and could harm ur computer.....then i have option delete, actions, or view downloads....what do i do?
computer wont let me download [Solved]
#106
Posted 24 May 2013 - 10:37 AM
and could harm ur computer.....then i have option delete, actions, or view downloads....what do i do?
#107
Posted 24 May 2013 - 10:49 AM
#108
Posted 24 May 2013 - 10:58 AM
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
#109
Posted 24 May 2013 - 11:55 AM
Step 1 Install an Antivirus Program
Always make sure you have an antivirus program! Microsoft Security Essentials or Avast! Antivirus both are FREE to use. Please remember that you can only have one Antivirus installed at a time.
Step 2 Uninstall Programs
In your Control Panel, Under Programs, please uninstall these programs if they are present in the list:
UtilityChest_49
Viewpoint.
Note: Here are more detailed instructions on how to uninstall a program if you need them.
Step 3 OTL Fix
Warning: This fix is relevant for this system and no other. If you are not this user, do NOT follow these directions as they could damage the workings of your system.
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
1. Please copy all of the text in the code box below. To do this, highlight everything inside the code box, right click and click Copy.
:Commands [createrestorepoint] :OTL PRC - [2013/03/23 02:28:51 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) -- C:\Program Files\UtilityChest_49\bar\1.bin\49barsvc.exe SRV - [2013/03/23 02:28:51 | 000,042,504 | ---- | M] (COMPANYVERS_NAME) [Auto | Running] -- C:\Program Files\UtilityChest_49\bar\1.bin\49barsvc.exe -- (UtilityChest_49Service) IE - HKCU\..\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}: "URL" = http://search.alot.c...n=2.5.15001.521 FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll () O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. [2013/05/22 17:13:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Viewpoint [2013/05/22 17:13:31 | 000,000,000 | ---D | C] -- C:\Program Files\Viewpoint :Files C:\Program Files\UtilityChest_49\bar\1.bin\49datact.dll C:\Program Files\UtilityChest_49\bar\1.bin\49htmlmu.dll C:\Program Files\UtilityChest_49\bar\1.bin\49ieovr.dll C:\Program Files\UtilityChest_49\bar\1.bin\49skin.dll C:\Program Files\UtilityChest_49\bar\1.bin\T8HTML.DLL C:\Program Files\Vuze\.install4j\i4j_extf_32_5p83tu.dll C:\Windows\Installer\7d1e3.msi :Commands [emptytemp]
2. Please re-open on your desktop.
3. Place the mouse pointer inside the textbox, right click and click Paste. This will put the above script inside the textbox.
4. Click the button.
5. Let the program run unhindered.
6. OTL may ask to reboot the machine. Please do so if asked.
7. Click the button.
8. A report will open. Copy and Paste that report in your next reply.
9. If the machine reboots, the log will be located at C:\_OTL\MovedFiles\mmddyyyy_hhmmss.log, (where mmddyyyy_hhmmss is the date of the tool run).
10. Run OTL again and click the button. Post the log it produces in your next reply.
~~~~~~~~~~~~~~~~~~~~ Things Needed for Your Next Post ~~~~~~~~~~~~~~~~~~~~
1. OTL Fix Log
2. New OTL Log
#110
Posted 24 May 2013 - 12:48 PM
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
No active process named 49barsvc.exe was found!
Error: No service named UtilityChest_49Service was found to stop!
Service\Driver key UtilityChest_49Service not found.
C:\Program Files\UtilityChest_49\bar\1.bin\49barsvc.exe moved successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@viewpoint.com/VMP\ not found.
C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Folder C:\ProgramData\Viewpoint\ not found.
C:\Program Files\Viewpoint\Viewpoint Experience Technology\NewComponents folder moved successfully.
C:\Program Files\Viewpoint\Viewpoint Experience Technology\DownloadedComponents folder moved successfully.
C:\Program Files\Viewpoint\Viewpoint Experience Technology\Components folder moved successfully.
C:\Program Files\Viewpoint\Viewpoint Experience Technology folder moved successfully.
C:\Program Files\Viewpoint folder moved successfully.
========== FILES ==========
File\Folder C:\Program Files\UtilityChest_49\bar\1.bin\49datact.dll not found.
File\Folder C:\Program Files\UtilityChest_49\bar\1.bin\49htmlmu.dll not found.
File\Folder C:\Program Files\UtilityChest_49\bar\1.bin\49ieovr.dll not found.
File\Folder C:\Program Files\UtilityChest_49\bar\1.bin\49skin.dll not found.
File\Folder C:\Program Files\UtilityChest_49\bar\1.bin\T8HTML.DLL not found.
C:\Program Files\Vuze\.install4j\i4j_extf_32_5p83tu.dll moved successfully.
C:\Windows\Installer\7d1e3.msi moved successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: anthony's
->Temp folder emptied: 1823180 bytes
->Temporary Internet Files folder emptied: 60254270 bytes
->Java cache emptied: 0 bytes
->Google Chrome cache emptied: 6407579 bytes
->Flash cache emptied: 534 bytes
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Java cache emptied: 0 bytes
User: Public
->Temp folder emptied: 0 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 148579580 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes
Total Files Cleaned = 207.00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 05242013_144629
Files\Folders moved on Reboot...
C:\Users\anthony's\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\anthony's\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
#111
Posted 24 May 2013 - 12:50 PM
#112
Posted 24 May 2013 - 12:51 PM
Correct, just open and Click Quick Scanwhen im running the quick scan....i didnt put anything in the custom scans/fixes area right?
#113
Posted 24 May 2013 - 12:59 PM
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\anthony's\Downloads
Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
2.99 Gb Total Physical Memory | 1.56 Gb Available Physical Memory | 52.09% Memory free
5.98 Gb Paging File | 4.43 Gb Available in Paging File | 74.10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 297.99 Gb Total Space | 115.55 Gb Free Space | 38.78% Space Free | Partition Type: NTFS
Computer Name: ANTHONYS-PC | User Name: anthony's | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013/05/24 12:16:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\anthony's\Downloads\OTL.exe
PRC - [2013/05/23 01:44:09 | 000,825,808 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/05/09 04:58:30 | 004,858,968 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013/03/27 16:18:02 | 001,098,072 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files\Garmin\Express Tray\ExpressTray.exe
PRC - [2013/02/27 01:05:53 | 000,101,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\consent.exe
PRC - [2013/02/13 19:38:18 | 000,310,128 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\SAMSUNG\Kies\KiesTrayAgent.exe
PRC - [2013/02/13 19:38:14 | 001,509,232 | ---- | M] (Samsung) -- C:\Program Files\SAMSUNG\Kies\Kies.exe
PRC - [2013/02/06 05:17:56 | 000,578,560 | ---- | M] (Samsung Electronics) -- C:\Program Files\SAMSUNG\Kies\KiesAirMessage.exe
PRC - [2012/11/22 22:48:41 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2012/02/10 12:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) -- C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE
PRC - [2011/04/25 17:52:37 | 000,041,296 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.6b\waol.exe
PRC - [2011/04/25 17:52:36 | 000,045,392 | ---- | M] (AOL Inc.) -- C:\Program Files\AOL Desktop 9.6b\shellmon.exe
PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2010/10/27 20:17:52 | 000,207,424 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
PRC - [2010/10/26 17:25:10 | 000,319,568 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
PRC - [2010/10/25 15:53:46 | 000,145,920 | ---- | M] (HP) -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
PRC - [2010/10/25 15:40:08 | 000,058,936 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe
PRC - [2010/08/25 12:27:44 | 000,309,824 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
PRC - [2010/08/24 14:35:02 | 002,459,192 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe
PRC - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2010/03/08 03:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files\Common Files\AOL\1294466277\ee\aolsoftware.exe
PRC - [2009/11/04 19:20:14 | 000,597,792 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2009/10/24 04:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009/07/20 12:30:50 | 000,813,584 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Logitech\SetPoint\SetPoint.exe
PRC - [2009/07/10 12:42:32 | 000,055,824 | ---- | M] (Logitech, Inc.) -- C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.exe
PRC - [2008/12/31 15:46:20 | 000,286,720 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files\ArcSoft\TotalMedia Extreme\BackUp & Recorder\uBBMonitor.exe
PRC - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files\Common Files\AOL\acs\AOLacsd.exe
========== Modules (No Company Name) ==========
MOD - [2013/05/23 01:44:07 | 000,393,168 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\27.0.1453.94\ppgooglenaclpluginchrome.dll
MOD - [2013/05/23 01:43:59 | 004,051,408 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\27.0.1453.94\pdf.dll
MOD - [2013/05/23 01:43:06 | 000,599,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\27.0.1453.94\libglesv2.dll
MOD - [2013/05/23 01:43:05 | 000,124,368 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\27.0.1453.94\libegl.dll
MOD - [2013/05/23 01:43:03 | 001,597,392 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\27.0.1453.94\ffmpegsumo.dll
MOD - [2013/05/21 03:20:47 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\30e3a21202000677d0a9270572251477\System.Windows.Forms.ni.dll
MOD - [2013/05/21 03:20:38 | 001,806,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\33125250f48dd834dde012979858b39f\System.Deployment.ni.dll
MOD - [2013/05/21 03:20:22 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll
MOD - [2013/05/21 03:20:18 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll
MOD - [2013/05/15 03:14:09 | 000,369,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\1770f4fb3b437d05badf13679e8ff0bd\System.ServiceModel.Routing.ni.dll
MOD - [2013/05/15 03:14:08 | 001,140,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\6f750662bfef47bb20c17230472d8e7f\System.ServiceModel.Discovery.ni.dll
MOD - [2013/05/15 03:14:07 | 000,082,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\d30d2f75af7cdf3880c1b5d1a2622d81\System.ServiceModel.Channels.ni.dll
MOD - [2013/05/15 03:13:56 | 001,393,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\950a487ee233b20ac56f1e2fbe7b29f6\System.ServiceModel.Activities.ni.dll
MOD - [2013/05/15 03:13:54 | 001,079,296 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\ce2164d32e319ee1d047119316c19557\System.IdentityModel.ni.dll
MOD - [2013/05/15 03:13:52 | 018,123,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\35f10af8371c9953294e6bdc86b5458b\System.ServiceModel.ni.dll
MOD - [2013/05/15 03:13:31 | 001,086,464 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel#\b24c65edc1e2688b3f42830b0c620492\System.ServiceModel.Web.ni.dll
MOD - [2013/05/15 03:11:25 | 000,615,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\8d615f862df4bbbce1e8db9d54e3f394\DevicePodcast.ni.dll
MOD - [2013/05/15 03:11:23 | 000,299,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\eddd2c10f7f26c7d9bc829d58a242107\DeviceVideo.ni.dll
MOD - [2013/05/15 03:11:22 | 000,353,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\ab17b49c15978762fa850b26cbf40381\DevicePhoto.ni.dll
MOD - [2013/05/15 03:11:21 | 000,305,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\d99262faddfef2aa5a9ebc3e3c8ec32a\DeviceMusic.ni.dll
MOD - [2013/05/15 03:11:20 | 000,473,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\42181272db5142f8c30b840f9e332f74\VideoManager.ni.dll
MOD - [2013/05/15 03:11:18 | 000,776,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\e0814673978d88e7ef315affeea8306a\PhotoManager.ni.dll
MOD - [2013/05/15 03:11:16 | 001,929,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\06fb33fe1cebe31db02a7eac1a0eff14\Phonebook.ni.dll
MOD - [2013/05/15 03:11:12 | 000,945,152 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\acf17db7e1bedb24137cf5762b5e0bbe\MusicManager.ni.dll
MOD - [2013/05/15 03:11:10 | 000,403,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\c3454a3e90594f92a4f72e1f3ef5b79b\BATPlugin.ni.dll
MOD - [2013/05/15 03:11:05 | 000,516,096 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\3a2e264f8b8bf90827c54222d425a119\Kies.Common.MediaDB.ni.dll
MOD - [2013/05/15 03:11:04 | 000,063,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\271b23fa48ab76fec3869dfd4ea08bf4\Kies.Common.AllShare.ni.dll
MOD - [2013/05/15 03:11:03 | 000,066,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\9f9c16840f99762681d5d22b513d9d16\Kies.Common.DBManager.ni.dll
MOD - [2013/05/15 03:11:02 | 000,205,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\24406f57b2cb550f87abd0550114e270\Kies.Common.MainUI.ni.dll
MOD - [2013/05/15 03:11:01 | 000,283,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\99c314ad36cb327c59650b7dd4fcc8b8\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll
MOD - [2013/05/15 03:11:00 | 000,572,416 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\ebb02b742bfeaea2f90a1aa3d99c37bb\Kies.Common.DeviceServiceLib.FileService.ni.dll
MOD - [2013/05/15 03:10:59 | 001,098,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\79b19561e6e7dbe53b4de73806587710\Kies.Common.DeviceService.ni.dll
MOD - [2013/05/15 03:10:56 | 001,138,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\2e03016472dc796c1019d0bd36f97f06\Podcaster.ni.dll
MOD - [2013/05/15 03:10:52 | 000,732,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Plugin.Content#\316826735a887022bed5d0f8356c3a8a\Kies.Plugin.ContentsManagerLib.ni.dll
MOD - [2013/05/15 03:10:41 | 000,926,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\c16c6f9947a9e8252dea5c6029aa6150\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll
MOD - [2013/05/15 03:10:37 | 002,209,280 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\1186a79a1a50b9457dd18371fa291f75\Kies.Common.Multimedia.ni.dll
MOD - [2013/05/15 03:10:33 | 000,628,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\718b3bb48bb3216ad901c16c4c548239\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll
MOD - [2013/05/15 03:10:25 | 006,797,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\3dc0083c87f0f44adde05b180aea3209\DeviceHost.ni.dll
MOD - [2013/05/15 03:10:15 | 000,281,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\c3080b42764ab8ddebed6db271335002\Kies.Common.Util.ni.dll
MOD - [2013/05/15 03:10:14 | 001,928,704 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\23211ec645a6c9ef85d69795920f3e8f\Kies.UI.ni.dll
MOD - [2013/05/15 03:10:11 | 000,160,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\f67e1afe33aa6c76e375dbd4fa132363\GongSolutions.Wpf.DragDrop.ni.dll
MOD - [2013/05/15 03:10:10 | 001,246,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\ba1f218cdc4b19c824a8e8159fb4ed92\Kies.Interface.ni.dll
MOD - [2013/05/15 03:09:42 | 001,021,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Dura#\2bb04ca46f8374826e4e6cafae120aa1\System.Runtime.DurableInstancing.ni.dll
MOD - [2013/05/15 03:09:41 | 002,647,040 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Seri#\c9508bbbee390fa5c287a84d1a88d7d9\System.Runtime.Serialization.ni.dll
MOD - [2013/05/15 03:09:37 | 000,393,216 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\3801a5e161089434ffe30b9350881308\System.Xml.Linq.ni.dll
MOD - [2013/05/15 03:09:36 | 002,115,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\3de72d3e20498c62099e85da7fd44b3c\Kies.ni.exe
MOD - [2013/05/15 03:06:38 | 018,022,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\1f0bb5336d1706c9b8ad2330f3642760\PresentationFramework.ni.dll
MOD - [2013/05/15 03:06:25 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ddc3e8c2774eaec614d6775983652980\System.Configuration.ni.dll
MOD - [2013/05/15 03:06:21 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\6ded1c6dbf61d19f839da66c951d8fa9\System.Windows.Forms.ni.dll
MOD - [2013/05/15 03:06:18 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\9b2940478ec555990b37af5448b8f509\PresentationCore.ni.dll
MOD - [2013/05/15 03:06:09 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\93a17ba6cb6753328f25466bc0bf1cb1\System.Core.ni.dll
MOD - [2013/05/15 03:06:03 | 003,883,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\a1949f57d2ec260e09768e98fecb0559\WindowsBase.ni.dll
MOD - [2013/03/18 08:10:10 | 001,226,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.WorkflowServ#\17b4a6296ab10e2cf9a1a54a73a13ec4\System.WorkflowServices.ni.dll
MOD - [2013/03/18 07:39:43 | 017,357,824 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\0f4155c806e86a023b835d9070774f89\Kies.Theme.ni.dll
MOD - [2013/03/18 07:39:41 | 000,307,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\1b6f3c9a32cd1976fb79b2445e586939\DummyStorePlugin.ni.dll
MOD - [2013/03/18 07:39:13 | 000,029,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\3c6667cbc29155082e58137643a1dff1\Kies.Common.StoreManager.ni.dll
MOD - [2013/03/18 07:39:12 | 000,232,960 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\52207264bac5068c2de665b3f41e8964\ASF_cSharpAPI.ni.dll
MOD - [2013/03/18 07:39:09 | 000,109,056 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.CRMMana#\657f2c28fc2068324d9b0f1d9d596361\Kies.Common.CRMManager.ni.dll
MOD - [2013/03/18 07:39:07 | 000,043,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.FUSCryptLib\7296ee8d41eeb2bcc543df81eea19ebe\Interop.FUSCryptLib.ni.dll
MOD - [2013/03/18 07:39:05 | 000,189,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\9a1d52e92dab2e5f906e4edae93b8b8c\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll
MOD - [2013/03/18 07:39:04 | 000,175,616 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\fa06b799153f9c28c1866319b3db5580\Interop.DevFileServiceLib.ni.dll
MOD - [2013/03/18 07:38:18 | 000,040,448 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\d77da7b6668e27f63af7da941e221304\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll
MOD - [2013/03/18 07:38:01 | 000,743,424 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\0969ff5a4924da7d8c6ebd3fca8f154b\ICSharpCode.SharpZipLib.ni.dll
MOD - [2013/03/18 07:38:01 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\5f0b67eb5313c092d5b8b56426dd30e2\Interop.MP3FileInfoCOMLib.ni.dll
MOD - [2013/03/18 07:38:01 | 000,032,256 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\b2c7788a3e89dfe8758d6184bac1b663\Interop.OGGFileInfoCOMLib.ni.dll
MOD - [2013/03/18 07:38:00 | 000,171,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\111be4cc197cabb6340170eeb54ae535\Interop.P3MPINTERFACECTRLLib.ni.dll
MOD - [2013/03/18 07:38:00 | 000,030,720 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\29e8db641e3708219f13d2a3b7528278\Interop.PRPLAYERCORELib.ni.dll
MOD - [2013/03/18 07:37:52 | 000,018,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceServi#\ed97f510e91aff4e4f00987ec1fb8b70\Interop.DeviceServiceModelDBLib.ni.dll
MOD - [2013/03/18 07:37:51 | 000,184,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\0ec1f5148809454e7dd63148636a05b2\Kies.Common.DeviceServiceLib.Interface.ni.dll
MOD - [2013/03/18 07:37:30 | 000,395,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\af22e5bb6307e2882abe5fbdb3c00c8e\CabLib.ni.dll
MOD - [2013/03/18 07:37:28 | 001,599,488 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\5cf4d41e6de5af4c27e7b66b172f73df\Kies.Locale.ni.dll
MOD - [2013/03/18 07:37:28 | 000,052,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\4f4243b3bc2e4cdf0ec6e7ad5559aa20\Interop.DeviceSearchLib.ni.dll
MOD - [2013/03/18 07:37:27 | 000,079,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\48c087dd6e18fcbd057e0b1dd6cfa2fd\Kies.MVVM.ni.dll
MOD - [2013/03/18 07:37:01 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7d8f6866864f78cf83d3701641c46178\System.ServiceProcess.ni.dll
MOD - [2013/03/18 07:36:01 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\07753c0a8ed7f9bc61b0ee718f3c779d\System.Runtime.Remoting.ni.dll
MOD - [2013/03/18 07:35:53 | 000,649,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\83bbc0d5a9689f5de5090dcf3e3958f8\System.Transactions.ni.dll
MOD - [2013/03/18 07:35:45 | 000,143,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\a9ecbe8beef8c04f60f9127ec6599abf\SMDiagnostics.ni.dll
MOD - [2013/03/18 07:35:32 | 001,812,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll
MOD - [2013/03/18 07:26:05 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\78ecbee4a7444353dce52afb9d9d795c\System.Drawing.ni.dll
MOD - [2013/03/18 07:25:53 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll
MOD - [2013/03/18 07:25:42 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\60674dde4b56087c189f576f36f6720f\PresentationFramework.Aero.ni.dll
MOD - [2013/03/18 07:25:40 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll
MOD - [2013/03/18 07:25:30 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll
MOD - [2013/02/14 04:25:00 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\7ff638de44686eab4afaa8b3c8a9cfca\System.ServiceProcess.ni.dll
MOD - [2013/02/14 04:24:50 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
MOD - [2013/01/09 04:31:23 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll
MOD - [2013/01/09 04:26:45 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013/01/09 04:26:14 | 000,310,784 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\eb4fa29ea9ab56d453b36696edbe6423\System.Runtime.Serialization.Formatters.Soap.ni.dll
MOD - [2013/01/09 04:26:05 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/09 04:25:41 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/09 04:25:35 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/09 04:25:26 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll
MOD - [2012/11/28 15:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/11/28 15:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/04/25 17:52:37 | 000,048,640 | ---- | M] () -- C:\Program Files\AOL Desktop 9.6b\zlib.dll
MOD - [2010/10/25 15:36:22 | 000,119,864 | ---- | M] () -- C:\Program Files\HP\ToolboxFX\bin\NativeUtils.dll
MOD - [2009/07/20 12:27:14 | 000,017,936 | ---- | M] () -- C:\Program Files\Logitech\SetPoint\khalwrapper.dll
MOD - [2006/11/08 15:58:38 | 000,449,280 | ---- | M] () -- C:\Program Files\ArcSoft\TotalMedia Extreme\BackUp & Recorder\fpxlib.dll
========== Services (SafeList) ==========
SRV - File not found [Auto | Stopped] -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2013/05/17 02:13:32 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/05/09 04:58:30 | 000,046,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2013/03/27 16:17:42 | 000,185,688 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Stopped] -- C:\Program Files\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
SRV - [2012/02/10 12:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012/02/10 12:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Running] -- C:\Program Files\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2010/12/21 04:04:11 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2010/10/26 17:25:10 | 000,319,568 | ---- | M] (Logitech, Inc.) [Auto | Running] -- C:\Program Files\Logitech\SolarApp\L4301_Solar.exe -- (L4301_Solar)
SRV - [2010/10/25 15:53:46 | 000,145,920 | ---- | M] (HP) [Auto | Running] -- C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/10/24 04:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009/07/20 12:28:10 | 000,121,360 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 21:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 21:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Running] -- C:\Program Files\Common Files\AOL\acs\AOLacsd.exe -- (AOL ACS)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\rdvgkmd.sys -- (VGPU)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\drivers\tsusbhub.sys -- (tsusbhub)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\synth3dvsc.sys -- (Synth3dVsc)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\system32\PCTINDIS5.SYS -- (PCTINDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS -- (MRENDIS5)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS -- (MREMPR5)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motmodem.sys -- (motmodem)
DRV - File not found [Kernel | On_Demand | Stopped] -- System32\drivers\dgderdrv.sys -- (dgderdrv)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\ANTHON~1\AppData\Local\Temp\catchme.sys -- (catchme)
DRV - [2013/05/19 19:37:40 | 000,031,560 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV - [2013/05/09 04:59:10 | 000,765,736 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013/05/09 04:59:10 | 000,368,944 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2013/05/09 04:59:10 | 000,174,664 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013/05/09 04:59:10 | 000,061,680 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2013/05/09 04:59:10 | 000,056,080 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013/05/09 04:59:10 | 000,049,376 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013/05/09 04:59:09 | 000,066,336 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013/05/09 04:59:08 | 000,029,816 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2013/02/06 07:42:10 | 000,083,864 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013/02/06 07:42:08 | 000,181,784 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2012/06/24 22:24:46 | 000,046,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\dc3d.sys -- (dc3d)
DRV - [2011/07/07 17:13:46 | 000,015,896 | ---- | M] (HandSet Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\massfilter_hs.sys -- (massfilter_hs)
DRV - [2011/01/13 01:33:38 | 000,026,504 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swmsflt.sys -- (swmsflt)
DRV - [2010/11/20 08:30:15 | 000,175,360 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmbus.sys -- (vmbus)
DRV - [2010/11/20 08:30:15 | 000,040,704 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vmstorfl.sys -- (storflt)
DRV - [2010/11/20 08:30:15 | 000,028,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\storvsc.sys -- (storvsc)
DRV - [2010/11/20 06:24:41 | 000,052,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2010/11/20 06:21:14 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2010/11/20 05:59:44 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/11/20 05:14:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VMBusHID.sys -- (VMBusHID)
DRV - [2010/11/20 05:14:41 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\vms3cap.sys -- (s3cap)
DRV - [2010/03/17 16:53:38 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2010/03/17 16:53:22 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2009/08/24 16:53:40 | 001,170,304 | ---- | M] (AVerMedia TECHNOLOGIES, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVerA706.sys -- (AVerA706)
DRV - [2009/07/13 19:51:24 | 000,026,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sonydcam.sys -- (sonydcam)
DRV - [2009/07/13 18:02:53 | 000,311,296 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\yk62x86.sys -- (yukonw7)
DRV - [2009/07/13 18:02:51 | 004,231,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\netw5v32.sys -- (netw5v32)
DRV - [2009/06/17 12:56:16 | 000,037,392 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LMouFilt.Sys -- (LMouFilt)
DRV - [2009/06/17 12:56:06 | 000,035,472 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidFilt.Sys -- (LHidFilt)
DRV - [2009/06/17 12:55:58 | 000,010,384 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LHidEqd.sys -- (LHidEqd)
DRV - [2009/06/17 12:55:50 | 000,040,720 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV - [2009/02/19 15:22:52 | 000,127,744 | ---- | M] () [Kernel | System | Running] -- C:\Windows\System32\drivers\ArcHlp.sys -- (archlp)
DRV - [2008/05/28 13:54:38 | 000,073,472 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FLx86.sys -- (R5U870FLx86)
DRV - [2008/05/28 13:54:38 | 000,043,904 | ---- | M] (Ricoh) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\R5U870FUx86.sys -- (R5U870FUx86)
DRV - [2008/01/30 10:56:02 | 000,818,688 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ti21sony.sys -- (ti21sony)
DRV - [2008/01/10 17:59:44 | 000,142,976 | ---- | M] (Sierra Wireless Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\swumx80.sys -- (SWUMX80)
DRV - [2007/08/23 08:29:46 | 000,021,632 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbmodem.sys -- (USBModem)
DRV - [2007/08/23 08:29:46 | 000,019,840 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbdiag.sys -- (UsbDiag)
DRV - [2007/08/23 08:29:46 | 000,012,416 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgusbbus.sys -- (usbbus)
DRV - [2007/08/03 06:36:10 | 000,009,344 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\SFEP.sys -- (SFEP)
DRV - [2007/06/28 11:44:58 | 000,137,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcd.sys -- (nmwcd)
DRV - [2007/06/28 11:44:16 | 000,008,320 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nmwcdc.sys -- (nmwcdc)
DRV - [2006/11/29 18:24:57 | 000,033,588 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wanatw4.sys -- (wanatw)
DRV - [2005/02/23 15:58:56 | 000,011,776 | ---- | M] (Arcsoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\afc.sys -- (Afc)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...g}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{54B7D308-B001-4C6A-BAC8-1A7D1E8D6128}: "URL" = http://www.google.co...&rlz=1I7WZPC_en
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...&rlz=1I7GGLR_en
IE - HKCU\..\SearchScopes\{BF5F9A54-B026-40D7-B22A-8647AA51BEBF}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_39: C:\Windows\system32\npdeployJava1.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.0: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2013/02/09 01:13:03 | 000,000,000 | ---D | M]
========== Chrome ==========
CHR - homepage: http://www.google.com
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.94\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\27.0.1453.94\pdf.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Garmin Communicator Plug-In (Enabled) = C:\Program Files\Garmin GPS Plugin\npGarmin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Java Deployment Toolkit 6.0.390.4 (Enabled) = C:\Windows\system32\npdeployJava1.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Docs = C:\Users\anthony's\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Google Drive = C:\Users\anthony's\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\anthony's\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\anthony's\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Freemake Video Converter = C:\Users\anthony's\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj\1.0.0_0\
CHR - Extension: Gmail = C:\Users\anthony's\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013/05/20 12:04:20 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HostManager] C:\Program Files\Common Files\AOL\1294466277\ee\aolsoftware.exe (AOL Inc.)
O4 - HKLM..\Run: [HP LaserJet Professional CM1410 Series Fax] C:\Program Files\HP\Digital Imaging\Fax\Fax Driver 0.6 Base\hppfaxprintersrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [Kernel and Hardware Abstraction Layer] C:\Windows\KHALMNPR.Exe (Logitech, Inc.)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files\SAMSUNG\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [ToolboxFX] C:\Program Files\HP\ToolboxFX\bin\HPTLBXFX.exe (Hewlett-Packard Company)
O4 - HKCU..\Run: [AOL Fast Start] C:\Program Files\AOL Desktop 9.6b\AOL.EXE (AOL Inc.)
O4 - HKCU..\Run: [GarminExpressTrayApp] C:\Program Files\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKCU..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics)
O4 - HKCU..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung)
O4 - HKCU..\Run: [Verizon Media Manager] C:\Program Files\Verizon\Verizon Media Manager\Release\Verizon Media Manager.exe ()
O4 - Startup: C:\Users\anthony's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk = File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range - 5)
O16 - DPF: {721700FE-7F0E-49C5-BDED-CA92B7CB1245} https://www.mydlink..../camclictrl.cab (Camera Stream Client Control Object)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1ABD02CB-7F71-4374-94F6-EFD8A6737B9F}: DhcpNameServer = 192.168.1.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | -HS- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013/05/24 14:46:29 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/05/24 14:32:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013/05/24 14:31:01 | 000,029,816 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013/05/24 14:31:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
[2013/05/24 14:31:00 | 000,368,944 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013/05/24 14:30:58 | 000,061,680 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2013/05/24 14:30:57 | 000,056,080 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013/05/24 14:30:55 | 000,765,736 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013/05/24 14:30:49 | 000,229,648 | ---- | C] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013/05/24 14:30:49 | 000,066,336 | ---- | C] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013/05/24 14:30:25 | 000,041,664 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/05/24 14:30:07 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013/05/24 14:27:13 | 000,707,728 | ---- | C] (MindSpark) -- C:\Program Files\49Uninstall Utility Chest.dll
[2013/05/24 14:26:05 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2013/05/24 10:48:50 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2013/05/22 14:23:54 | 000,000,000 | ---D | C] -- C:\Users\anthony's\Desktop\fix.bat
[2013/05/22 14:19:49 | 000,000,000 | ---D | C] -- C:\Users\anthony's\Desktop\fix
[2013/05/20 12:04:24 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2013/05/20 11:51:35 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013/05/20 11:51:35 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013/05/20 11:51:35 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013/05/20 11:51:28 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013/05/20 11:51:10 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013/05/19 19:38:00 | 000,000,000 | ---D | C] -- C:\Users\anthony's\AppData\Roaming\Malwarebytes
[2013/05/19 19:37:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013/05/19 19:37:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013/05/19 19:37:57 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2013/05/19 19:37:57 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013/05/17 01:58:48 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch
[2013/05/16 15:47:46 | 000,000,000 | ---D | C] -- C:\NBRT
[2013/05/10 01:37:23 | 000,000,000 | ---D | C] -- C:\Program Files\D-Link
[2013/05/10 00:40:21 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Verizon_Android
[2013/05/07 07:44:41 | 000,000,000 | ---D | C] -- C:\Users\anthony's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2013/04/29 01:57:57 | 000,000,000 | ---D | C] -- C:\Users\anthony's\AppData\Roaming\vlc
[2011/05/23 04:47:00 | 000,047,360 | ---- | C] (VSO Software) -- C:\Users\anthony's\AppData\Roaming\pcouffin.sys
========== Files - Modified Within 30 Days ==========
[2013/05/24 14:57:00 | 000,015,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/05/24 14:57:00 | 000,015,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/05/24 14:49:48 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2013/05/24 14:49:40 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/05/24 14:49:04 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/05/24 14:49:00 | 2408,390,656 | -HS- | M] () -- C:\hiberfil.sys
[2013/05/24 14:42:11 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/05/24 14:32:15 | 000,002,161 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/05/24 14:31:01 | 000,002,035 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/05/24 14:30:49 | 000,002,577 | ---- | M] () -- C:\Windows\System32\config.nt
[2013/05/24 14:00:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/23 08:56:14 | 000,000,000 | RHS- | M] () -- C:\MSDOS.SYS
[2013/05/23 08:56:14 | 000,000,000 | RHS- | M] () -- C:\IO.SYS
[2013/05/22 11:33:47 | 000,326,718 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/05/22 11:33:47 | 000,045,652 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/05/22 04:07:53 | 1617,280,647 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013/05/21 03:19:35 | 000,292,472 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2013/05/20 12:04:20 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/05/20 11:35:14 | 000,001,367 | ---- | M] () -- C:\Users\anthony's\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2013/05/19 21:41:54 | 000,001,754 | ---- | M] () -- C:\Users\Public\Desktop\Vuze.lnk
[2013/05/19 21:41:54 | 000,001,754 | ---- | M] () -- C:\Users\anthony's\Application Data\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk
[2013/05/19 19:37:58 | 000,000,874 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/05/19 19:37:40 | 000,031,560 | ---- | M] () -- C:\Windows\System32\drivers\mbamchameleon.sys
[2013/05/09 04:59:10 | 000,765,736 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2013/05/09 04:59:10 | 000,368,944 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSP.sys
[2013/05/09 04:59:10 | 000,174,664 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/05/09 04:59:10 | 000,061,680 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2013/05/09 04:59:10 | 000,056,080 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswTdi.sys
[2013/05/09 04:59:10 | 000,049,376 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/05/09 04:59:09 | 000,066,336 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2013/05/09 04:59:08 | 000,029,816 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswFsBlk.sys
[2013/05/09 04:58:37 | 000,041,664 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2013/05/09 04:58:28 | 000,229,648 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2013/04/29 01:57:01 | 000,000,984 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
========== Files Created - No Company Name ==========
[2013/05/24 14:32:15 | 000,002,161 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2013/05/24 14:31:01 | 000,002,035 | ---- | C] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2013/05/24 14:30:54 | 000,174,664 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/05/24 14:30:53 | 000,049,376 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/05/24 14:27:14 | 000,178,560 | ---- | C] () -- C:\Program Files\49res.dll
[2013/05/23 08:56:14 | 000,000,000 | RHS- | C] () -- C:\MSDOS.SYS
[2013/05/23 08:56:14 | 000,000,000 | RHS- | C] () -- C:\IO.SYS
[2013/05/22 04:07:53 | 1617,280,647 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013/05/20 11:51:35 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013/05/20 11:51:35 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013/05/20 11:51:35 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013/05/20 11:51:35 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013/05/20 11:51:35 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013/05/19 19:37:58 | 000,000,874 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013/05/19 19:37:40 | 000,031,560 | ---- | C] () -- C:\Windows\System32\drivers\mbamchameleon.sys
[2013/05/17 01:21:13 | 000,000,830 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/05/07 07:44:41 | 000,001,373 | ---- | C] () -- C:\Users\anthony's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2013/04/29 01:57:01 | 000,000,984 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013/02/05 17:52:54 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2013/02/05 17:52:50 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2013/02/05 17:52:50 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2013/02/05 17:52:50 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2013/02/05 17:52:50 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2013/01/21 01:19:32 | 000,000,608 | -HS- | C] () -- C:\Windows\System32\winzvprt5.sys
[2013/01/21 01:19:32 | 000,000,230 | ---- | C] () -- C:\Windows\System32\hppfaxprinter5.ini
[2013/01/09 02:27:15 | 000,127,744 | ---- | C] () -- C:\Windows\System32\drivers\ArcHlp.sys
[2012/11/07 01:14:05 | 000,584,584 | ---- | C] () -- C:\Windows\adb.exe
[2012/01/10 17:23:31 | 001,237,200 | ---- | C] () -- C:\Windows\System32\DcsCliCtrl.dll
[2011/07/10 11:22:18 | 000,000,000 | ---- | C] () -- C:\Users\anthony's\AppData\Local\{C10DF118-4E4D-4F74-A25A-BB4E9082CE9B}
[2011/07/01 07:03:41 | 000,080,896 | ---- | C] () -- C:\Windows\System32\RDVGHelper.exe
[2011/07/01 07:02:41 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2011/05/23 04:48:59 | 000,001,057 | ---- | C] () -- C:\Users\anthony's\AppData\Roaming\vso_ts_preview.xml
[2011/05/23 04:47:00 | 000,087,608 | ---- | C] () -- C:\Users\anthony's\AppData\Roaming\inst.exe
[2011/05/23 04:47:00 | 000,007,887 | ---- | C] () -- C:\Users\anthony's\AppData\Roaming\pcouffin.cat
[2011/05/23 04:47:00 | 000,001,144 | ---- | C] () -- C:\Users\anthony's\AppData\Roaming\pcouffin.inf
[2011/04/09 09:07:57 | 000,213,187 | ---- | C] () -- C:\Users\anthony's\AppData\Roaming\MMUpgrade.jpg
[2011/01/06 21:28:13 | 000,033,280 | ---- | C] () -- C:\Users\anthony's\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/01 16:52:13 | 000,000,017 | ---- | C] () -- C:\Users\anthony's\AppData\Local\resmon.resmoncfg
[2010/12/24 18:44:18 | 000,000,116 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
========== ZeroAccess Check ==========
[2009/07/14 00:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
"" = %SystemRoot%\system32\SHELL32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 00:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 21:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013/05/19 22:54:03 | 000,000,000 | ---D | M] -- C:\Users\anthony's\AppData\Roaming\Azureus
[2013/05/19 22:53:54 | 000,000,000 | ---D | M] -- C:\Users\anthony's\AppData\Roaming\BitTorrent
[2010/12/20 17:28:34 | 000,000,000 | ---D | M] -- C:\Users\anthony's\AppData\Roaming\DriverCure
[2010/12/21 01:18:29 | 000,000,000 | ---D | M] -- C:\Users\anthony's\AppData\Roaming\DriverFinder
[2012/10/19 00:16:20 | 000,000,000 | ---D | M] -- C:\Users\anthony's\AppData\Roaming\driveridentifier
[2011/01/04 12:07:53 | 000,000,000 | ---D | M] -- C:\Users\anthony's\AppData\Roaming\Foxreal
[2011/01/06 00:24:22 | 000,000,000 | ---D | M] -- C:\Users\anthony's\AppData\Roaming\FreeFileViewer
[2013/04/15 01:03:47 | 000,000,000 | ---D | M] -- C:\Users\anthony's\AppData\Roaming\GARMIN
[2011/05/19 11:26:32 | 000,000,000 | ---D | M] -- C:\Users\anthony's\AppData\Roaming\HTC
[2011/05/19 11:31:37 | 000,000,000 | ---D | M] -- C:\Users\anthony's\AppData\Roaming\HTC.388BC06ACDAB6261375BCE37FBA2E023C0D7EE34.1
[2012/10/16 01:53:33 | 000,000,000 | ---D | M] -- C:\Users\anthony's\AppData\Roaming\Leadertech
[2010/12/24 18:44:18 | 000,000,000 | ---D | M] -- C:\Users\anthony's\AppData\Roaming\Neat
[2010/12/24 18:44:16 | 000,000,000 | ---D | M] -- C:\Users\anthony's\AppData\Roaming\Nuance
[2010/12/23 19:09:50 | 000,000,000 | ---D | M] -- C:\Users\anthony's\AppData\Roaming\OpenOffice.org
[2010/12/20 17:28:34 | 000,000,000 | ---D | M] -- C:\Users\anthony's\AppData\Roaming\PC Unleashed Online
[2013/04/03 11:05:43 | 000,000,000 | ---D | M] -- C:\Users\anthony's\AppData\Roaming\Rovio
[2013/03/18 07:40:31 | 000,000,000 | ---D | M] -- C:\Users\anthony's\AppData\Roaming\Samsung
[2011/01/13 01:33:38 | 000,000,000 | ---D | M] -- C:\Users\anthony's\AppData\Roaming\Sierra Wireless
[2011/05/20 22:43:00 | 000,000,000 | ---D | M] -- C:\Users\anthony's\AppData\Roaming\spotmau
[2010/12/20 18:00:51 | 000,000,000 | ---D | M] -- C:\Users\anthony's\AppData\Roaming\SupportSoft
[2011/01/06 00:20:07 | 000,000,000 | ---D | M] -- C:\Users\anthony's\AppData\Roaming\TechWizard
[2012/10/09 04:17:28 | 000,000,000 | ---D | M] -- C:\Users\anthony's\AppData\Roaming\Temp
[2012/01/15 20:16:48 | 000,000,000 | ---D | M] -- C:\Users\anthony's\AppData\Roaming\Vso
[2011/06/29 23:42:21 | 000,000,000 | ---D | M] -- C:\Users\anthony's\AppData\Roaming\W3i, LLC
[2012/11/19 16:38:38 | 000,000,000 | ---D | M] -- C:\Users\anthony's\AppData\Roaming\Wargaming.net
========== Purity Check ==========
< End of report >
#114
Posted 24 May 2013 - 02:29 PM
Now for some final "housekeeping" procedures. Feel free to keep MalwareBytes on your computer. The steps in the cleaning process should remove all of our other tools.
Step 1 Clear Old Restore Points
Create a new, clean System Restore point:
- Right click on Computer and select Properties >> System protection >> Create.
- Give this restore point a descriptive name and click Create.
- When the new restore point is created click on OK >> close the System Properties window.
Flush Old System Restore points:
- Next click Start (Windows 7 Orb) >> Run (or the Windows key and R together) to bring up the Run box and and copy and paste in:
cleanmgr
- in the box and press OK.
- Select the system drive, C >> OK.
- Ensure the boxes for Recycle Bin, Temporary Files and Temporary Internet Files are checked, you can choose to check other boxes if you wish but they are not required.
- Click on Clean up system files >> Select the system drive, C >> OK.
- Now click on the More Options tab.
- Under:
- Click on Clean up... >> Delete >> OK >> Delete Files.
Step 2 OTL Cleanup
- Open OTL
- Click the CleanUp button at the top, it will ask to reboot your PC, please allow it to do so
Step 3 Remove ComboFix
- Delete the current copy of ComboFix on your desktop
- Download a fresh copy from here to your desktop
- Hold down the Windows key + R on your keyboard. This will display the Run dialogue box
- In the Run box, type in ComboFix /Uninstall (Notice the space between the "x" and "/") then click OK
- Follow the prompts on the screen
- A message should appear confirming that ComboFix was uninstalled
~~~~~~~~~~~~~~~~~~~~Free Firewall Programs ~~~~~~~~~~~~~~~~~~~~
If for some reason in the future you'd like to switch, Comodo Personal Firewall and Sunbelt Personal Firewall are two good options for a FREE firewall to help protect your computer from any unwanted intruders.
~~~~~~~~~~~~~~~~~~~~Staying Updated ~~~~~~~~~~~~~~~~~~~~
Keeping your PC updated is important to protect yourself against future infections. There are many infections which will exploit loopholes within Windows itself, Java and Adobe Reader. Keeping these updated is a very good habit to get into.
Automatic Updates Updates to your Operating System are vital in closing loopholes and fixing bugs which some infections exploit. To keep your Windows updated, ensure that 'Automatic Updates' is enabled on your PC so updates are downloaded and installed automatically. Click here to find out how.
File Hippo Download and install FileHippo update checker and run it monthly it will show you which programs on your system need updating and give a download link.
~~~~~~~~~~~~~~~~~~~~Alternate Browsers ~~~~~~~~~~~~~~~~~~~~
Using an alternative web browser can help protect your PC from infections which exploit security holes within Internet Explorer. They can also be quicker to load pages and offer more tools and features such as Firefox's huge add-on list.
Firefox - My personal choice, easy to use and has a large number of excellent add-ons that can be installed to help keep you away from malicious sites and reduce advertisements and popups etc. AdBlockPlus and WOT are very useful add-ons that are worth having installed.
Google Chrome - Is another browser that's easy to use and is worth trying if you want to test out new browsers.
Happy surfing!
#115
Posted 24 May 2013 - 05:26 PM
#116
Posted 24 May 2013 - 05:38 PM
i guess thats it? lol.....cool...thanks soo much really....its very interesting stuff here....computers are capable of doing sooo much....truly amazing.......anything else i should know or do?
Yes, that's it. You're welcome. You're right there, is a lot of interesting stuff and computers can do a lot. There's nothing else to do as far as I'm concerned. We will leave this thread open for another couple of days so that if you run across any other issues you can let us know.
#117
Posted 24 May 2013 - 05:45 PM
#118
Posted 24 May 2013 - 05:50 PM
#119
Posted 24 May 2013 - 05:57 PM
You're welcome and you too!!cool...thanks again so much....have a great weekend.....
Yes, all threads remain in the forum.also, can i always go back to this thread for my knowledge? or how does that work?
Honestly, removes programs, just as you can do in the Control Panel so in my opinion I wouldn't see the need to have it. I personally only keep the avast! (obviously) and Malwarebytes on my own computer along with using Windows Firewall for protection. Also, if you forget to check for updates regularly, like most, File Hippo is a good program to help with that.also....that pc decrapifier? do u recommend that or something else? something that will know whats being used and whats needed on the system....the rest can go to trash .... i dont need any extra non sense programs on here
o and good job tell ur instructor thanks too
Thank you, and I will tell him.
#120
Posted 27 May 2013 - 04:27 AM
If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.
Everyone else please begin a New Topic.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users