[2014/11/17 12:38:53 | 000,002,856 | ---- | C] () -- D:\Users\Tink\SETUP.BAT
[2014/11/17 12:38:53 | 000,000,512 | ---- | C] () -- D:\Users\Tink\BOOTSECT.IMG
[2014/11/17 12:38:53 | 000,000,023 | ---- | C] () -- D:\Users\Tink\_AUTOTMP.FID
[2014/11/15 22:54:20 | 000,000,079 | ---- | C] () -- D:\Windows\wininit.ini
[2014/11/08 22:56:35 | 000,021,412 | ---- | C] () -- D:\Windows\System32\emptyregdb.dat
[2014/11/06 22:35:54 | 000,018,872 | ---- | C] () -- D:\Windows\System32\drivers\SPPD.sys
[2014/10/17 21:34:51 | 000,000,288 | ---- | C] () -- D:\Users\Tink\AppData\Roaming\.backup.dm
[2014/09/07 14:00:59 | 000,053,299 | ---- | C] () -- D:\Windows\System32\pthreadVC.dll
 
========== ZeroAccess Check ==========
 
[2006/11/02 05:54:22 | 000,000,227 | RHS- | M] () -- D:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/12/28 16:16:36 | 011,315,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2014/12/28 16:15:43 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2006/11/02 02:46:13 | 000,348,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2014/12/28 19:12:45 | 000,000,000 | ---D | M] -- D:\Users\Tink\AppData\Roaming\AVAST Software
[2014/12/28 13:02:18 | 000,000,000 | ---D | M] -- D:\Users\Tink\AppData\Roaming\DriverCure
[2014/12/28 13:02:18 | 000,000,000 | ---D | M] -- D:\Users\Tink\AppData\Roaming\IObit
[2014/12/28 13:02:18 | 000,000,000 | ---D | M] -- D:\Users\Tink\AppData\Roaming\Leadertech
[2014/12/28 13:02:23 | 000,000,000 | ---D | M] -- D:\Users\Tink\AppData\Roaming\Opera Software
[2014/12/28 13:02:24 | 000,000,000 | ---D | M] -- D:\Users\Tink\AppData\Roaming\ParetoLogic
[2014/12/28 13:02:24 | 000,000,000 | ---D | M] -- D:\Users\Tink\AppData\Roaming\ProductData
 
========== Purity Check ==========
 
 
 
< End of report >
 

  • 0

Advertisements

#2
crooleeck
Posted 04 January 2015 - 12:41 PM

crooleeck

    Member

  • Member
  • PipPipPip
  • 882 posts

Hi tinksayshi and welcome at GeekstoGo!

I'm crooleeck and I'll try to help you. But first please notice that I'm not limitless, I'm not familiar with all software, I don't know everything. However, it has taken me years to learn what I know. I would be glad to help you.

Fight against malware is NOT instantaneous, most infections require several courses of action to completely eradicate. It's also time-consuming, so be patient! We all like to know final result, so if you have since resolved the issues you were originally experiencing, or have received help elsewhere, please post.

Note:

  • Please watch this topic
  • Do exactly - step by step - what I wish for. Don't be afraid! If there's anything you don't understand, stop and ask!
  • Please don't run unsupervised tools or fix on your own without my direction - it can be dangerous
  • You must reply within 3 days or your topic will be closed

Please be patient with me as I am currently in training, and all of my responses to you have to be reviewed by my instructor before I post them. Just keep in mind that you get the advantage as you have 2 people examining your issue.

 

Step 1:

  • Download aswMBR to your desktop.
  • Double click the aswMBR.exe to run it.
  • Agreed to update.
  • Click the Scan button to start scan.

    aswMBR1.png
  • On completion of the scan click Save log, save it to your desktop and post in your next reply

Step 2:

Please look for D:\Users\Tink\Downloads\Extras.txt file and post its content - it's part of OTL log.


  • 0

#3
Essexboy
Posted 09 January 2015 - 02:45 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP