Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

file extraction prompt virus? [Solved]


  • This topic is locked This topic is locked

#16
jr chambers

jr chambers

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 124 posts
your avast link takes me to malware bytes fourm, not sure what o do with that page to fix avast. i'm alittle confused here?
Joel
  • 0

Advertisements


#17
Nutloaf

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
:oops: I do apologise. The link is correct the label is wrong.

This is what I need you to do. First follow the second post and update Visual C++ 2008 and 2010. Avast should then install.

Then click my mislabelled link and follow the steps in Post 11 to ensure Avast and Malwarebytes run together without issue.

Let me know if you run into problems :thumbsup:
  • 0

#18
jr chambers

jr chambers

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 124 posts

First follow the second post and update Visual C++ 2008 and 2010. Avast should then install.

i did install the updates,avast had installed(before installing the visual C++ 08' and 10', refer my post from 1/10/14) but will not open, also i cannot uninstall it or change it. so i cannot make the changes you stated unless i can open it. what to do now :rolleyes:
Joel
  • 0

#19
Nutloaf

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
HI there JR, it looks like Avast didn't install correctly. If I had a penny for each time this happened with Avast I'd have 1 penny :rolleyes:

I have instructions at the ready, but they need to be cleared by my instructor who is an Avast tester so we are in good hands.

We need to remove and re-install Avast, I have the tools ready so sit tight we are nearly done :thumbsup:
  • 0

#20
Nutloaf

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Ok this should straighten things out :)

Please ensure that SpyBot, Teatimer and Malwarebytes are disabled before completing the following. How to Disable Malwarebytes


1. Avast Uninstall Utility

  • Download Avast Uninstall Utility and save to your Desktop
  • Download Avast Free Antivirus and save to your Desktop
  • Disconnect from the Internet
  • Uninstall Avast via control panel if possible, otherwise proceed to the next step.
  • Run the uninstall tool and accept the reboot to safe mode
  • Once complete reboot your system
  • Now Reinstall Avast.
  • Run a Quick scan and let me know if and what is found.


2. OTL Scan

  • Right click the OTL icon and select Run as Administrator.
  • Select the following boxes:
  • Scan All Users
  • Include 64bit Scans - If present.
  • Use Company-Name WhiteList
  • Skip Microsoft Files
  • Use No-Company-Name WhiteList
  • LOP Check
  • Now Click Run Scan
  • OTL will now scan your computer and produce a log file OTL.txt
  • Please post in your next reply

  • 0

#21
jr chambers

jr chambers

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 124 posts
OK, the internet is slow with avast checking every page( including geeks to go) but the system is virus free, here is the log you wanted. now for my bookmarks??? :unsure:
OTL logfile created on: 1/16/2014 6:18:10 PM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\joel c\Desktop\computer clean up files logs
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.25 Gb Total Physical Memory | 2.01 Gb Available Physical Memory | 61.98% Memory free
6.50 Gb Paging File | 5.17 Gb Available in Paging File | 79.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 755.73 Gb Total Space | 439.59 Gb Free Space | 58.17% Space Free | Partition Type: NTFS
Drive D: | 465.75 Gb Total Space | 302.82 Gb Free Space | 65.02% Space Free | Partition Type: NTFS
Drive E: | 175.78 Gb Total Space | 162.18 Gb Free Space | 92.26% Space Free | Partition Type: NTFS
Drive F: | 3.82 Gb Total Space | 0.00 Gb Free Space | 0.00% Space Free | Partition Type: UDF

Computer Name: ASUS32BITMAINPC | User Name: joel c | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/01/16 17:34:00 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/01/16 17:34:00 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/01/06 21:51:29 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2014/01/05 07:32:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\joel c\Desktop\computer clean up files logs\OTL.exe
PRC - [2013/12/06 15:47:44 | 020,203,904 | ---- | M] (Google) -- C:\Program Files\Google\Drive\googledrivesync.exe
PRC - [2013/09/25 15:15:20 | 000,577,088 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
PRC - [2013/05/10 02:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012/02/29 16:47:32 | 000,863,360 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\EPSON Software\FAX Utility\FUFAXSTM.exe
PRC - [2012/02/29 16:47:30 | 000,502,912 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\EPSON Software\FAX Utility\FUFAXRCV.exe
PRC - [2012/01/26 17:07:52 | 001,058,400 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
PRC - [2012/01/18 01:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2011/12/22 07:31:08 | 000,045,056 | ---- | M] (Intuit) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
PRC - [2011/12/12 00:00:00 | 000,122,000 | ---- | M] (Seiko Epson Corporation) -- C:\Windows\System32\escsvc.exe
PRC - [2011/12/06 16:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
PRC - [2011/12/06 16:00:14 | 000,214,896 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe
PRC - [2011/11/11 14:08:06 | 000,205,336 | ---- | M] (Logitech Inc.) -- C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe
PRC - [2011/11/11 14:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
PRC - [2011/09/19 08:28:46 | 000,018,432 | ---- | M] (Snap-on Incorporated) -- C:\Program Files\Snap-on Incorporated\ShopStream Connect\ShopStreamConnectAutoStart.exe
PRC - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2011/08/12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
PRC - [2011/07/04 17:42:28 | 000,323,304 | ---- | M] (Motorola Inc.) -- C:\Program Files\Motorola\MOTOPRINT Host\PrintService.exe
PRC - [2011/04/20 02:04:38 | 000,393,216 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2011/04/20 02:04:08 | 000,176,128 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2011/02/25 09:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/08/06 13:13:12 | 000,087,336 | ---- | M] (Nero AG) -- C:\Program Files\Motorola Media Link\NServiceEntry.exe
PRC - [2010/04/12 12:37:20 | 000,526,336 | ---- | M] (AVerMedia Technologies, Inc.) -- C:\Program Files\SnugTV\SnugTV Station\AMAServer.exe
PRC - [2010/04/07 16:57:14 | 000,190,976 | ---- | M] (AVerMedia Technologies, Inc. ) -- C:\Program Files\SnugTV\SnugTV Station\QuickStart.exe
PRC - [2010/03/30 10:37:08 | 000,245,248 | ---- | M] () -- C:\Program Files\USB Optical Mouse\USB Optical Mouse\MouseHid.exe
PRC - [2010/03/09 17:55:02 | 000,169,984 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe
PRC - [2010/03/03 08:11:15 | 000,651,264 | R--- | M] (AVerMedia TECHNOLOGIES, Inc.) -- C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
PRC - [2010/01/05 14:43:41 | 000,155,648 | R--- | M] () -- C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
PRC - [2009/12/06 18:13:14 | 000,397,312 | R--- | M] () -- C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe
PRC - [2009/10/30 11:48:42 | 000,348,160 | R--- | M] (AVerMedia) -- C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe
PRC - [2009/07/06 17:35:48 | 000,131,072 | ---- | M] () -- C:\Program Files\USB Optical Mouse\USB Optical Mouse\Tra.exe
PRC - [2009/06/14 20:24:04 | 000,376,832 | ---- | M] () -- C:\Program Files\ATI Technologies\HydraVision\HydraGrd.exe
PRC - [2009/06/14 20:23:22 | 000,380,928 | ---- | M] (AMD) -- C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
PRC - [2009/04/10 17:29:04 | 000,294,912 | -H-- | M] (DeviceVM) -- C:\ASUS.SYS\config\DVMExportService.exe
PRC - [2002/02/26 17:22:52 | 000,233,472 | R--- | M] (MySoftware, Inc.) -- C:\Program Files\Common Files\MySoftware\Newsflsh.exe


========== Modules (No Company Name) ==========

MOD - [2014/01/16 17:34:02 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/01/16 17:31:35 | 001,175,040 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\wx._core_.pyd
MOD - [2014/01/16 17:31:35 | 001,153,024 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\_ssl.pyd
MOD - [2014/01/16 17:31:35 | 001,062,400 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\wx._controls_.pyd
MOD - [2014/01/16 17:31:35 | 000,811,008 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\wx._windows_.pyd
MOD - [2014/01/16 17:31:35 | 000,805,888 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\wx._gdi_.pyd
MOD - [2014/01/16 17:31:35 | 000,735,232 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\wx._misc_.pyd
MOD - [2014/01/16 17:31:35 | 000,711,680 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\_hashlib.pyd
MOD - [2014/01/16 17:31:35 | 000,686,080 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\unicodedata.pyd
MOD - [2014/01/16 17:31:35 | 000,557,056 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\pysqlite2._sqlite.pyd
MOD - [2014/01/16 17:31:35 | 000,521,680 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\windows._lib_cacheinvalidation.pyd
MOD - [2014/01/16 17:31:35 | 000,364,544 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\pythoncom27.dll
MOD - [2014/01/16 17:31:35 | 000,320,512 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\win32com.shell.shell.pyd
MOD - [2014/01/16 17:31:35 | 000,128,512 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\_elementtree.pyd
MOD - [2014/01/16 17:31:35 | 000,127,488 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\pyexpat.pyd
MOD - [2014/01/16 17:31:35 | 000,122,368 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\wx._wizard.pyd
MOD - [2014/01/16 17:31:35 | 000,119,808 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\win32file.pyd
MOD - [2014/01/16 17:31:35 | 000,110,080 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\PyWinTypes27.dll
MOD - [2014/01/16 17:31:35 | 000,108,544 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\win32security.pyd
MOD - [2014/01/16 17:31:35 | 000,098,816 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\win32api.pyd
MOD - [2014/01/16 17:31:35 | 000,087,040 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\_ctypes.pyd
MOD - [2014/01/16 17:31:35 | 000,070,656 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\wx._html2.pyd
MOD - [2014/01/16 17:31:35 | 000,044,032 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\_socket.pyd
MOD - [2014/01/16 17:31:35 | 000,038,912 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\win32inet.pyd
MOD - [2014/01/16 17:31:35 | 000,035,840 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\win32process.pyd
MOD - [2014/01/16 17:31:35 | 000,026,624 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\_multiprocessing.pyd
MOD - [2014/01/16 17:31:35 | 000,025,600 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\win32pdh.pyd
MOD - [2014/01/16 17:31:35 | 000,024,064 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\win32pipe.pyd
MOD - [2014/01/16 17:31:35 | 000,022,528 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\win32ts.pyd
MOD - [2014/01/16 17:31:35 | 000,018,432 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\win32event.pyd
MOD - [2014/01/16 17:31:35 | 000,017,408 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\win32profile.pyd
MOD - [2014/01/16 17:31:35 | 000,011,264 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\win32crypt.pyd
MOD - [2014/01/16 17:31:35 | 000,010,240 | ---- | M] () -- C:\Users\joel c\AppData\Local\Temp\_MEI26962\select.pyd
MOD - [2014/01/07 19:18:26 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll
MOD - [2014/01/07 06:44:31 | 011,914,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\6ebbfafc5521934f7e1c154937a2788b\System.Web.ni.dll
MOD - [2014/01/07 06:44:26 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\d473c19e69818875b9c739cad8f386a5\System.Runtime.Remoting.ni.dll
MOD - [2014/01/07 06:43:50 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll
MOD - [2014/01/07 06:43:43 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2014/01/07 06:43:26 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2014/01/07 06:43:22 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll
MOD - [2014/01/07 06:43:21 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2014/01/07 06:43:11 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2011/12/06 16:00:14 | 000,784,240 | ---- | M] () -- C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe
MOD - [2011/11/11 14:09:20 | 000,336,408 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll
MOD - [2011/11/11 14:07:54 | 000,265,240 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe
MOD - [2011/08/12 12:19:40 | 000,680,984 | ---- | M] () -- C:\Program Files\Common Files\logishrd\LQCVFX\COCIManager.exe
MOD - [2011/08/12 12:18:56 | 000,342,552 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTXml4.dll
MOD - [2011/08/12 12:18:56 | 000,128,536 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QJpeg4.dll
MOD - [2011/08/12 12:18:56 | 000,029,208 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\ImageFormats\QGif4.dll
MOD - [2011/08/12 12:18:54 | 007,956,504 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTGui4.dll
MOD - [2011/08/12 12:18:54 | 002,145,304 | ---- | M] () -- C:\Program Files\Logitech\LWS\Webcam Software\QTCore4.dll
MOD - [2010/03/30 10:37:08 | 000,245,248 | ---- | M] () -- C:\Program Files\USB Optical Mouse\USB Optical Mouse\MouseHid.exe
MOD - [2010/03/22 20:04:04 | 000,380,928 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3685.42249__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
MOD - [2010/03/22 20:04:04 | 000,311,296 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HydraVision.Wizard\2.0.3685.42407__90ba9c70f846762e\CLI.Aspect.HydraVision.Wizard.dll
MOD - [2010/03/22 20:04:04 | 000,241,664 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Dashboard\2.0.3685.42406__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Dashboard.dll
MOD - [2010/03/22 20:04:04 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Dashboard\2.0.3685.42404__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Dashboard.dll
MOD - [2010/03/22 20:04:04 | 000,204,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3685.42279__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
MOD - [2010/03/22 20:04:04 | 000,163,840 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Dashboard\2.0.3685.42403__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Dashboard.dll
MOD - [2010/03/22 20:04:04 | 000,147,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Dashboard\2.0.3685.42397__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Dashboard.dll
MOD - [2010/03/22 20:04:04 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3685.42271__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
MOD - [2010/03/22 20:04:04 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Runtime\2.0.3685.42397__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Runtime.dll
MOD - [2010/03/22 20:04:04 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Runtime\2.0.3685.42403__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Runtime.dll
MOD - [2010/03/22 20:04:04 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Runtime\2.0.3685.42405__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Runtime.dll
MOD - [2010/03/22 20:04:04 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Runtime\2.0.3685.42404__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Runtime.dll
MOD - [2010/03/22 20:04:04 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3685.42263__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
MOD - [2010/03/22 20:04:04 | 000,012,800 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeskMan.HydraVision.Shared\2.0.3685.42402__90ba9c70f846762e\CLI.Aspect.DeskMan.HydraVision.Shared.dll
MOD - [2010/03/22 20:04:04 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.3685.42396__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
MOD - [2010/03/22 20:04:04 | 000,010,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MDProp.HydraVision.Shared\2.0.3685.42403__90ba9c70f846762e\CLI.Aspect.MDProp.HydraVision.Shared.dll
MOD - [2010/03/22 20:04:04 | 000,010,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Shared\2.0.3685.42396__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Shared.dll
MOD - [2010/03/22 20:04:04 | 000,009,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MultiDesk.HydraVision.Shared\2.0.3685.42405__90ba9c70f846762e\CLI.Aspect.MultiDesk.HydraVision.Shared.dll
MOD - [2010/03/22 20:04:04 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.3685.42395__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
MOD - [2010/03/22 20:04:04 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Wizard\2.0.3685.42400__90ba9c70f846762e\CLI.Caste.HydraVision.Wizard.dll
MOD - [2010/03/22 20:04:04 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.3685.42396__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
MOD - [2010/03/22 20:04:03 | 001,708,032 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3685.42422__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll
MOD - [2010/03/22 20:04:03 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3685.42379__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
MOD - [2010/03/22 20:04:03 | 000,094,208 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3685.42332__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
MOD - [2010/03/22 20:04:03 | 000,073,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3685.42261__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
MOD - [2010/03/22 20:04:03 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3685.42380__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
MOD - [2010/03/22 20:04:03 | 000,013,312 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3685.42422__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll
MOD - [2010/03/22 20:04:02 | 001,302,528 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3685.42418__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll
MOD - [2010/03/22 20:04:02 | 000,270,336 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
MOD - [2010/03/22 20:04:02 | 000,196,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3685.42279__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
MOD - [2010/03/22 20:04:02 | 000,008,192 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3685.42241__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
MOD - [2010/03/22 20:04:02 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
MOD - [2010/03/22 20:04:02 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3685.42236__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
MOD - [2010/03/22 20:04:02 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3685.42377__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
MOD - [2010/03/22 20:04:02 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3685.42244__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll
MOD - [2010/03/22 20:04:02 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3685.42387__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll
MOD - [2010/03/22 20:04:02 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3685.42248__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
MOD - [2010/03/22 20:04:01 | 000,151,552 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3685.42239__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
MOD - [2010/03/22 20:04:01 | 000,098,304 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3685.42237__90ba9c70f846762e\CLI.Foundation.dll
MOD - [2010/03/22 20:04:01 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3685.42330__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
MOD - [2010/03/22 20:04:01 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
MOD - [2010/03/22 20:04:01 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3685.42378__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
MOD - [2010/03/22 20:04:01 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3685.42235__90ba9c70f846762e\LOG.Foundation.dll
MOD - [2010/03/22 20:04:01 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3685.42371__90ba9c70f846762e\CLI.Foundation.XManifest.dll
MOD - [2010/03/22 20:04:01 | 000,024,576 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3685.42238__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
MOD - [2010/03/22 20:04:01 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3685.42238__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
MOD - [2010/03/22 20:04:01 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
MOD - [2010/03/22 20:04:01 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3685.42270__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
MOD - [2010/03/22 20:04:01 | 000,016,384 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3685.42261__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
MOD - [2010/03/22 20:04:01 | 000,015,360 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3685.42236__90ba9c70f846762e\NEWAEM.Foundation.dll
MOD - [2010/03/22 20:04:01 | 000,009,728 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3685.42379__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll
MOD - [2010/03/22 20:04:01 | 000,007,680 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3685.42238__90ba9c70f846762e\CLI.Component.Client.Shared.dll
MOD - [2010/03/22 20:04:01 | 000,006,656 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3685.42247__90ba9c70f846762e\DEM.Graphics.dll
MOD - [2010/03/22 20:04:01 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3685.42240__90ba9c70f846762e\MOM.Foundation.dll
MOD - [2010/03/22 20:04:01 | 000,005,632 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3685.42243__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
MOD - [2010/03/22 20:04:00 | 000,741,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3685.42415__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll
MOD - [2010/03/22 20:04:00 | 000,053,248 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3685.42276__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
MOD - [2010/03/22 20:04:00 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3685.42261__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
MOD - [2010/03/22 20:04:00 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3685.42387__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
MOD - [2010/03/22 20:04:00 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3685.42323__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
MOD - [2010/03/22 20:04:00 | 000,028,672 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3685.42275__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
MOD - [2010/03/22 20:04:00 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3685.42248__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
MOD - [2010/03/22 20:04:00 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3685.42237__90ba9c70f846762e\APM.Foundation.dll
MOD - [2010/03/22 20:04:00 | 000,006,144 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3685.42243__90ba9c70f846762e\AEM.Server.Shared.dll
MOD - [2010/03/22 20:03:59 | 001,220,608 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3685.42256__90ba9c70f846762e\CLI.Component.Dashboard.dll
MOD - [2010/03/22 20:03:59 | 000,577,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3685.42364__90ba9c70f846762e\CLI.Component.Systemtray.dll
MOD - [2010/03/22 20:03:59 | 000,405,504 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3685.42270__90ba9c70f846762e\CLI.Component.Wizard.dll
MOD - [2010/03/22 20:03:59 | 000,106,496 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3685.42372__90ba9c70f846762e\MOM.Implementation.dll
MOD - [2010/03/22 20:03:59 | 000,065,536 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3685.42369__90ba9c70f846762e\LOG.Foundation.Implementation.dll
MOD - [2010/03/22 20:03:59 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3685.42246__90ba9c70f846762e\CLI.Component.Runtime.dll
MOD - [2010/03/22 20:03:59 | 000,061,440 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3685.42242__90ba9c70f846762e\APM.Server.dll
MOD - [2010/03/22 20:03:59 | 000,057,344 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3685.42247__90ba9c70f846762e\CLI.Component.SkinFactory.dll
MOD - [2010/03/22 20:03:59 | 000,049,152 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3685.42245__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
MOD - [2010/03/22 20:03:59 | 000,045,056 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3685.42244__90ba9c70f846762e\AEM.Server.dll
MOD - [2010/03/22 20:03:59 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3685.42241__90ba9c70f846762e\CLI.Foundation.Private.dll
MOD - [2010/03/22 20:03:59 | 000,040,960 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3685.42254__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
MOD - [2010/03/22 20:03:59 | 000,036,864 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3685.42239__90ba9c70f846762e\LOG.Foundation.Private.dll
MOD - [2010/03/22 20:03:59 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
MOD - [2010/03/22 20:03:59 | 000,020,480 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3685.42240__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
MOD - [2010/03/22 20:03:59 | 000,019,456 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3685.42371__90ba9c70f846762e\CCC.Implementation.dll
MOD - [2010/03/22 20:03:59 | 000,011,776 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3685.42269__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
MOD - [2010/03/22 20:03:59 | 000,010,240 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3685.42255__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
MOD - [2010/03/22 20:03:59 | 000,008,704 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3685.42277__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
MOD - [2010/03/22 20:03:59 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3685.42246__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll
MOD - [2010/03/22 20:03:59 | 000,007,168 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3685.42245__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
MOD - [2010/01/28 17:36:50 | 000,091,136 | ---- | M] () -- C:\Program Files\Common Files\SnugTV\IEPG\libXmppClient.dll
MOD - [2010/01/28 17:34:50 | 000,151,552 | ---- | M] () -- C:\Program Files\Common Files\SnugTV\IEPG\libexpat.dll
MOD - [2010/01/28 17:34:50 | 000,090,624 | ---- | M] () -- C:\Program Files\Common Files\SnugTV\IEPG\libgsasl.dll
MOD - [2010/01/19 13:44:14 | 000,027,136 | ---- | M] () -- C:\Program Files\SnugTV\SnugTV Station\AmaError.dll
MOD - [2010/01/05 14:43:41 | 000,155,648 | R--- | M] () -- C:\Program Files\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
MOD - [2009/11/24 12:36:36 | 000,016,384 | R--- | M] () -- C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
MOD - [2009/07/06 17:35:48 | 000,131,072 | ---- | M] () -- C:\Program Files\USB Optical Mouse\USB Optical Mouse\Tra.exe
MOD - [2009/06/14 20:24:04 | 000,376,832 | ---- | M] () -- C:\Program Files\ATI Technologies\HydraVision\HydraGrd.exe


========== Services (SafeList) ==========

SRV - [2014/01/16 17:34:00 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/12/13 17:14:12 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/11/26 03:29:52 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2013/09/25 15:15:20 | 000,577,088 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)
SRV - [2013/05/26 23:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/05/10 02:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/04/04 14:50:32 | 000,701,512 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2013/04/04 14:50:32 | 000,418,376 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012/01/18 01:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2011/12/22 07:31:08 | 000,045,056 | ---- | M] (Intuit) [Auto | Running] -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2011/12/12 00:00:00 | 000,122,000 | ---- | M] (Seiko Epson Corporation) [Auto | Running] -- C:\Windows\System32\escsvc.exe -- (EpsonScanSvc)
SRV - [2011/12/06 16:00:14 | 000,214,896 | ---- | M] () [Auto | Running] -- C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011/08/25 17:53:00 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2011/04/20 02:04:08 | 000,176,128 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2011/02/28 17:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 09:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/08/23 20:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/08/06 13:13:12 | 000,087,336 | ---- | M] (Nero AG) [Auto | Running] -- C:\Program Files\Motorola Media Link\NServiceEntry.exe -- (DeviceMonitorService)
SRV - [2010/04/12 12:37:20 | 000,526,336 | ---- | M] (AVerMedia Technologies, Inc.) [Auto | Running] -- C:\Program Files\SnugTV\SnugTV Station\AMAServer.exe -- (SnugTV Service)
SRV - [2010/03/23 21:11:05 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/03/09 17:55:02 | 000,169,984 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Auto | Running] -- C:\Program Files\AVerMedia\AVerUpdate\AVerUpdateServer.exe -- (AVerUpdateServer)
SRV - [2009/12/06 18:13:14 | 000,397,312 | R--- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe -- (AVerScheduleService)
SRV - [2009/10/30 11:48:42 | 000,348,160 | R--- | M] (AVerMedia) [Auto | Running] -- C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe -- (AVerRemote)
SRV - [2009/07/13 20:16:15 | 000,016,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\StorSvc.dll -- (StorSvc)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/05/14 17:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)
SRV - [2009/04/10 17:29:04 | 000,294,912 | -H-- | M] (DeviceVM) [Auto | Running] -- C:\ASUS.SYS\config\DVMExportService.exe -- (DvmMDES)
SRV - [2009/01/27 13:26:42 | 000,398,336 | ---- | M] (Ares Development Group) [On_Demand | Stopped] -- C:\Program Files\Ares\chatServer.exe -- (AresChatServer)
SRV - [2008/11/18 14:45:28 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motport.sys -- (motport)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motodrv.sys -- (MotDev)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\motoandroid.sys -- (motandroidusb)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\Drivers\motoandroid.sys -- (androidusb)
DRV - [2014/01/16 17:34:04 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/01/16 17:34:04 | 000,410,528 | ---- | M] (AVAST Software) [File_System | System | Stopped] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2014/01/16 17:34:04 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/01/16 17:34:04 | 000,079,720 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014/01/16 17:34:04 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/01/16 17:34:04 | 000,066,752 | ---- | M] (AVAST Software) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\aswStm.sys -- (aswStm)
DRV - [2014/01/16 17:34:04 | 000,049,944 | ---- | M] () [Kernel | Boot | Stopped] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/04/04 14:50:32 | 000,022,856 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2012/01/18 01:44:52 | 004,332,960 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvuvc.sys -- (LVUVC)
DRV - [2012/01/18 01:44:28 | 000,312,096 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\lvrs.sys -- (LVRS)
DRV - [2011/11/08 12:59:04 | 000,011,008 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motusbdevice.sys -- (motusbdevice)
DRV - [2011/07/28 13:25:58 | 000,088,240 | ---- | M] (Pico Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\picopp.sys -- (PICOPP)
DRV - [2011/04/20 02:43:42 | 007,772,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (atikmdag)
DRV - [2011/04/20 02:43:42 | 007,772,160 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2011/04/20 01:22:10 | 000,243,712 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011/04/04 14:55:38 | 000,020,480 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2011/03/31 14:53:24 | 000,024,064 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2010/11/20 07:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 07:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 07:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 05:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 04:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 04:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 04:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/05/18 06:22:52 | 000,015,360 | ---- | M] (Pico Technology) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\adc200.sys -- (adc200)
DRV - [2010/04/01 14:31:50 | 000,023,424 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2010/03/21 14:39:57 | 000,099,856 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV - [2010/03/21 14:39:56 | 000,014,392 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\AtiPcie.sys -- (AtiPcie)
DRV - [2009/12/08 08:37:02 | 000,437,888 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AVerFx2hbtv.sys -- (AVerFx2hbtv)
DRV - [2009/07/24 16:56:16 | 000,009,472 | ---- | M] (Primax Ltd) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\NMgamingms.sys -- (NMgamingmsFltr)
DRV - [2009/07/13 18:45:33 | 000,083,456 | ---- | M] (Brother Industries Ltd.) [Kernel | System | Running] -- C:\Windows\System32\drivers\serial.sys -- (Serial)
DRV - [2009/01/29 17:18:00 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2009/01/29 17:11:20 | 000,006,016 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2007/11/02 15:51:30 | 000,006,400 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2005/06/10 13:48:00 | 008,664,448 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snppro.sys -- (SNPPRO)
DRV - [2004/10/01 01:22:42 | 000,024,704 | ---- | M] (AIM Applicazioni Industriali Microprocessori s.r.l.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\AIM_USBdrv10_01.sys -- (AIM_USBdriver)
DRV - [2004/08/13 08:56:20 | 000,005,810 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ASACPI.sys -- (MTsensor)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC


IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "http://entertainment...izon.com/news/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\joel c\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\joel c\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2013/07/06 19:56:44 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/01/16 17:34:05 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013/12/13 17:14:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/12/25 16:17:55 | 000,000,000 | ---D | M]

[2014/01/06 18:56:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\joel c\AppData\Roaming\Mozilla\Extensions
[2013/12/13 17:14:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013/12/13 17:14:06 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/12/13 17:14:12 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.in.honda....asp/rraalog.asp
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\joel c\AppData\Local\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\joel c\AppData\Local\Google\Chrome\Application\32.0.1700.76\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\joel c\AppData\Local\Google\Chrome\Application\32.0.1700.76\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: Google Drive = C:\Users\joel c\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\joel c\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\joel c\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Users\joel c\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2011.70_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\joel c\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: Gmail = C:\Users\joel c\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2014/01/01 14:55:02 | 000,450,702 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 123fporn.info
O1 - Hosts: 15469 more lines...
O2 - BHO: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (E-Web Print) - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\EPSON Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ATICustomerCare] C:\Program Files\ATI\ATICustomerCare\ATICustomerCare.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EEventManager] C:\Program Files\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXRCV] C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)
O4 - HKLM..\Run: [Intuit SyncManager] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe (Intuit Inc. All rights reserved.)
O4 - HKLM..\Run: [LTCM Client] C:\Program Files\LTCM Client\ltcmClient.exe (Leader Technologies Inc.)
O4 - HKLM..\Run: [LWS] C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Logitech Inc.)
O4 - HKLM..\Run: [MOTOPRINTUPnPPrintService] C:\Program Files\Motorola\MOTOPRINT Host\PrintService.exe shell.icon File not found
O4 - HKLM..\Run: [mumservice] C:\Program Files\Motorola\Software Update\mumservice.exe (Motorola)
O4 - HKLM..\Run: [snppro] C:\Windows\vsnppro.exe (Sonix)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [USB Optical Mouse] C:\Program Files\USB Optical Mouse\USB Optical Mouse\MouseHid.exe ()
O4 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001..\Run: [Grid] C:\Program Files\ATI Technologies\HydraVision\HydraGrd.exe ()
O4 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001..\Run: [HydraVisionDesktopManager] C:\Program Files\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: 164.109.25.72 ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: 207.130.86.35 ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: acura.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: acuraclientpurchaseexperience.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: acurainfo.programhq.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: acuraspinplay.programhq.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: ahmdealer.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: ahm-ownerlink.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: edcor.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: honda.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: honda.vo.llnwd.net ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: hondaadcmd.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: hondacars.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: hondainfo.programhq.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: hondamap.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: hondapqr.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: hondaprofessional.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: hondaspinplay.programhq.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: hondasso.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: jdpa.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: jdpower.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: pcsc.acurasrs.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: prospectingacurasrs.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: travelhq.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-1722759672-3242739790-961427303-1001\..Trusted Domains: xmradio.com ([]* in Trusted sites)
O16 - DPF: {297DE2B6-509A-4B36-93C5-A65276606900} https://www.in.honda...AX/RraainAX.CAB (RRAAINAX_02.RRAAINAX)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B7B2A33D-DEDD-4148-BA5E-D98CA8E9A5AC}: DhcpNameServer = 192.168.1.1 192.168.1.1
O18 - Protocol\Handler\intu-help-qb2 {84D77A00-41B5-4b8b-8ADF-86486D72E749} - C:\Program Files\Intuit\QuickBooks 2009\HelpAsyncPluggableProtocol.dll (Intuit, Inc.)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2010/03/06 08:42:00 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2010/03/16 22:31:56 | 000,000,000 | ---- | M] () - E:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{94dea79f-4f36-11df-b8ca-00027209ea32}\Shell - "" = AutoRun
O33 - MountPoints2\{94dea79f-4f36-11df-b8ca-00027209ea32}\Shell\AutoRun\command - "" = G:\KODAK_Software_Downloader.exe
O33 - MountPoints2\{edfabbf3-dbc3-11e0-b760-00027209ea32}\Shell - "" = AutoRun
O33 - MountPoints2\{edfabbf3-dbc3-11e0-b760-00027209ea32}\Shell\AutoRun\command - "" = G:\setup.exe -a
O33 - MountPoints2\{f857ec2d-8699-11e2-85f1-00027209ea32}\Shell - "" = AutoRun
O33 - MountPoints2\{f857ec2d-8699-11e2-85f1-00027209ea32}\Shell\AutoRun\command - "" = G:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/01/16 17:35:13 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Roaming\AVAST Software
[2014/01/16 17:34:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
[2014/01/16 17:34:28 | 000,066,752 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2014/01/16 17:34:25 | 000,775,952 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/01/16 17:34:23 | 000,410,528 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/01/16 17:34:19 | 000,067,824 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/01/16 17:34:17 | 000,079,720 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/01/16 17:34:09 | 000,270,240 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/01/16 17:34:03 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/16 06:41:28 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{9260CA4B-FF24-4E42-8D04-26E2E97C7B43}
[2014/01/15 18:40:23 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{E88F6224-28D6-49FB-957E-B9A8D6EFF169}
[2014/01/14 20:25:12 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{E5182B85-6AD2-414C-B6F3-CF3792874566}
[2014/01/14 06:41:51 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Roaming\Template
[2014/01/14 06:32:32 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{D0683661-3FEB-4933-AB66-116A3CC32829}
[2014/01/13 06:31:32 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{E50C6CE5-F788-4AFE-ADB8-F8BA7CBA7B5E}
[2014/01/12 07:49:43 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{A7DC1FCA-08D5-486A-8C2A-385ABB59BA40}
[2014/01/11 08:17:12 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{6ACF8115-0B38-4813-A40E-504F1738A4D2}
[2014/01/10 20:34:36 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/01/10 20:33:46 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2014/01/10 16:58:39 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{3D133C89-770F-4BEF-BF8A-C09086F81E0D}
[2014/01/09 19:49:34 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{39E02846-D6A2-41C1-8213-DC166D6AB7D6}
[2014/01/09 06:51:44 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{7945F6BB-F7B7-41C4-8CDA-08E1570F2554}
[2014/01/08 16:59:40 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{C339F050-0DD2-4E31-A100-2E4583BDE2F4}
[2014/01/07 18:52:56 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{75692BCB-9C5B-44D1-BAC8-B730AC262C10}
[2014/01/07 18:29:54 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/01/07 06:47:24 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Local\{F8FCF500-1CC8-41DD-B1C2-C78818055EEF}
[2014/01/06 22:00:59 | 000,000,000 | ---D | C] -- C:\Windows\System32\MRT
[2014/01/06 19:54:55 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/01/06 19:28:46 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Roaming\Malwarebytes
[2014/01/06 18:58:50 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Roaming\Macromedia
[2014/01/06 18:58:50 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Roaming\Adobe
[2014/01/06 18:56:27 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Roaming\Mozilla
[2014/01/05 08:30:11 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/01/05 07:48:32 | 000,000,000 | ---D | C] -- C:\Users\joel c\Desktop\computer clean up files logs
[2014/01/04 13:22:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014/01/04 13:22:52 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2014/01/04 13:22:52 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2014/01/04 02:22:53 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Roaming\Cyykaw
[2014/01/04 01:57:52 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Roaming\Cycepuv
[2014/01/03 18:07:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Optical Mouse
[2014/01/03 18:06:55 | 000,009,472 | ---- | C] (Primax Ltd) -- C:\Windows\System32\drivers\NMgamingms.sys
[2014/01/03 18:06:55 | 000,000,000 | ---D | C] -- C:\Program Files\USB Optical Mouse
[2014/01/02 22:31:02 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Roaming\Cyitxyu
[2014/01/02 13:43:51 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Roaming\Cyemomn
[2014/01/02 02:09:46 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Roaming\Cytioby
[2014/01/01 19:48:26 | 000,000,000 | ---D | C] -- C:\Users\joel c\Desktop\vw and audi workbook
[2014/01/01 17:46:51 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Roaming\Cybatah
[2014/01/01 15:19:00 | 000,000,000 | ---D | C] -- C:\Motorola
[2014/01/01 14:46:14 | 000,000,000 | ---D | C] -- C:\Users\joel c\AppData\Roaming\Cypavo
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/01/16 18:22:56 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1722759672-3242739790-961427303-1001UA.job
[2014/01/16 17:53:00 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1722759672-3242739790-961427303-1003UA.job
[2014/01/16 17:41:22 | 000,013,792 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/01/16 17:41:22 | 000,013,792 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/01/16 17:37:47 | 000,671,168 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/01/16 17:37:47 | 000,126,294 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/01/16 17:34:58 | 000,002,119 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/01/16 17:34:04 | 000,775,952 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/01/16 17:34:04 | 000,410,528 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2014/01/16 17:34:04 | 000,180,248 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/01/16 17:34:04 | 000,079,720 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/01/16 17:34:04 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/01/16 17:34:04 | 000,066,752 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswStm.sys
[2014/01/16 17:34:04 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/01/16 17:34:03 | 000,270,240 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/01/16 17:34:03 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/01/16 17:31:32 | 000,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/01/16 17:31:06 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/01/16 17:31:00 | 2616,545,280 | -HS- | M] () -- C:\hiberfil.sys
[2014/01/16 17:22:54 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2014/01/16 16:24:00 | 000,000,886 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/01/16 08:53:00 | 000,000,906 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1722759672-3242739790-961427303-1003Core.job
[2014/01/16 06:37:46 | 000,360,936 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2014/01/16 02:22:00 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1722759672-3242739790-961427303-1001Core.job
[2014/01/14 15:24:27 | 000,002,376 | ---- | M] () -- C:\Users\joel c\Desktop\Google Chrome.lnk
[2014/01/09 06:40:23 | 000,001,096 | ---- | M] () -- C:\_OTL\MovedFiles\01062014_171545\C_Users\joel c\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2014/01/07 06:54:00 | 000,016,284 | ---- | M] () -- C:\Windows\System32\ieuinit.inf
[2014/01/07 06:43:21 | 000,001,407 | ---- | M] () -- C:\Users\joel c\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/01/04 13:22:53 | 000,001,067 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/01 14:55:02 | 000,450,702 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2014/01/01 14:11:17 | 000,000,000 | ---- | M] () -- C:\Users\joel c\AppData\Roaming\SharedSettings.ccs
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/01/16 17:34:58 | 000,002,119 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/01/16 17:34:27 | 000,180,248 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/01/16 17:34:21 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/01/09 06:40:23 | 000,001,096 | ---- | C] () -- C:\_OTL\MovedFiles\01062014_171545\C_Users\joel c\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
[2014/01/07 06:54:00 | 000,016,284 | ---- | C] () -- C:\Windows\System32\ieuinit.inf
[2014/01/07 06:43:21 | 000,001,407 | ---- | C] () -- C:\Users\joel c\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2014/01/06 21:59:45 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2014/01/06 19:33:21 | 000,000,003 | ---- | C] () -- C:\Windows\System32\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2014/01/04 13:22:53 | 000,001,067 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/01/01 14:11:17 | 000,000,000 | ---- | C] () -- C:\Users\joel c\AppData\Roaming\SharedSettings.ccs
[2013/12/22 08:48:39 | 000,000,928 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1722759672-3242739790-961427303-1003UA.job
[2013/12/22 08:48:36 | 000,000,906 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1722759672-3242739790-961427303-1003Core.job
[2013/05/18 09:23:31 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI
[2013/05/09 18:14:14 | 000,000,388 | ---- | C] () -- C:\Windows\AIM_RACE_STUDIO.INI
[2013/04/18 17:32:16 | 000,000,296 | ---- | C] () -- C:\Users\joel c\.JavaPowUpload.properties
[2013/03/08 21:03:17 | 000,003,120 | ---- | C] () -- C:\Windows\winy2.ini
[2013/03/08 21:02:41 | 000,015,840 | ---- | C] () -- C:\Windows\System32\Machnm1.exe
[2013/03/08 21:02:41 | 000,010,496 | ---- | C] () -- C:\Windows\System32\Machnm64.sys
[2013/03/08 21:02:41 | 000,007,168 | ---- | C] () -- C:\Windows\System32\Machnm32.sys
[2012/11/18 17:10:02 | 000,000,045 | ---- | C] () -- C:\Windows\WF-2540.ini
[2012/08/24 12:40:05 | 000,001,479 | ---- | C] () -- C:\Windows\station.ini
[2012/08/24 12:39:28 | 000,001,356 | ---- | C] () -- C:\Windows\resumes.ini
[2012/08/24 12:38:42 | 000,000,034 | ---- | C] () -- C:\Windows\brochure.ini
[2012/08/24 12:37:58 | 000,001,458 | ---- | C] () -- C:\Windows\newslet.ini
[2012/08/24 12:36:02 | 000,001,510 | ---- | C] () -- C:\Windows\greeting.ini
[2012/06/03 18:06:03 | 000,086,528 | ---- | C] () -- C:\Windows\bnetunin.exe
[2012/06/03 18:06:03 | 000,061,440 | ---- | C] () -- C:\Windows\diabunin.exe
[2012/04/05 19:36:05 | 000,000,090 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2012/03/28 20:07:10 | 000,015,872 | ---- | C] () -- C:\Users\joel c\mortagage envelope.wps
[2012/03/21 20:46:41 | 000,003,850 | ---- | C] () -- C:\Windows\scad3.INI
[2012/02/02 13:55:02 | 000,000,451 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2012/01/18 01:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\System32\LogiDPP.dll
[2012/01/18 01:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\System32\DevManagerCore.dll
[2012/01/18 01:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\System32\LogiDPPApp.exe
[2012/01/17 19:04:48 | 000,010,240 | ---- | C] () -- C:\Users\joel c\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/11/20 21:19:01 | 000,000,662 | ---- | C] () -- C:\Users\joel c\AppData\Local\MOTOPRINTUPnPService
[2011/09/05 15:33:54 | 000,103,720 | ---- | C] () -- C:\Users\joel c\GoToAssistDownloadHelper.exe

========== ZeroAccess Check ==========

[2009/07/13 23:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 20:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 07:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 20:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2013/01/09 06:39:16 | 000,000,000 | ---D | M] -- C:\Users\Becky\AppData\Roaming\Epson
[2012/12/14 05:43:57 | 000,000,000 | ---D | M] -- C:\Users\Becky\AppData\Roaming\Leader Technologies
[2012/01/12 06:04:46 | 000,000,000 | ---D | M] -- C:\Users\Becky\AppData\Roaming\motorola
[2012/08/24 14:44:31 | 000,000,000 | ---D | M] -- C:\Users\Becky\AppData\Roaming\ooVoo Details
[2012/09/25 18:43:52 | 000,000,000 | ---D | M] -- C:\Users\Becky\AppData\Roaming\OverDrive
[2011/08/23 20:45:02 | 000,000,000 | ---D | M] -- C:\Users\Becky\AppData\Roaming\Template
[2014/01/06 04:36:33 | 000,000,000 | ---D | M] -- C:\Users\Becky\AppData\Roaming\USB Optical Mouse
[2012/11/08 18:49:12 | 000,000,000 | ---D | M] -- C:\Users\Becky\AppData\Roaming\Windows Live Writer
[2014/01/16 17:35:13 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\AVAST Software
[2014/01/04 18:43:59 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Cybatah
[2014/01/06 21:12:08 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Cycepuv
[2014/01/04 18:43:59 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Cyemomn
[2014/01/04 18:43:59 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Cyitxyu
[2014/01/04 18:09:29 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Cypavo
[2014/01/04 18:43:59 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Cytioby
[2014/01/06 21:12:08 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Cyykaw
[2002/01/01 00:04:18 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Epson
[2002/01/01 00:04:02 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Leader Technologies
[2002/01/01 00:04:27 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Leadertech
[2002/01/01 00:01:10 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Motorola
[2011/10/26 20:32:12 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\ooVoo Details
[2011/01/08 14:25:35 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Sling Media
[2014/01/14 06:41:51 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Template
[2002/01/01 00:04:05 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\USB Optical Mouse
[2014/01/07 19:56:54 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Windows Live Writer

< End of report >
Joel
  • 0

#22
Nutloaf

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Hi there JR, we have a few items to remove and we will restore your Bookmarks. :)

The Avast extension can be disabled if you want to speed things up. I have mine disabled in IE and Firefox and it works great in Chrome. Let me know if you want help with this.


1. Uninstall

These are undesirable programs that can cause problems, Adware and illegal downloads. P2P programs like Ares are a surefire way of getting infected

  • Click Start then select Control Panel
  • In control panel click Uninstall a Program or Programs and Features and uninstall the following:
  • LTspice IV
  • LTCM Client
  • SupportSoft Assisted Service
  • Ares - Optional uninstall.


2. OTL Fix

Ensure LTspice IV and LTCM Client are removed before this fix

  • Right click the OTL icon and select Run as Administrator.
  • Copy the entire text in the Quote box below, do not include the word QUOTE and Paste into the Custom Scans/Fixes box in OTL.

    :OTL
    O4 - HKLM..\Run: [LTCM Client] C:\Program Files\LTCM Client\ltcmClient.exe (Leader Technologies Inc.)
    [2014/01/04 18:43:59 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Cybatah
    [2014/01/06 21:12:08 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Cycepuv
    [2014/01/04 18:43:59 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Cyemomn
    [2014/01/04 18:43:59 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Cyitxyu
    [2014/01/04 18:09:29 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Cypavo
    [2014/01/04 18:43:59 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Cytioby
    [2014/01/06 21:12:08 | 000,000,000 | ---D | M] -- C:\Users\joel c\AppData\Roaming\Cyykaw

    :FILES
    C:\Program Files\LTCM Client

    :COMMANDS
    [RESETHOSTS]

  • Then click Run Fix
  • Click O.K if asked to Reboot.
  • An OTL fix log will be saved in the following location: C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log - Where mmddyyy _hhmmss is the date and time of fix.
  • Copy and Paste the Fix Log in your next reply.


3. Install the latest Windows Essentials

Older versions of Live Mail leave a lot of empty folders in the Users folder. The latest version clears up after itself.


4. Firefox Bookmarks

Bookmarks

  • Click the Display Your Bookmarks button and select Show All Bookmarks
  • In the window that opens click the Import and Backup button and then select Restore.
  • This time instead of a date select Choose file
  • In the window that opens double click the Old Firefox Data folder.
  • You will see .default folders Check all folders. Double click to open the folder then double click Bookmarkbackups folder and check for older dates there.
  • Double click to restore bookmarks and click O.K at the prompt.
  • There is another method to try if this fails.

  • 0

#23
jr chambers

jr chambers

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 124 posts
here is the txt file
========== OTL ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\LTCM Client not found.
File C:\Program Files\LTCM Client\ltcmClient.exe not found.
C:\Users\joel c\AppData\Roaming\Cybatah folder moved successfully.
C:\Users\joel c\AppData\Roaming\Cycepuv folder moved successfully.
C:\Users\joel c\AppData\Roaming\Cyemomn folder moved successfully.
C:\Users\joel c\AppData\Roaming\Cyitxyu folder moved successfully.
C:\Users\joel c\AppData\Roaming\Cypavo folder moved successfully.
C:\Users\joel c\AppData\Roaming\Cytioby folder moved successfully.
C:\Users\joel c\AppData\Roaming\Cyykaw folder moved successfully.
========== FILES ==========
C:\Program Files\LTCM Client folder moved successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

OTL by OldTimer - Version 3.2.69.0 log created on 01172014_190202
also the bookmarks option doesn't work , sends me to the desktop and the search function for that file doesn't work either
Joel
  • 0

#24
Nutloaf

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
The fix went well which means the only problem is the Firefox Bookmarks. They are on your machine located in your users roaming folder bur Firefox can't locate them. I will tell Firefox where they are. :)

I will need to clear the post with my instructor. So apart from the elusive Bookmarks is everything else O.K? Need help disabling Avast add-ons?

Thanks for sticking with me :thumbsup:
  • 0

#25
jr chambers

jr chambers

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 124 posts
NO, THANK YOU for your help! it seems that as i got to more of my normal websites that the pages load quicker. i know it has to do with the avast add on and that is OK. I'll try to search the files/folder option to locate the bookmarks.
Joel
  • 0

Advertisements


#26
Nutloaf

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Hi Jr, I'm pleased things are running well. The Avast add-on can be disabled unless you are really unsure about the sites you visit. As I stated in an earlier post it works well in Chrome, so you could enable it in Chrome and disable it in IE or FF and use Chrome if unsure :)

This post we will show Firefox where your Bookmarks are, we are looking for the JSON file with the stored information and here's how to do it -


Any Problems then stop and let me know

1. Folder Options

  • Click Start and in the search box type Folder Options and press Enter
  • Click the View tab and check the Show hidden files, folders and drives box.
  • Click Apply then O.K
  • All done, now Firefox :)

2. Firefox Bookmarks

  • 2 ways to do this step depending on your display - 1. Click the Display Your Bookmarks button and select Show All Bookmarks OR 2. Click the Orange Firefox button then Bookmarks then Show All Bookmarks
  • In the window that opens click the Import and Backup button and then select Restore.
  • This time instead of a date select Choose file
  • We now need to locate the JSON file in the j1wo7ccj.default profiles folder.
  • In the left hand pane click Local Disk (C:)
  • In the right hand window scroll down and double click the Users folder.
  • Double click your users folder (joel)
  • Double click AppData Double click Roaming Double click Mozilla Double click Firefox
  • Double click Profiles Double click j1wo7ccj.default Double click Bookmarkbackups
  • Double click the JSON file you need to restore bookmarks (5th of January or before) and click O.K at the prompt.
  • Close and restart Firefox. If the Bookmarks are still not there then follow step 4 in my previous Bookmark post.

3. Set Folder Options to Default

  • Click Start and in the search box type Folder Options and press Enter
  • Click the View tab and check the Don't Show hidden files, folders and drives box.
  • Click Apply then O.K

Let me now what happens :thumbsup:
  • 0

#27
jr chambers

jr chambers

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 124 posts
That file is not found, what is found is c50ggzci.default, which was an older version of my bookmarks. if you think it can still be found then great, we'll search it, but if not i do have most of my bookmarks vs all of them til recently.
Joel
  • 0

#28
Nutloaf

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
This is strange. Mozilla may only be showing you the new Default folder. Can you navigate to the Roaming folder and see if there are 2 folders present. You will have to carry out step 1 in my last post to Show hidden files then:

Navigate to the following folder:

Click Start - Computer - Double click Local Disk (C:) Then Double click the following folders:

Users\joel\AppData\Roaming\Mozilla\Firefox\Profiles - Is the j1wo7ccj folder present?
  • 0

#29
jr chambers

jr chambers

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 124 posts
the only folder is c50ggzci.default, it only has bookmarks back to jan 6,2014
Joel
  • 0

#30
Nutloaf

Nutloaf

    Trusted Helper

  • Malware Removal
  • 1,790 posts
Hi there Jr, this is strange. Let's see if the folder move was successful. The following scan will look for the folder we need. It may still be in quarantine.

OTL Custom Scan

  • Right click the OTL icon and select Run as Administrator.
  • There are 8 None boxes please check all 8.
  • Copy and paste the following into the Custom Scans\Fixes box without the word Quote.

    C:\|j1wo7ccj.;true;true;true /FP

  • Now Click Run Scan
  • OTL will now scan your computer and produce a log file OTL.txt
  • Please post in your next reply

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP