Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

only my 64 bit programs are able to connect to the internet [Closed]


  • This topic is locked This topic is locked

#1
parisc74

parisc74

    New Member

  • Member
  • Pip
  • 1 posts
i just got rid of a lot of viruses and i was having trouble with my graphics card but now i can access internet only from my browser which is nightly 64 bit ie works as well



OTL logfile created on: 4/4/2013 9:16:11 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\paris\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy

3.95 Gb Total Physical Memory | 1.79 Gb Available Physical Memory | 45.22% Memory free
7.90 Gb Paging File | 5.36 Gb Available in Paging File | 67.91% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 676.97 Gb Total Space | 349.48 Gb Free Space | 51.62% Space Free | Partition Type: NTFS
Drive D: | 21.37 Gb Total Space | 2.24 Gb Free Space | 10.49% Space Free | Partition Type: NTFS
Drive F: | 98.87 Mb Total Space | 84.59 Mb Free Space | 85.56% Space Free | Partition Type: FAT32

Computer Name: PARIS-HP | User Name: paris | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/04/04 21:03:49 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\paris\Downloads\OTL.exe
PRC - [2013/03/19 22:26:44 | 003,289,208 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012/12/18 13:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/10/18 11:50:10 | 001,001,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
PRC - [2011/10/18 11:49:52 | 000,936,272 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
PRC - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011/09/05 20:02:20 | 000,140,456 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
PRC - [2011/08/04 15:44:24 | 000,593,032 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
PRC - [2011/08/04 15:41:44 | 001,637,496 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2011/07/11 14:04:44 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2011/05/20 10:10:26 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2011/05/20 10:10:12 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/09/30 04:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2010/04/23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe
PRC - [2010/04/23 13:00:00 | 000,514,232 | ---- | M] (EasyBits Software AS) -- C:\Windows\SysWOW64\ezSharedSvcHost.exe


========== Modules (No Company Name) ==========

MOD - [2013/02/13 04:37:08 | 011,833,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\5ecf01964c70e453d71e5d7653912ff9\System.Web.ni.dll
MOD - [2013/02/13 04:36:56 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\cb562e2e4f74ae607f1186f6ec50cec7\System.Windows.Forms.ni.dll
MOD - [2013/01/09 05:01:49 | 000,491,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\346a7a67978cead8e2ff52c6d80bbeb7\IAStorUtil.ni.dll
MOD - [2013/01/09 05:01:49 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\500a8ae2a5d27132d87ccac9f97b0069\IAStorCommon.ni.dll
MOD - [2013/01/09 04:41:22 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\90b89f6e8032310e9ac72a309fd49e83\System.Runtime.Remoting.ni.dll
MOD - [2013/01/09 04:40:42 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll
MOD - [2013/01/09 04:40:16 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf827fe7bc99d9bcf0ba3621054ef527\WindowsBase.ni.dll
MOD - [2013/01/09 04:40:08 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll
MOD - [2013/01/09 04:40:02 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\195a77fcc6206f8bb35d419ff2cf0d72\System.Configuration.ni.dll
MOD - [2013/01/09 04:39:58 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll
MOD - [2013/01/09 04:39:46 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll


========== Services (SafeList) ==========

SRV:64bit: - [2013/03/26 17:46:51 | 001,646,792 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe -- (VSSERV)
SRV:64bit: - [2013/02/26 16:50:29 | 000,068,856 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe -- (UPDATESRV)
SRV:64bit: - [2012/12/19 20:56:00 | 000,240,640 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012/09/08 11:43:08 | 000,301,568 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Program Files\IDT\WDM\stacsv64.exe -- (STacSV)
SRV:64bit: - [2012/09/08 11:43:07 | 000,089,600 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\IDT\WDM\AESTSr64.exe -- (AESTFilters)
SRV:64bit: - [2012/04/17 19:20:50 | 002,671,376 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService)
SRV:64bit: - [2012/04/17 19:20:42 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2012/04/17 19:20:36 | 000,626,960 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2012/04/17 19:20:32 | 000,148,752 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2012/03/08 12:19:40 | 000,135,952 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr)
SRV:64bit: - [2012/03/01 11:35:24 | 000,659,976 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3)
SRV:64bit: - [2011/05/27 11:20:12 | 000,030,520 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2010/10/11 03:48:14 | 000,346,168 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe -- (HPClientSvc)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/03/29 13:53:56 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/03/19 22:26:44 | 003,289,208 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2013/03/18 08:07:59 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/01/08 16:19:46 | 000,161,536 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/01/02 02:43:18 | 000,031,744 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe -- (SrvUpdater)
SRV - [2012/12/28 13:14:40 | 000,277,640 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/12/18 13:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/09/27 11:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2012/09/08 11:40:54 | 002,413,056 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2011/10/18 11:50:10 | 001,001,808 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe -- (Bluetooth OBEX Service)
SRV - [2011/10/18 11:50:04 | 001,354,064 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe -- (Bluetooth Media Service)
SRV - [2011/10/18 11:49:52 | 000,936,272 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe -- (Bluetooth Device Monitor)
SRV - [2011/10/01 09:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011/10/01 09:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011/09/05 20:02:20 | 000,140,456 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2011/07/11 14:04:44 | 000,026,680 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2011/05/20 10:10:26 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2011/02/15 17:48:52 | 001,071,160 | ---- | M] (Hewlett-Packard Development Company L.P.) [On_Demand | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe -- (hpCMSrv)
SRV - [2010/12/22 14:25:02 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010/12/22 14:24:58 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010/09/30 04:06:46 | 000,169,408 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor9.0)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/15 14:07:16 | 000,025,832 | ---- | M] (BioWare) [On_Demand | Stopped] -- C:\Program Files (x86)\Dragon Age\bin_ship\daupdatersvc.service.exe -- (DAUpdaterSvc)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/04/03 19:09:37 | 000,147,232 | ---- | M] (BitDefender LLC) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\gzflt.sys -- (gzflt)
DRV:64bit: - [2013/04/03 19:09:13 | 000,350,160 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\trufos.sys -- (trufos)
DRV:64bit: - [2013/01/11 20:31:18 | 000,707,528 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avc3.sys -- (avc3)
DRV:64bit: - [2013/01/11 20:31:18 | 000,589,000 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\avckf.sys -- (avckf)
DRV:64bit: - [2012/12/19 21:48:48 | 011,278,336 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/12/19 20:32:54 | 000,552,960 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/12/13 16:24:10 | 000,342,528 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012/12/12 16:42:28 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2012/11/27 12:07:03 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2012/11/12 17:11:19 | 000,082,384 | ---- | M] (BitDefender SRL) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bdsandbox.sys -- (BDSandBox)
DRV:64bit: - [2012/11/02 13:17:46 | 000,261,056 | ---- | M] (BitDefender) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avchv.sys -- (avchv)
DRV:64bit: - [2012/09/08 11:43:08 | 000,528,384 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2012/09/08 11:40:54 | 000,338,536 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2012/09/08 11:40:16 | 008,604,672 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2012/08/23 08:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 08:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 08:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/06/26 21:38:30 | 000,046,176 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2012/03/01 10:55:26 | 000,195,584 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPALP)
DRV:64bit: - [2012/03/01 10:55:26 | 000,195,584 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmpPal.sys -- (AMPPAL)
DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/12/09 19:45:00 | 000,060,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iBtFltCoex.sys -- (iBtFltCoex)
DRV:64bit: - [2011/11/15 01:13:00 | 000,327,168 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmhsf.sys -- (btmhsf)
DRV:64bit: - [2011/11/14 19:16:37 | 000,103,504 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV:64bit: - [2011/10/14 04:37:44 | 000,396,848 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/10/01 09:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011/10/01 09:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011/10/01 09:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011/10/01 09:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011/08/29 16:32:18 | 000,053,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btmaux.sys -- (btmaux)
DRV:64bit: - [2011/05/27 11:20:12 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2011/05/27 11:20:12 | 000,030,008 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2011/05/20 09:53:44 | 000,557,848 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/16 19:46:36 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2011/02/16 19:11:08 | 000,428,136 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/11/20 21:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/10/19 18:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/03/19 04:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 15:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 15:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 15:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 14:35:35 | 000,408,960 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvm62x64.sys -- (NVENETFD)
DRV:64bit: - [2009/06/10 14:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2003/03/13 14:53:06 | 000,021,504 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand | Unknown] -- C:\Windows\SysNative\WINSOCK.DLL -- (Winsock)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2003/03/13 14:53:06 | 000,021,504 | ---- | M] (Microsoft Corporation) [Adapter | On_Demand | Unknown] -- C:\Windows\SysWow64\WINSOCK.DLL -- (Winsock)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{6582EDA0-95E8-4087-BC31-7C5280EE81C9}: "URL" = http://www.amazon.ca...s={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://ca.search.yah...psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE - HKLM\..\SearchScopes\{6582EDA0-95E8-4087-BC31-7C5280EE81C9}: "URL" = http://www.amazon.ca...s={searchTerms}
IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://ca.search.yah...psg&type=HPNTDF
IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...archTerms}&r=34
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www.delta-sea...000ac7289a261cd
IE - HKCU\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.co...&l=dis&o=HPNTDF
IE - HKCU\..\SearchScopes\{6582EDA0-95E8-4087-BC31-7C5280EE81C9}: "URL" = http://www.amazon.ca...s={searchTerms}
IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = http://ca.search.yah...psg&type=HPNTDF
IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..extensions.enabledAddons: %7B5384767E-00D9-40E9-B72F-9CC39D655D6F%7D:1.4.2.1
FF - prefs.js..extensions.enabledAddons: %7BDDC359D1-844A-42a7-9AA1-88A850A938A8%7D:2.0.16
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0a1
FF - prefs.js..network.proxy.autoconfig_url: "http://198.144.186.98/"
FF - prefs.js..network.proxy.backup.ftp: "198.144.186.98"
FF - prefs.js..network.proxy.backup.ftp_port: 8080
FF - prefs.js..network.proxy.backup.socks: "198.144.186.98"
FF - prefs.js..network.proxy.backup.socks_port: 8080
FF - prefs.js..network.proxy.backup.ssl: "198.144.186.98"
FF - prefs.js..network.proxy.backup.ssl_port: 8080
FF - prefs.js..network.proxy.ftp: " 173.213.96.229"
FF - prefs.js..network.proxy.ftp_port: 8080
FF - prefs.js..network.proxy.http: " 173.213.96.229"
FF - prefs.js..network.proxy.http_port: 8080
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: " 173.213.96.229"
FF - prefs.js..network.proxy.socks_port: 8080
FF - prefs.js..network.proxy.ssl: " 173.213.96.229"
FF - prefs.js..network.proxy.ssl_port: 8080
FF - prefs.js..network.proxy.type: 0


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Nightly 23.0a1\extensions\\Components: C:\PROGRAM FILES\NIGHTLY\COMPONENTS
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Nightly 23.0a1\extensions\\Plugins: C:\PROGRAM FILES\NIGHTLY\PLUGINS

[2012/09/08 09:14:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\paris\AppData\Roaming\Mozilla\Extensions
[2013/04/03 20:14:44 | 000,000,000 | ---D | M] (No name found) -- C:\Users\paris\AppData\Roaming\Mozilla\Firefox\Profiles\qxv7qkxo.default\extensions
[2013/02/04 11:44:01 | 000,000,000 | ---D | M] (EPUBReader) -- C:\Users\paris\AppData\Roaming\Mozilla\Firefox\Profiles\qxv7qkxo.default\extensions\{5384767E-00D9-40E9-B72F-9CC39D655D6F}
[2013/04/03 20:14:44 | 000,714,654 | ---- | M] () (No name found) -- C:\Users\paris\AppData\Roaming\Mozilla\Firefox\Profiles\qxv7qkxo.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi
[2013/03/03 05:13:46 | 000,001,294 | ---- | M] () -- C:\Users\paris\AppData\Roaming\Mozilla\Firefox\Profiles\qxv7qkxo.default\searchplugins\delta.xml

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter},
CHR - homepage: http://www.delta-sea...000ac7289a261cd
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.43\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_110.dll
CHR - plugin: Java Deployment Toolkit 7.0.90.5 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: HP Product Detection Plugin = C:\Users\paris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aelbknmfcacjffmgnoaaonhgoghlmlkp\1.0.23.1_0\
CHR - Extension: Google Drive = C:\Users\paris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: PutLockerDownloader = C:\Users\paris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apfdadfinodckpcehhdhjlgiphgnbfci\1.0_0\
CHR - Extension: YouTube = C:\Users\paris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\paris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Don't Starve = C:\Users\paris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiledapehlkhdehbhppgmekfalnlfajc\1.0.0.37_0\
CHR - Extension: Love Smoke = C:\Users\paris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgibfhhccaknggplelmbaepoikkcnllb\1_1\
CHR - Extension: GoPhoto.it = C:\Users\paris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk\1.5_0\
CHR - Extension: Gmail = C:\Users\paris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O2 - BHO: (no name) - {F1AF26F8-1828-4279-ABCE-074EF3235BD7} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Bdagent] C:\Program Files\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender)
O4:64bit: - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliType Pro] c:\Program Files\Microsoft Device Center\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (CANON INC.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [BitTorrent] C:\Program Files (x86)\BitTorrent\BitTorrent.exe (BitTorrent, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: 11888 = C:\PROGRA~3\LOCALS~1\Temp\msfduuo.bat (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10 - Broken Internet access at catalog 000000000006
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_09)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.17.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 64.59.184.15 64.59.190.245
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF4D61FC-351A-4C78-A70B-2ADDFF11AB4D}: DhcpNameServer = 64.59.184.15 64.59.190.245
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF4D61FC-351A-4C78-A70B-2ADDFF11AB4D}: NameServer = 8.8.8.8,8.8.4.4
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{025ae3d1-f9ea-11e1-b657-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{025ae3d1-f9ea-11e1-b657-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/04/04 20:16:13 | 000,000,000 | ---D | C] -- C:\Users\paris\AppData\Roaming\ParetoLogic
[2013/04/04 20:16:13 | 000,000,000 | ---D | C] -- C:\Users\paris\AppData\Roaming\DriverCure
[2013/04/04 20:16:08 | 000,000,000 | ---D | C] -- C:\Users\paris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
[2013/04/04 20:16:02 | 000,000,000 | ---D | C] -- C:\ProgramData\ParetoLogic
[2013/04/04 20:16:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ParetoLogic
[2013/04/04 20:16:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ParetoLogic
[2013/04/04 19:01:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013/04/04 19:01:51 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013/04/04 18:55:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Riot Games
[2013/04/04 18:14:43 | 000,000,000 | ---D | C] -- C:\ProgramData\SoftSafe
[2013/04/04 18:14:24 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallMate
[2013/04/04 17:47:28 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2013/04/04 17:40:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2013/04/04 17:39:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP
[2013/04/04 17:39:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2013/04/04 17:39:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2013/04/04 17:39:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Catalyst Control Center
[2013/04/04 17:35:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ATI Technologies
[2013/04/04 17:35:22 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2013/04/04 17:35:21 | 000,000,000 | ---D | C] -- C:\Program Files\ATI
[2013/04/04 17:33:50 | 000,550,912 | ---- | C] (AMD) -- C:\Windows\SysNative\atieclxx.exe
[2013/04/04 17:33:50 | 000,240,640 | ---- | C] (AMD) -- C:\Windows\SysNative\atiesrxx.exe
[2013/04/04 17:33:48 | 000,120,320 | ---- | C] (AMD) -- C:\Windows\SysNative\atitmm64.dll
[2013/04/04 17:33:34 | 000,021,504 | ---- | C] (AMD) -- C:\Windows\SysNative\atimuixx.dll
[2013/04/04 17:33:30 | 000,070,144 | ---- | C] (AMD) -- C:\Windows\SysNative\coinst_9.012.dll
[2013/04/04 17:33:27 | 000,000,000 | ---D | C] -- C:\Drivers
[2013/04/04 17:05:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Fusion
[2013/04/04 17:05:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Driver Fusion
[2013/04/03 19:09:15 | 000,076,944 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\bdvedisk.sys
[2013/04/03 18:37:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2013
[2013/04/03 18:37:16 | 000,000,000 | ---D | C] -- C:\ProgramData\BDLogging
[2013/04/03 18:37:12 | 000,082,384 | ---- | C] (BitDefender SRL) -- C:\Windows\SysNative\drivers\bdsandbox.sys
[2013/04/03 18:37:07 | 000,589,000 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avckf.sys
[2013/04/03 18:37:07 | 000,261,056 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avchv.sys
[2013/04/03 18:37:06 | 000,707,528 | ---- | C] (BitDefender) -- C:\Windows\SysNative\drivers\avc3.sys
[2013/04/03 18:25:07 | 000,000,000 | ---D | C] -- C:\Users\paris\AppData\Roaming\Bitdefender
[2013/04/03 18:23:08 | 000,000,000 | ---D | C] -- C:\Users\paris\AppData\Roaming\QuickScan
[2013/04/03 18:10:31 | 000,147,232 | ---- | C] (BitDefender LLC) -- C:\Windows\SysNative\drivers\gzflt.sys
[2013/04/03 18:10:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Bitdefender
[2013/04/03 18:10:29 | 000,350,160 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys
[2013/04/03 18:10:29 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2013/04/03 18:08:08 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2013/04/03 18:08:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Bitdefender
[2013/04/03 16:45:24 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2013/04/03 16:45:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager
[2013/04/03 16:45:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager
[2013/04/03 00:53:16 | 000,000,000 | ---D | C] -- C:\Users\paris\Desktop\League of Legends
[2013/04/03 00:43:58 | 000,000,000 | ---D | C] -- C:\Users\paris\AppData\Local\PMB Files
[2013/04/03 00:43:56 | 000,000,000 | ---D | C] -- C:\ProgramData\PMB Files
[2013/04/02 20:58:31 | 000,000,000 | ---D | C] -- C:\Riot Games
[2013/04/02 18:11:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\League of Legends
[2013/04/02 18:05:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Pando Networks
[2013/04/01 14:47:26 | 000,000,000 | ---D | C] -- C:\Users\paris\AppData\Local\{CBC24F83-DF9F-4BDF-B889-038398E2A17D}
[2013/03/30 14:48:05 | 000,000,000 | ---D | C] -- C:\Users\paris\AppData\Local\FLT
[2013/03/30 14:20:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BioShock Infinite
[2013/03/30 13:56:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BioShock Infinite
[2013/03/30 13:56:02 | 000,000,000 | ---D | C] -- C:\Users\paris\AppData\Local\Programs
[2013/03/30 08:26:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Universal Extractor
[2013/03/30 08:26:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Universal Extractor
[2013/03/29 00:40:29 | 000,000,000 | ---D | C] -- C:\ElementalTinkerer
[2013/03/23 15:41:48 | 000,000,000 | ---D | C] -- C:\Users\paris\AppData\Local\{80989C76-2322-4B05-AA80-255CCE1F03B9}
[2013/03/22 12:55:17 | 000,000,000 | ---D | C] -- C:\Users\paris\Desktop\The Hobbit An Unexpected Journey (2012) [1080p]
[2013/03/22 00:58:04 | 000,000,000 | ---D | C] -- C:\Users\paris\.minecraft
[2013/03/16 21:51:19 | 000,000,000 | ---D | C] -- C:\Users\paris\AppData\Local\Gas Powered Games
[2013/03/16 17:30:53 | 000,000,000 | ---D | C] -- C:\temp
[2013/03/16 16:39:25 | 000,000,000 | ---D | C] -- C:\ProgramData\InstallShield
[2013/03/16 12:47:09 | 000,000,000 | ---D | C] -- C:\Users\paris\AppData\Roaming\AVG
[2013/03/16 12:46:15 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG
[2013/03/16 12:46:08 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
[2013/03/16 12:37:28 | 000,000,000 | ---D | C] -- C:\Users\paris\AppData\Roaming\TuneUp Software
[2013/03/16 12:33:00 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013/03/16 12:33:00 | 000,000,000 | ---D | C] -- C:\Users\paris\AppData\Local\MFAData
[2013/03/16 12:33:00 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2013/03/16 12:33:00 | 000,000,000 | ---D | C] -- C:\Users\paris\AppData\Local\Avg2013
[2013/03/14 21:32:22 | 000,000,000 | ---D | C] -- C:\Program Files\Nightly
[2013/03/14 15:31:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/03/14 15:30:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2013/03/13 20:21:12 | 000,000,000 | ---D | C] -- C:\Users\paris\Desktop\next
[2013/03/12 13:52:54 | 000,000,000 | ---D | C] -- C:\Users\paris\AppData\Local\{61261839-2AF1-4416-BFDD-02EBB68E6F55}
[2013/03/12 13:42:34 | 000,000,000 | ---D | C] -- C:\Users\paris\Desktop\to be burned ALIVE HORRIFICLY!!!!
[2013/03/10 11:00:08 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/03/09 23:57:55 | 000,000,000 | ---D | C] -- C:\Users\paris\AppData\Roaming\Adobe32
[2013/03/09 23:57:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Local Settings
[2013/03/09 23:56:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Origin
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

File not found -- C:\Windows\SysNative\
[2013/04/04 21:14:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/04/04 20:44:43 | 000,000,494 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job
[2013/04/04 20:43:15 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/04/04 20:43:15 | 000,032,064 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/04/04 20:40:09 | 000,779,724 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/04/04 20:40:09 | 000,665,232 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/04/04 20:40:09 | 000,125,678 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/04/04 20:35:51 | 000,000,468 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2013/04/04 20:35:51 | 000,000,442 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
[2013/04/04 20:35:51 | 000,000,400 | ---- | M] () -- C:\Windows\tasks\PC Health Advisor Defrag.job
[2013/04/04 20:35:51 | 000,000,382 | ---- | M] () -- C:\Windows\tasks\PC Health Advisor.job
[2013/04/04 20:35:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/04/04 20:35:20 | 3180,220,416 | -HS- | M] () -- C:\hiberfil.sys
[2013/04/04 20:16:08 | 000,001,067 | ---- | M] () -- C:\Users\paris\Desktop\ParetoLogic PC Health Advisor.lnk
[2013/04/04 19:05:19 | 000,137,274 | ---- | M] () -- C:\Users\paris\Documents\cc_20130404_190311.reg
[2013/04/04 19:01:52 | 000,000,822 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/04/04 18:55:41 | 000,001,720 | ---- | M] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2013/04/04 17:41:34 | 000,000,000 | ---- | M] () -- C:\Windows\ativpsrm.bin
[2013/04/04 17:34:31 | 000,000,858 | ---- | M] () -- C:\Users\paris\Desktop\Run Catalyst 13.1 WHQL UnifL V2.1 Installer.lnk
[2013/04/04 17:05:30 | 000,001,026 | ---- | M] () -- C:\Users\Public\Desktop\Driver Fusion.lnk
[2013/04/04 16:07:10 | 000,007,609 | ---- | M] () -- C:\Users\paris\AppData\Local\Resmon.ResmonCfg
[2013/04/04 08:51:53 | 000,000,682 | -H-- | M] () -- C:\bdr-cf01
[2013/04/03 19:09:37 | 000,147,232 | ---- | M] (BitDefender LLC) -- C:\Windows\SysNative\drivers\gzflt.sys
[2013/04/03 19:09:15 | 000,076,944 | ---- | M] (BitDefender) -- C:\Windows\SysNative\drivers\bdvedisk.sys
[2013/04/03 19:09:13 | 000,350,160 | ---- | M] (BitDefender S.R.L.) -- C:\Windows\SysNative\drivers\trufos.sys
[2013/04/03 18:40:10 | 000,557,785 | ---- | M] () -- C:\ProgramData\1365034951.bdinstall.bin
[2013/04/03 18:38:11 | 000,000,385 | ---- | M] () -- C:\Windows\SysNative\user_gensett.xml
[2013/04/03 18:37:31 | 000,253,404 | -H-- | M] () -- C:\bdr-ld01
[2013/04/03 18:37:31 | 000,009,216 | -H-- | M] () -- C:\bdr-ld01.mbr
[2013/04/03 18:37:27 | 000,002,126 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Antivirus Plus 2013.lnk
[2013/04/03 18:37:26 | 000,002,245 | ---- | M] () -- C:\Users\Public\Desktop\Bitdefender Safepay.lnk
[2013/04/03 18:37:26 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2013/04/03 18:12:09 | 000,102,770 | ---- | M] () -- C:\ProgramData\1365034319.560.bin
[2013/04/03 18:12:09 | 000,015,007 | ---- | M] () -- C:\ProgramData\1365034319.5164.bin
[2013/04/03 18:12:09 | 000,006,743 | ---- | M] () -- C:\ProgramData\1365034319.5884.bin
[2013/04/03 18:12:09 | 000,003,347 | ---- | M] () -- C:\ProgramData\1365034319.5052.bin
[2013/04/03 18:12:09 | 000,003,209 | ---- | M] () -- C:\ProgramData\1365034319.568.bin
[2013/04/03 18:12:09 | 000,002,796 | ---- | M] () -- C:\ProgramData\1365034319.5180.bin
[2013/04/03 18:12:09 | 000,001,548 | ---- | M] () -- C:\ProgramData\1365034319.3588.bin
[2013/04/03 18:12:09 | 000,000,783 | ---- | M] () -- C:\ProgramData\1365034319.3640.bin
[2013/04/03 18:12:09 | 000,000,739 | ---- | M] () -- C:\ProgramData\1365034319.5084.bin
[2013/04/03 18:12:09 | 000,000,739 | ---- | M] () -- C:\ProgramData\1365034319.4932.bin
[2013/04/03 18:11:28 | 000,103,361 | ---- | M] () -- C:\ProgramData\1365034265.5520.bin
[2013/04/03 18:11:28 | 000,015,007 | ---- | M] () -- C:\ProgramData\1365034265.5992.bin
[2013/04/03 18:11:28 | 000,006,743 | ---- | M] () -- C:\ProgramData\1365034265.5104.bin
[2013/04/03 18:11:28 | 000,003,835 | ---- | M] () -- C:\ProgramData\1365034265.5140.bin
[2013/04/03 18:11:28 | 000,003,347 | ---- | M] () -- C:\ProgramData\1365034265.2956.bin
[2013/04/03 18:11:28 | 000,002,796 | ---- | M] () -- C:\ProgramData\1365034265.5864.bin
[2013/04/03 18:11:28 | 000,001,250 | ---- | M] () -- C:\ProgramData\1365034265.5004.bin
[2013/04/03 18:11:28 | 000,000,783 | ---- | M] () -- C:\ProgramData\1365034265.5108.bin
[2013/04/03 18:11:28 | 000,000,739 | ---- | M] () -- C:\ProgramData\1365034265.1560.bin
[2013/04/03 18:11:28 | 000,000,739 | ---- | M] () -- C:\ProgramData\1365034265.1460.bin
[2013/04/03 18:10:57 | 000,102,771 | ---- | M] () -- C:\ProgramData\1365034250.5840.bin
[2013/04/03 18:10:57 | 000,015,002 | ---- | M] () -- C:\ProgramData\1365034250.5416.bin
[2013/04/03 18:10:57 | 000,006,743 | ---- | M] () -- C:\ProgramData\1365034250.2728.bin
[2013/04/03 18:10:57 | 000,004,495 | ---- | M] () -- C:\ProgramData\1365034250.5924.bin
[2013/04/03 18:10:57 | 000,003,347 | ---- | M] () -- C:\ProgramData\1365034250.3040.bin
[2013/04/03 18:10:57 | 000,002,796 | ---- | M] () -- C:\ProgramData\1365034250.5368.bin
[2013/04/03 18:10:57 | 000,001,249 | ---- | M] () -- C:\ProgramData\1365034250.332.bin
[2013/04/03 18:10:57 | 000,000,782 | ---- | M] () -- C:\ProgramData\1365034250.564.bin
[2013/04/03 18:10:57 | 000,000,739 | ---- | M] () -- C:\ProgramData\1365034250.5348.bin
[2013/04/03 18:10:57 | 000,000,739 | ---- | M] () -- C:\ProgramData\1365034250.3632.bin
[2013/04/03 18:10:33 | 000,102,878 | ---- | M] () -- C:\ProgramData\1365034217.5676.bin
[2013/04/03 18:10:33 | 000,015,993 | ---- | M] () -- C:\ProgramData\1365034217.4624.bin
[2013/04/03 18:10:33 | 000,006,743 | ---- | M] () -- C:\ProgramData\1365034217.2956.bin
[2013/04/03 18:10:33 | 000,004,402 | ---- | M] () -- C:\ProgramData\1365034217.4520.bin
[2013/04/03 18:10:33 | 000,003,347 | ---- | M] () -- C:\ProgramData\1365034217.1592.bin
[2013/04/03 18:10:33 | 000,002,796 | ---- | M] () -- C:\ProgramData\1365034217.4476.bin
[2013/04/03 18:10:33 | 000,001,250 | ---- | M] () -- C:\ProgramData\1365034217.1460.bin
[2013/04/03 18:10:33 | 000,000,783 | ---- | M] () -- C:\ProgramData\1365034217.4980.bin
[2013/04/03 18:10:33 | 000,000,739 | ---- | M] () -- C:\ProgramData\1365034217.3444.bin
[2013/04/03 18:10:33 | 000,000,739 | ---- | M] () -- C:\ProgramData\1365034217.1924.bin
[2013/04/03 18:08:57 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/03/30 14:20:08 | 000,002,164 | ---- | M] () -- C:\Users\Public\Desktop\Launch BioShock Infinite Benchmarking Utility.lnk
[2013/03/25 22:26:36 | 000,042,471 | ---- | M] () -- C:\Users\paris\Desktop\235.jpg
[2013/03/19 07:11:47 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForparis.job
[2013/03/13 14:14:56 | 000,000,342 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForPARIS-HP$.job
[2013/03/10 02:05:45 | 000,789,092 | ---- | M] () -- C:\Windows\SysWow64\phatk121016Caicosv2w128l4.bin
[2013/03/09 23:58:25 | 000,789,092 | ---- | M] () -- C:\Users\paris\AppData\Roaming\phatk121016Caicosv2w128l4.bin
[2013/03/07 04:35:20 | 000,000,663 | ---- | M] () -- C:\Users\paris\AppData\Roaming\MPQEditor.ini
[2013/03/05 22:12:15 | 000,000,824 | ---- | M] () -- C:\Users\paris\Desktop\SC2ALLin1.lnk
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

File not found -- C:\Windows\SysNative\
[2013/04/04 20:16:18 | 000,000,468 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Registration3.job
[2013/04/04 20:16:08 | 000,001,067 | ---- | C] () -- C:\Users\paris\Desktop\ParetoLogic PC Health Advisor.lnk
[2013/04/04 20:16:06 | 000,000,494 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Update Version3 Startup Task.job
[2013/04/04 20:16:05 | 000,000,442 | ---- | C] () -- C:\Windows\tasks\ParetoLogic Update Version3.job
[2013/04/04 20:16:04 | 000,000,400 | ---- | C] () -- C:\Windows\tasks\PC Health Advisor Defrag.job
[2013/04/04 20:16:03 | 000,000,382 | ---- | C] () -- C:\Windows\tasks\PC Health Advisor.job
[2013/04/04 19:03:15 | 000,137,274 | ---- | C] () -- C:\Users\paris\Documents\cc_20130404_190311.reg
[2013/04/04 19:01:52 | 000,000,822 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013/04/04 18:55:41 | 000,001,720 | ---- | C] () -- C:\Users\Public\Desktop\Play League of Legends.lnk
[2013/04/04 17:41:34 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/04/04 17:34:31 | 000,000,858 | ---- | C] () -- C:\Users\paris\Desktop\Run Catalyst 13.1 WHQL UnifL V2.1 Installer.lnk
[2013/04/04 17:34:22 | 001,981,696 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.cpa
[2013/04/04 17:34:22 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2013/04/04 17:34:22 | 000,272,928 | ---- | C] () -- C:\Windows\SysNative\igvpkrng600.bin
[2013/04/04 17:34:22 | 000,059,425 | ---- | C] () -- C:\Windows\SysNative\iglhxo64.vp
[2013/04/04 17:34:22 | 000,059,398 | ---- | C] () -- C:\Windows\SysNative\iglhxg64.vp
[2013/04/04 17:34:22 | 000,059,230 | ---- | C] () -- C:\Windows\SysNative\iglhxc64.vp
[2013/04/04 17:34:22 | 000,059,104 | ---- | C] () -- C:\Windows\SysNative\iglhxc64_dev.vp
[2013/04/04 17:34:22 | 000,058,796 | ---- | C] () -- C:\Windows\SysNative\iglhxg64_dev.vp
[2013/04/04 17:34:22 | 000,058,109 | ---- | C] () -- C:\Windows\SysNative\iglhxo64_dev.vp
[2013/04/04 17:34:22 | 000,017,102 | ---- | C] () -- C:\Windows\SysNative\iglhxs64.vp
[2013/04/04 17:34:22 | 000,001,074 | ---- | C] () -- C:\Windows\SysNative\iglhxa64.vp
[2013/04/04 17:34:20 | 000,009,728 | ---- | C] ( ) -- C:\Windows\SysNative\IGFXDEVLib.dll
[2013/04/04 17:34:16 | 000,080,384 | ---- | C] () -- C:\Windows\SysNative\igdde64.dll
[2013/04/04 17:34:16 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2013/04/04 17:34:15 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2013/04/04 17:34:15 | 000,963,452 | ---- | C] () -- C:\Windows\SysNative\igcodeckrng600.bin
[2013/04/04 17:34:13 | 000,223,492 | ---- | C] () -- C:\Windows\SysNative\Gfxres.th-TH.resources
[2013/04/04 17:34:13 | 000,209,986 | ---- | C] () -- C:\Windows\SysNative\Gfxres.el-GR.resources
[2013/04/04 17:34:13 | 000,194,121 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ru-RU.resources
[2013/04/04 17:34:13 | 000,166,124 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ar-SA.resources
[2013/04/04 17:34:13 | 000,163,379 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ja-JP.resources
[2013/04/04 17:34:13 | 000,158,986 | ---- | C] () -- C:\Windows\SysNative\Gfxres.he-IL.resources
[2013/04/04 17:34:13 | 000,149,649 | ---- | C] () -- C:\Windows\SysNative\Gfxres.it-IT.resources
[2013/04/04 17:34:13 | 000,148,018 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ko-KR.resources
[2013/04/04 17:34:13 | 000,147,360 | ---- | C] () -- C:\Windows\SysNative\Gfxres.de-DE.resources
[2013/04/04 17:34:13 | 000,147,269 | ---- | C] () -- C:\Windows\SysNative\Gfxres.es-ES.resources
[2013/04/04 17:34:13 | 000,145,974 | ---- | C] () -- C:\Windows\SysNative\Gfxres.ro-RO.resources
[2013/04/04 17:34:13 | 000,145,470 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fr-FR.resources
[2013/04/04 17:34:13 | 000,144,637 | ---- | C] () -- C:\Windows\SysNative\Gfxres.tr-TR.resources
[2013/04/04 17:34:13 | 000,144,235 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-BR.resources
[2013/04/04 17:34:13 | 000,143,989 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nl-NL.resources
[2013/04/04 17:34:13 | 000,143,916 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hu-HU.resources
[2013/04/04 17:34:13 | 000,143,249 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pt-PT.resources
[2013/04/04 17:34:13 | 000,142,876 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sv-SE.resources
[2013/04/04 17:34:13 | 000,142,682 | ---- | C] () -- C:\Windows\SysNative\Gfxres.pl-PL.resources
[2013/04/04 17:34:13 | 000,142,267 | ---- | C] () -- C:\Windows\SysNative\Gfxres.cs-CZ.resources
[2013/04/04 17:34:13 | 000,141,998 | ---- | C] () -- C:\Windows\SysNative\Gfxres.fi-FI.resources
[2013/04/04 17:34:13 | 000,141,833 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sk-SK.resources
[2013/04/04 17:34:13 | 000,141,038 | ---- | C] () -- C:\Windows\SysNative\Gfxres.hr-HR.resources
[2013/04/04 17:34:13 | 000,137,880 | ---- | C] () -- C:\Windows\SysNative\Gfxres.sl-SI.resources
[2013/04/04 17:34:13 | 000,137,793 | ---- | C] () -- C:\Windows\SysNative\Gfxres.nb-NO.resources
[2013/04/04 17:34:13 | 000,137,132 | ---- | C] () -- C:\Windows\SysNative\Gfxres.da-DK.resources
[2013/04/04 17:34:13 | 000,132,623 | ---- | C] () -- C:\Windows\SysNative\Gfxres.en-US.resources
[2013/04/04 17:34:13 | 000,126,294 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-TW.resources
[2013/04/04 17:34:13 | 000,124,662 | ---- | C] () -- C:\Windows\SysNative\Gfxres.zh-CN.resources
[2013/04/04 17:34:13 | 000,000,268 | ---- | C] () -- C:\Windows\SysNative\GfxUI.exe.config
[2013/04/04 17:34:02 | 000,042,719 | ---- | C] () -- C:\Windows\atiogl.xml
[2013/04/04 17:33:29 | 000,662,786 | ---- | C] () -- C:\Windows\SysNative\atiicdxx.dat
[2013/04/04 17:33:29 | 000,228,528 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik_nd.dat
[2013/04/04 17:33:29 | 000,228,528 | ---- | C] () -- C:\Windows\SysNative\ativvaxy_cik.dat
[2013/04/04 17:33:29 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013/04/04 17:33:29 | 000,204,952 | ---- | C] () -- C:\Windows\SysNative\ativvsvl.dat
[2013/04/04 17:33:29 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013/04/04 17:33:29 | 000,157,144 | ---- | C] () -- C:\Windows\SysNative\ativvsva.dat
[2013/04/04 17:33:29 | 000,076,660 | ---- | C] () -- C:\Windows\SysNative\ativce02.dat
[2013/04/04 17:33:29 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2013/04/04 17:33:29 | 000,003,917 | ---- | C] () -- C:\Windows\SysNative\atipblag.dat
[2013/04/04 17:33:28 | 003,093,792 | ---- | C] () -- C:\Windows\SysWow64\atiumdva.cap
[2013/04/04 17:33:28 | 003,061,872 | ---- | C] () -- C:\Windows\SysNative\atiumd6a.cap
[2013/04/04 17:33:27 | 000,327,960 | ---- | C] () -- C:\Windows\SysWow64\atiapfxx.blb
[2013/04/04 17:33:27 | 000,327,960 | ---- | C] () -- C:\Windows\SysNative\atiapfxx.blb
[2013/04/04 17:05:30 | 000,001,026 | ---- | C] () -- C:\Users\Public\Desktop\Driver Fusion.lnk
[2013/04/03 18:40:10 | 000,557,785 | ---- | C] () -- C:\ProgramData\1365034951.bdinstall.bin
[2013/04/03 18:38:11 | 000,000,385 | ---- | C] () -- C:\Windows\SysNative\user_gensett.xml
[2013/04/03 18:37:31 | 000,000,682 | -H-- | C] () -- C:\bdr-cf01
[2013/04/03 18:37:27 | 000,002,126 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Antivirus Plus 2013.lnk
[2013/04/03 18:37:26 | 000,002,245 | ---- | C] () -- C:\Users\Public\Desktop\Bitdefender Safepay.lnk
[2013/04/03 18:37:26 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_avchv_01009.Wdf
[2013/04/03 18:25:03 | 002,510,608 | -H-- | C] () -- C:\bdr-bz01
[2013/04/03 18:25:03 | 000,009,216 | -H-- | C] () -- C:\bdr-ld01.mbr
[2013/04/03 18:25:02 | 037,133,532 | -H-- | C] () -- C:\bdr-im01.gz
[2013/04/03 18:25:02 | 000,253,404 | -H-- | C] () -- C:\bdr-ld01
[2013/04/03 18:12:08 | 000,015,007 | ---- | C] () -- C:\ProgramData\1365034319.5164.bin
[2013/04/03 18:12:08 | 000,006,743 | ---- | C] () -- C:\ProgramData\1365034319.5884.bin
[2013/04/03 18:12:08 | 000,003,347 | ---- | C] () -- C:\ProgramData\1365034319.5052.bin
[2013/04/03 18:12:08 | 000,002,796 | ---- | C] () -- C:\ProgramData\1365034319.5180.bin
[2013/04/03 18:12:08 | 000,000,783 | ---- | C] () -- C:\ProgramData\1365034319.3640.bin
[2013/04/03 18:12:08 | 000,000,739 | ---- | C] () -- C:\ProgramData\1365034319.5084.bin
[2013/04/03 18:12:08 | 000,000,739 | ---- | C] () -- C:\ProgramData\1365034319.4932.bin
[2013/04/03 18:12:02 | 000,003,209 | ---- | C] () -- C:\ProgramData\1365034319.568.bin
[2013/04/03 18:12:00 | 000,001,548 | ---- | C] () -- C:\ProgramData\1365034319.3588.bin
[2013/04/03 18:11:59 | 000,102,770 | ---- | C] () -- C:\ProgramData\1365034319.560.bin
[2013/04/03 18:11:27 | 000,015,007 | ---- | C] () -- C:\ProgramData\1365034265.5992.bin
[2013/04/03 18:11:27 | 000,006,743 | ---- | C] () -- C:\ProgramData\1365034265.5104.bin
[2013/04/03 18:11:27 | 000,002,796 | ---- | C] () -- C:\ProgramData\1365034265.5864.bin
[2013/04/03 18:11:27 | 000,000,783 | ---- | C] () -- C:\ProgramData\1365034265.5108.bin
[2013/04/03 18:11:27 | 000,000,739 | ---- | C] () -- C:\ProgramData\1365034265.1560.bin
[2013/04/03 18:11:27 | 000,000,739 | ---- | C] () -- C:\ProgramData\1365034265.1460.bin
[2013/04/03 18:11:17 | 000,003,347 | ---- | C] () -- C:\ProgramData\1365034265.2956.bin
[2013/04/03 18:11:09 | 000,003,835 | ---- | C] () -- C:\ProgramData\1365034265.5140.bin
[2013/04/03 18:11:07 | 000,001,250 | ---- | C] () -- C:\ProgramData\1365034265.5004.bin
[2013/04/03 18:11:05 | 000,103,361 | ---- | C] () -- C:\ProgramData\1365034265.5520.bin
[2013/04/03 18:10:56 | 000,015,002 | ---- | C] () -- C:\ProgramData\1365034250.5416.bin
[2013/04/03 18:10:56 | 000,006,743 | ---- | C] () -- C:\ProgramData\1365034250.2728.bin
[2013/04/03 18:10:56 | 000,003,347 | ---- | C] () -- C:\ProgramData\1365034250.3040.bin
[2013/04/03 18:10:56 | 000,002,796 | ---- | C] () -- C:\ProgramData\1365034250.5368.bin
[2013/04/03 18:10:56 | 000,000,782 | ---- | C] () -- C:\ProgramData\1365034250.564.bin
[2013/04/03 18:10:56 | 000,000,739 | ---- | C] () -- C:\ProgramData\1365034250.5348.bin
[2013/04/03 18:10:56 | 000,000,739 | ---- | C] () -- C:\ProgramData\1365034250.3632.bin
[2013/04/03 18:10:54 | 000,004,495 | ---- | C] () -- C:\ProgramData\1365034250.5924.bin
[2013/04/03 18:10:51 | 000,001,249 | ---- | C] () -- C:\ProgramData\1365034250.332.bin
[2013/04/03 18:10:50 | 000,102,771 | ---- | C] () -- C:\ProgramData\1365034250.5840.bin
[2013/04/03 18:10:29 | 000,015,993 | ---- | C] () -- C:\ProgramData\1365034217.4624.bin
[2013/04/03 18:10:29 | 000,006,743 | ---- | C] () -- C:\ProgramData\1365034217.2956.bin
[2013/04/03 18:10:29 | 000,003,347 | ---- | C] () -- C:\ProgramData\1365034217.1592.bin
[2013/04/03 18:10:29 | 000,002,796 | ---- | C] () -- C:\ProgramData\1365034217.4476.bin
[2013/04/03 18:10:29 | 000,000,783 | ---- | C] () -- C:\ProgramData\1365034217.4980.bin
[2013/04/03 18:10:29 | 000,000,739 | ---- | C] () -- C:\ProgramData\1365034217.3444.bin
[2013/04/03 18:10:29 | 000,000,739 | ---- | C] () -- C:\ProgramData\1365034217.1924.bin
[2013/04/03 18:10:19 | 000,004,402 | ---- | C] () -- C:\ProgramData\1365034217.4520.bin
[2013/04/03 18:10:18 | 000,001,250 | ---- | C] () -- C:\ProgramData\1365034217.1460.bin
[2013/04/03 18:10:17 | 000,102,878 | ---- | C] () -- C:\ProgramData\1365034217.5676.bin
[2013/03/30 14:20:08 | 000,002,164 | ---- | C] () -- C:\Users\Public\Desktop\Launch BioShock Infinite Benchmarking Utility.lnk
[2013/03/25 22:26:36 | 000,042,471 | ---- | C] () -- C:\Users\paris\Desktop\235.jpg
[2013/03/10 02:05:45 | 000,789,092 | ---- | C] () -- C:\Windows\SysWow64\phatk121016Caicosv2w128l4.bin
[2013/03/09 23:58:25 | 000,789,092 | ---- | C] () -- C:\Users\paris\AppData\Roaming\phatk121016Caicosv2w128l4.bin
[2013/03/07 04:08:54 | 000,000,663 | ---- | C] () -- C:\Users\paris\AppData\Roaming\MPQEditor.ini
[2013/03/05 22:06:47 | 000,000,824 | ---- | C] () -- C:\Users\paris\Desktop\SC2ALLin1.lnk
[2013/02/28 13:46:09 | 000,000,535 | ---- | C] () -- C:\Windows\eReg.dat
[2012/12/25 22:59:23 | 000,751,141 | ---- | C] () -- C:\Windows\unins000.exe
[2012/12/21 14:12:36 | 000,005,632 | ---- | C] () -- C:\Users\paris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/12/21 14:11:46 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\LAGARITH.DLL
[2012/12/21 14:11:45 | 000,106,711 | ---- | C] () -- C:\Windows\unins000.dat
[2012/12/20 20:27:50 | 003,112,296 | ---- | C] () -- C:\Users\paris\AppData\Roaming\LeagueofLegends.exe
[2012/12/13 16:26:03 | 000,703,117 | ---- | C] () -- C:\Users\paris\AppData\Roaming\technic-launcher.jar
[2012/12/13 16:26:03 | 000,582,227 | ---- | C] () -- C:\Users\paris\AppData\Roaming\technic-launcher.jar.bak
[2012/12/08 12:43:53 | 000,000,032 | R--- | C] () -- C:\Windows\hash.dat
[2012/10/29 23:45:32 | 000,788,116 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012/10/28 12:41:58 | 000,007,609 | ---- | C] () -- C:\Users\paris\AppData\Local\Resmon.ResmonCfg
[2012/05/02 13:58:10 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll

========== ZeroAccess Check ==========

[2011/11/17 00:41:18 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{7a94b216-506b-e8df-d71c-f292ed128990}\L
[2011/11/17 00:41:18 | 000,000,000 | -HSD | M] -- C:\Windows\Installer\{7a94b216-506b-e8df-d71c-f292ed128990}\U
[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/08 23:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 22:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/04/03 20:30:48 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\.minecraft
[2012/12/10 17:48:30 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\.minecraft development
[2013/04/03 13:46:35 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\.technic
[2013/02/25 01:03:57 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\.techniclauncher
[2013/03/16 12:47:09 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\AVG
[2013/02/04 11:40:48 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\Babylon
[2013/04/03 18:25:07 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\Bitdefender
[2013/04/04 20:44:27 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\BitTorrent
[2012/11/05 16:10:36 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\Canon
[2012/11/27 12:09:19 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\DAEMON Tools Lite
[2013/04/04 20:16:13 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\DriverCure
[2012/11/12 12:28:31 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\Dwarfs
[2013/02/06 20:59:31 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\Free Download Manager
[2013/03/28 11:06:48 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\ftblauncher
[2013/01/13 15:38:12 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\ImgBurn
[2012/12/21 19:26:51 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\Little Inferno
[2013/02/25 01:01:45 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\logs
[2012/12/28 01:18:49 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\LolClient
[2013/03/23 16:22:22 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\Might & Magic Heroes VI
[2013/04/04 20:16:13 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\ParetoLogic
[2013/04/03 18:23:08 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\QuickScan
[2013/03/03 04:40:32 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\Red Alert 3
[2013/03/03 21:06:50 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\Red Alert 3 Uprising
[2012/09/07 21:06:31 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\Synaptics
[2013/04/04 00:42:36 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\SystemRequirementsLab
[2013/03/01 05:07:11 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\TP
[2013/03/16 12:37:28 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\TuneUp Software
[2013/03/05 16:13:04 | 000,000,000 | ---D | M] -- C:\Users\paris\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



< End of report >
  • 0

Advertisements


#2
crooleeck

crooleeck

    Member

  • Member
  • PipPipPip
  • 882 posts
Hi parisc74 and welcome at GeekstoGo!

I'm crooleeck and I'll try to help you. But first please notice that I'm not limitless, I'm not familiar with all software, I don't know everything. However, it has taken me years to learn what I know. I would be glad to help you.

Fight against malware is NOT instantaneous, most infections require several courses of action to completely eradicate. It's also time-consuming, so be patient! We all like to know final result, so if you have since resolved the issues you were originally experiencing, or have received help elsewhere, please post.

Note:
  • Please watch this topic.
  • Do exactly - step by step - what I wish for. Don't be afraid! If there's anything you don't understand, stop and ask!
  • Please don't run unsupervised tools or fix on your own without my direction - it can be dangerous.
  • You must reply within 3 days or your topic will be closed

Please be patient with me as I am currently in training, and all of my responses to you have to be reviewed by my instructor before I post them. Just keep in mind that you get the advantage as you have 2 people examining your issue.

Step 1:
Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
  • The application window will appear
  • Click the Disable button to disable your CD Emulation drivers
  • Click Yes to continue
  • A 'Finished!' message will appear
  • Click OK
  • DeFogger will now ask to reboot the machine - click OK
IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.

Do not re-enable these drivers until otherwise instructed.

Step 2:
  • Download GMER to your desktop.
  • Run randomly named exe file
    Posted Image
  • Wait to finish pre-scan. If any rootkit activity has been detected:
    Posted Image
  • Click No
  • Then press Copy button, open notepad, paste and save as pregmer.txt on your desktop. Don't try to fix it. They may be false positives! Do full scan.
  • Unselect Quick scan.
  • Select C:\
    Posted Image
  • Note: If your system partition is not C, select right partition.
  • Press Scan button.
  • This scan may take long, be patient and wait for finish:
    Posted Image
  • Then press Copy button, open notepad, paste and save as gmer.txt on your desktop.
  • Post all gmer logs.

Step 3:
Please open in notepad C:\Users\paris\Downloads\Extras.txt file. Copy (Edit->Select All, Edit->Copy) the content and paste into your reply.

Posted Image

Step 4:
Manually navigate and delete folowing files:
C:\Users\paris\Downloads\OTL.exe
C:\Users\paris\Downloads\OTL.txt
C:\Users\paris\Downloads\Extras.txt

Then download OTL to your Desktop.

In your next post I want to see:
  • Log from Extras.txt
  • All GMER logs.

  • 0

#3
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP