Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Unable to run antivirus - slow computer

Started by f1charlie , Sep 05 2013 05:13 PM

  • Please log in to reply

#1
f1charlie
Posted 05 September 2013 - 05:13 PM

f1charlie

    Member

  • Member
  • PipPip
  • 14 posts
My computer was running fine earlier today when my wife used it. My son was at home and claims not to have touched the computer after her :unsure: , but when I tried running Firefox after logging in to my account, no webpages showed, with the spinning circle displayed in each tab. Opened Chrome and was able to access the web, but eventually Chrome froze. The computer was generally slow to respond to any inputs.
I rebooted the computer - it took a long time to shut down and restart, but results were as before.
I booted into safe mode to try a system restore, but I could not access system restore. However, I managed a system restore to a point from yesterday via the repair console. The computer seemed to boot as normal, and Firefox could access webpages but my AV (Bitdefender Free) was not running and I was unable to start it. I tried to run Malwarebytes but received the message "the endpoint mapper database entry could not be created".
I booted into safe mode and ran Malwarebytes, but nothing was found. I have rebooted into Windows and Malwarebytes will now run without the error message, but Bitdefender will still not run.
Can you help me check my system to see if I have an infection please?

OTL log:

OTL logfile created on: 06/09/2013 00:00:09 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Charles\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.00 Gb Total Physical Memory | 1.12 Gb Available Physical Memory | 37.22% Memory free
6.20 Gb Paging File | 4.05 Gb Available in Paging File | 65.23% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 921.17 Gb Total Space | 753.13 Gb Free Space | 81.76% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 628.14 Gb Free Space | 67.43% Space Free | Partition Type: NTFS
Drive E: | 10.00 Gb Total Space | 5.16 Gb Free Space | 51.56% Space Free | Partition Type: NTFS

Computer Name: HOME-PC | User Name: Charles | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/09/05 22:15:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Charles\Desktop\OTL.exe
PRC - [2013/09/02 21:35:59 | 000,829,392 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013/08/30 19:02:29 | 000,054,424 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe
PRC - [2013/08/30 19:02:21 | 000,235,728 | ---- | M] (Bitdefender) -- C:\Program Files\Bitdefender\Antivirus Free Edition\gziface.exe
PRC - [2013/08/08 00:20:10 | 000,610,304 | ---- | M] () -- C:\Program Files\Serviio\bin\ServiioConsole.exe
PRC - [2013/08/08 00:20:10 | 000,327,680 | ---- | M] () -- C:\Program Files\Serviio\bin\ServiioService.exe
PRC - [2013/06/28 16:01:29 | 000,249,976 | ---- | M] () -- C:\Program Files\Macrium\Reflect\ReflectService.exe
PRC - [2013/05/10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/04/04 14:50:32 | 000,887,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
PRC - [2013/03/09 00:01:54 | 000,720,064 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 2010\Office14\MSOSYNC.EXE
PRC - [2013/03/07 23:07:36 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) -- C:\Program Files\Cobian Backup 11\cbVSCService11.exe
PRC - [2012/09/17 07:39:30 | 000,171,600 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
PRC - [2012/07/04 07:21:18 | 000,453,632 | ---- | M] (AMD) -- C:\Windows\System32\atieclxx.exe
PRC - [2012/07/04 07:20:42 | 000,217,088 | ---- | M] (AMD) -- C:\Windows\System32\atiesrxx.exe
PRC - [2012/06/23 16:49:02 | 000,865,792 | ---- | M] (Highresolution Enterprises) -- C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
PRC - [2012/06/23 16:48:50 | 000,073,216 | ---- | M] (Highresolution Enterprises) -- C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe
PRC - [2012/06/17 22:25:38 | 000,932,528 | ---- | M] () -- C:\Users\Charles\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012/04/27 12:37:00 | 000,395,384 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
PRC - [2012/04/27 12:36:52 | 000,846,048 | ---- | M] (Acronis) -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
PRC - [2012/04/27 12:35:30 | 002,637,784 | ---- | M] (Acronis) -- C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
PRC - [2012/04/12 16:21:42 | 000,802,816 | ---- | M] (Sphinx Software) -- C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe
PRC - [2012/04/12 16:09:42 | 000,495,616 | ---- | M] (Sphinx Software) -- C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe
PRC - [2011/09/08 17:48:34 | 005,554,552 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe
PRC - [2011/09/08 17:48:34 | 003,281,272 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
PRC - [2011/09/08 17:48:34 | 001,485,176 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
PRC - [2011/09/08 17:48:34 | 000,451,960 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe
PRC - [2011/08/04 15:44:24 | 000,593,032 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Solution Menu EX\CNSEUPDT.EXE
PRC - [2011/08/04 15:41:44 | 001,637,496 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2011/04/17 09:05:26 | 001,462,272 | ---- | M] ( ) -- C:\Program Files\Codebox\BitMeter\BitMeter2.exe
PRC - [2010/04/05 11:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe
PRC - [2009/04/11 07:28:11 | 000,217,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\WerFault.exe
PRC - [2009/04/11 07:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2009/04/11 07:27:28 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conime.exe
PRC - [2008/07/10 06:42:00 | 002,529,944 | ---- | M] (Just Great Software) -- C:\Program Files\JGsoft\EditPadLite\EditPadLite.exe
PRC - [2007/12/18 12:49:06 | 000,135,168 | ---- | M] (Visioneer Inc.) -- C:\Program Files\Visioneer\OneTouch 4.0\OtService.exe
PRC - [2007/09/11 00:45:04 | 000,124,832 | ---- | M] () -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
PRC - [2007/07/23 07:27:00 | 004,452,352 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/05/23 20:02:36 | 000,139,264 | ---- | M] (Primax Electronics Ltd.) -- C:\Windows\System32\pmxmiced.exe
PRC - [2006/11/08 15:01:54 | 000,049,152 | ---- | M] (Primax Electronics Ltd.) -- C:\Windows\System32\ico.exe
PRC - [2006/11/02 13:35:35 | 000,176,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\wpcumi.exe


========== Modules (No Company Name) ==========

MOD - [2013/09/02 21:35:56 | 000,410,576 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppgooglenaclpluginchrome.dll
MOD - [2013/09/02 21:35:54 | 004,053,456 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll
MOD - [2013/09/02 21:35:04 | 000,709,584 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.66\libglesv2.dll
MOD - [2013/09/02 21:35:03 | 000,099,792 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.66\libegl.dll
MOD - [2013/09/02 21:35:01 | 001,604,560 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\29.0.1547.66\ffmpegsumo.dll
MOD - [2013/08/30 19:02:16 | 000,508,136 | ---- | M] () -- C:\Program Files\Bitdefender\Antivirus Free Edition\sqlite3.dll
MOD - [2013/08/13 19:13:44 | 000,978,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\b8e424ef545f262fd6cb9f35b97fc8b9\System.Configuration.ni.dll
MOD - [2013/08/13 19:12:09 | 005,462,016 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09f5b3f7a363b742a73937e818595597\System.Xml.ni.dll
MOD - [2013/08/13 19:11:56 | 012,434,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f575e4c534a93294c72fea670ca73492\System.Windows.Forms.ni.dll
MOD - [2013/08/13 19:11:48 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\c0df7e124d8d5e2821fd7d3921d404f7\System.Drawing.ni.dll
MOD - [2013/08/13 19:10:51 | 007,977,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\d7153acb7b6ccb5a6a886d6f0ab732b1\System.ni.dll
MOD - [2013/08/13 19:00:51 | 001,801,728 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\44d87641535e186f4a7fc9c469bc73dd\System.Xaml.ni.dll
MOD - [2013/08/13 18:56:15 | 018,003,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a342a61dd88db0c26a11470ce6a4f167\PresentationFramework.ni.dll
MOD - [2013/08/13 18:56:01 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\42c02d5f442dea943fc7def7b864bb90\PresentationCore.ni.dll
MOD - [2013/08/13 18:55:58 | 013,199,360 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\6da40f01a719972f3242d3c374e499c5\System.Windows.Forms.ni.dll
MOD - [2013/08/13 18:55:50 | 003,858,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\6a1d260372cda12056515b30b2bcf715\WindowsBase.ni.dll
MOD - [2013/08/13 18:55:49 | 005,628,928 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\0835155203a99b6a9bb540629920da0d\System.Xml.ni.dll
MOD - [2013/08/13 18:55:49 | 001,667,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\7e3570a0cc71998e14e7adb8e4ea0cbb\System.Drawing.ni.dll
MOD - [2013/08/13 18:55:46 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\4f02f7d34c4fd0dc58ce1dffb5b424f9\PresentationFramework.Aero.ni.dll
MOD - [2013/08/13 18:55:45 | 009,099,776 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\fc16a5cafc433e6d942e9bd5b14fbeaf\System.ni.dll
MOD - [2013/08/08 00:20:10 | 000,610,304 | ---- | M] () -- C:\Program Files\Serviio\bin\ServiioConsole.exe
MOD - [2013/08/06 18:43:10 | 000,093,696 | ---- | M] () -- C:\Program Files\FileZilla FTP Client\fzshellext.dll
MOD - [2013/07/11 23:33:43 | 011,497,984 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\6a938df70a8b7996a3890b4f34c83906\mscorlib.ni.dll
MOD - [2013/07/11 23:26:02 | 014,418,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c799474a067f07ef3a167d75029fa012\mscorlib.ni.dll
MOD - [2013/04/04 01:09:40 | 004,300,456 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2012/06/17 22:25:38 | 000,932,528 | ---- | M] () -- C:\Users\Charles\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/09/08 17:48:36 | 000,962,936 | ---- | M] () -- C:\Program Files\Tablet\Pen\libxml2.dll
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office 2010\Office14\1033\GrooveIntlResource.dll


========== Services (SafeList) ==========

SRV - [2013/08/30 19:02:29 | 000,054,424 | ---- | M] (Bitdefender) [Auto | Running] -- C:\Program Files\Bitdefender\Antivirus Free Edition\gzserv.exe -- (gzserv)
SRV - [2013/08/18 09:14:37 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/08/08 00:20:10 | 000,327,680 | ---- | M] () [Auto | Running] -- C:\Program Files\Serviio\bin\ServiioService.exe -- (Serviio)
SRV - [2013/06/28 16:01:29 | 000,249,976 | ---- | M] () [Auto | Running] -- C:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService.exe)
SRV - [2013/05/10 08:57:22 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/03/09 00:10:32 | 030,798,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office 2010\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2013/03/07 23:07:36 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) [Auto | Running] -- C:\Program Files\Cobian Backup 11\cbVSCService11.exe -- (cbVSCService11)
SRV - [2012/09/17 18:52:46 | 004,958,968 | ---- | M] (Programming Sunrise) [On_Demand | Stopped] -- C:\Program Files\KooRaRoo Media\KooRaRooMediaServer.exe -- (KooRaRooMediaServer)
SRV - [2012/09/17 07:39:30 | 000,171,600 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor11.0)
SRV - [2012/07/11 19:54:49 | 000,116,608 | ---- | M] (SUPERAntiSpyware.com) [Disabled | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASCore.exe -- (!SASCORE)
SRV - [2012/07/04 07:20:42 | 000,217,088 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\System32\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012/06/23 16:48:50 | 000,073,216 | ---- | M] (Highresolution Enterprises) [Auto | Running] -- C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonSvc.exe -- (XMouseButton Launcher)
SRV - [2012/04/27 12:36:52 | 000,846,048 | ---- | M] (Acronis) [Auto | Running] -- C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2012/04/12 16:09:42 | 000,495,616 | ---- | M] (Sphinx Software) [Auto | Running] -- C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe -- (Windows7FirewallService)
SRV - [2011/09/08 17:48:34 | 005,554,552 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2011/09/08 17:48:34 | 000,451,960 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV - [2010/04/05 11:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files\Canon\IJPLM\ijplmsvc.exe -- (IJPLMSVC)
SRV - [2008/08/14 00:04:44 | 000,201,968 | ---- | M] (SupportSoft, Inc.) [Disabled | Stopped] -- C:\Program Files\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_dellsupportcenter)
SRV - [2008/05/08 02:17:49 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2008/04/09 12:39:08 | 003,068,352 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Kontiki\KService.exe -- (KService)
SRV - [2008/01/19 08:38:24 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/12/18 12:49:06 | 000,135,168 | ---- | M] (Visioneer Inc.) [Auto | Running] -- C:\Program Files\Visioneer\OneTouch 4.0\OtService.exe -- (OneTouch 4.0 Monitor)
SRV - [2007/11/06 21:22:26 | 000,092,792 | ---- | M] (CACE Technologies) [On_Demand | Stopped] -- C:\Program Files\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2007/09/11 00:45:04 | 000,124,832 | ---- | M] () [Auto | Running] -- C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor6.0)


========== Driver Services (SafeList) ==========

DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkfwd.sys -- (NwlnkFwd)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\nwlnkflt.sys -- (NwlnkFlt)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\ipinip.sys -- (IpInIp)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Windows\TEMP\cpuz135\cpuz135_x32.sys -- (cpuz135)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\Windows\system32\drivers\blbdrive.sys -- (blbdrive)
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\Users\Charles\AppData\Local\Temp\ALSysIO.sys -- (ALSysIO)
DRV - [2013/09/05 23:38:39 | 000,040,776 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2013/08/30 19:02:30 | 000,135,472 | ---- | M] (BitDefender LLC) [Kernel | System | Running] -- C:\Program Files\Bitdefender\Antivirus Free Edition\bdselfpr.sys -- (bdselfpr)
DRV - [2013/06/28 16:02:06 | 000,016,504 | ---- | M] (Macrium Software) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\pssnap.sys -- (pssnap)
DRV - [2013/06/25 15:26:00 | 000,055,416 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\psmounterex.sys -- (PSMounterEx)
DRV - [2013/05/28 12:11:21 | 000,355,744 | ---- | M] (BitDefender S.R.L.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\trufos.sys -- (trufos)
DRV - [2013/04/22 13:20:34 | 000,164,952 | ---- | M] (BitDefender LLC) [File_System | System | Running] -- C:\Windows\System32\drivers\gzflt.sys -- (gzflt)
DRV - [2013/04/17 17:19:36 | 000,148,600 | ---- | M] (Bitdefender SRL) [Kernel | System | Running] -- C:\Program Files\Bitdefender\Antivirus Free Edition\bdftdif.sys -- (bdftdif)
DRV - [2013/04/17 14:59:04 | 000,633,344 | ---- | M] (BitDefender) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avc3.sys -- (avc3)
DRV - [2013/04/17 14:59:04 | 000,486,536 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\avckf.sys -- (avckf)
DRV - [2012/07/20 17:57:41 | 000,601,408 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\timntr.sys -- (timounter)
DRV - [2012/07/20 17:57:17 | 000,125,472 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vididr.sys -- (vididr)
DRV - [2012/07/20 17:57:13 | 000,083,392 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\vsflt53.sys -- (vidsflt53)
DRV - [2012/07/20 17:57:05 | 000,169,088 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\snapman.sys -- (snapman)
DRV - [2012/07/04 07:58:12 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\atikmdag.sys -- (R300)
DRV - [2012/07/04 07:58:12 | 010,070,016 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmdag.sys -- (amdkmdag)
DRV - [2012/07/04 06:10:30 | 000,290,304 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\atikmpag.sys -- (amdkmdap)
DRV - [2011/09/08 17:49:36 | 000,010,752 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV - [2011/09/08 17:49:26 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2011/09/08 17:49:24 | 000,014,120 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2011/07/22 17:27:02 | 000,012,880 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2011/07/12 22:55:22 | 000,067,664 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2011/03/18 17:08:54 | 000,025,240 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\Windows\System32\speedfan.sys -- (speedfan)
DRV - [2010/12/30 15:19:40 | 000,016,640 | ---- | M] (Wondershare) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys -- (Apowersoft_AudioDevice)
DRV - [2010/11/17 13:04:12 | 000,097,296 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AtihdLH3.sys -- (AtiHDAudioService)
DRV - [2010/10/17 08:29:27 | 000,044,384 | ---- | M] (Acronis) [File_System | Auto | Running] -- C:\Windows\System32\drivers\tifsfilt.sys -- (tifsfilter)
DRV - [2009/07/09 09:16:24 | 000,013,480 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WacomVTHid.sys -- (WacomVTHid)
DRV - [2009/05/20 22:32:28 | 000,049,904 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BVRPMPR5.SYS -- (BVRPMPR5)
DRV - [2008/05/02 05:15:44 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2007/06/21 07:09:08 | 000,228,224 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express)
DRV - [2007/06/01 13:41:00 | 000,018,432 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pmxmouse.sys -- (pmxmouse)
DRV - [2007/05/24 16:44:00 | 000,019,008 | ---- | M] (Primax Electronics Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pmxusblf.sys -- (pmxusblf)
DRV - [2007/01/26 01:31:34 | 000,042,000 | ---- | M] (CACE Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\aztech_npf32.sys -- (NPF)
DRV - [1996/04/03 20:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\giveio.sys -- (giveio)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...ie7&rlz=1I7DKUK

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...1I7FDUM_enGB496
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Google SSL"
FF - prefs.js..browser.search.selectedEngine: "Google SSL"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.google.co.uk|www.ebay.co.uk|www.talkphotography.co.uk/forums/|www.giveawayoftheday.com|http://www.topcashback.co.uk|http://www.searchlotto.co.uk//index.php|http://www.elementsvillage.com/forums/"
FF - prefs.js..extensions.enabledAddons: %7B20a82645-c095-46ed-80e3-08825760534b%7D:0.0.0
FF - prefs.js..extensions.enabledAddons: %7B11483926-db67-4190-91b1-ef20fcec5f33%7D:0.4.7.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1
FF - prefs.js..extensions.enabledItems: [email protected]:1.6.2
FF - prefs.js..extensions.enabledItems: {11483926-db67-4190-91b1-ef20fcec5f33}:0.4.3
FF - prefs.js..extensions.enabledItems: {BC0AE9E6-E549-4554-A222-EA083A894683}:1.0.0.47
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.4
FF - user.js - File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1203133.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@entriq.com/Download Manager Plugin Version Chk,version=3.8.2.9: C:\Program Files\Entriq\MediaSphere\3.8.2.9 [2008/07/24 17:59:53 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@entriq.com/Download Manager Plugin,version=3.8.2.9: C:\Program Files\Entriq\MediaSphere\3.8.2.9 [2008/07/24 17:59:53 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MI7967~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Photosynth,version=2.0: C:\Program Files\Photosynth\npPhotosynthMozilla.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MI7967~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.1.13: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.1.13: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.1.13: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.1.13: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.7: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.3: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@entriq.com/Download Manager Plugin Version Chk,version=3.8.2.9: C:\Program Files\Entriq\MediaSphere\3.8.2.9 [2008/07/24 17:59:53 | 000,000,000 | ---D | M]
FF - HKCU\Software\MozillaPlugins\@entriq.com/Download Manager Plugin,version=3.8.2.9: C:\Program Files\Entriq\MediaSphere\3.8.2.9 [2008/07/24 17:59:53 | 000,000,000 | ---D | M]
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Charles\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\en.pixelplan.pl/PIXELPLANWebViewer: C:\Users\Charles\AppData\Roaming\Pixelplan\Pixelplan O4C Viewer Web\1.2.7\npPIXELPLANWebViewer.dll (Pixelplan S.C.)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/08/05 23:13:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/08/18 09:14:33 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013/08/18 09:14:33 | 000,000,000 | ---D | M]

[2008/07/16 19:43:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Charles\AppData\Roaming\Mozilla\Extensions
[2010/08/08 21:29:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Charles\AppData\Roaming\Mozilla\Firefox\Profiles\89qxfs7x.test\extensions
[2010/08/08 21:29:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Charles\AppData\Roaming\Mozilla\Firefox\Profiles\89qxfs7x.test\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/08 21:29:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Charles\AppData\Roaming\Mozilla\Firefox\Profiles\89qxfs7x.test\extensions\staged-xpis
[2013/09/04 23:06:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Charles\AppData\Roaming\Mozilla\Firefox\Profiles\9kjkuxho.default\extensions
[2011/06/21 23:50:22 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Charles\AppData\Roaming\Mozilla\Firefox\Profiles\9kjkuxho.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(14)
[2009/08/18 08:17:57 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Charles\AppData\Roaming\Mozilla\Firefox\Profiles\9kjkuxho.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(147)
[2009/11/21 09:47:16 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Charles\AppData\Roaming\Mozilla\Firefox\Profiles\9kjkuxho.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(35)
[2009/03/18 14:40:42 | 000,019,153 | ---- | M] () (No name found) -- C:\Users\Charles\AppData\Roaming\Mozilla\Firefox\Profiles\89qxfs7x.test\extensions\staged-xpis\{20a82645-c095-46ed-80e3-08825760534b}\MicrosoftDotNetFrameworkAssistant.xpi
[2013/09/04 23:06:37 | 002,196,860 | ---- | M] () (No name found) -- C:\Users\Charles\AppData\Roaming\Mozilla\Firefox\Profiles\9kjkuxho.default\extensions\[email protected]
[2013/08/27 20:50:18 | 000,124,580 | ---- | M] () (No name found) -- C:\Users\Charles\AppData\Roaming\Mozilla\Firefox\Profiles\9kjkuxho.default\extensions\[email protected]
[2013/07/22 22:02:16 | 000,078,359 | ---- | M] () (No name found) -- C:\Users\Charles\AppData\Roaming\Mozilla\Firefox\Profiles\9kjkuxho.default\extensions\{11483926-db67-4190-91b1-ef20fcec5f33}.xpi
[2013/07/31 22:08:14 | 000,824,302 | ---- | M] () (No name found) -- C:\Users\Charles\AppData\Roaming\Mozilla\Firefox\Profiles\9kjkuxho.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2010/08/12 23:36:19 | 000,001,820 | ---- | M] () -- C:\Users\Charles\AppData\Roaming\Mozilla\Firefox\Profiles\9kjkuxho.default\searchplugins\bing.xml
[2012/12/08 15:10:49 | 000,002,641 | ---- | M] () -- C:\Users\Charles\AppData\Roaming\Mozilla\Firefox\Profiles\9kjkuxho.default\searchplugins\google-ssl.xml
[2013/08/18 09:14:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2013/08/18 09:14:37 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/06/24 17:49:55 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files\Google\Chrome\Application\29.0.1547.66\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: getPlusPlus for Adobe 16248 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np_gp.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MI7967~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MI7967~1\Office14\NPSPWRAP.DLL
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility for IJ (Enabled) = C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
CHR - plugin: AdobeAAMDetect (Enabled) = C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U11 (Enabled) = C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: WacomTabletPlugin (Enabled) = C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll
CHR - plugin: Wacom Dynamic Link Library (Enabled) = C:\Program Files\TabletPlugins\npwacom.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks™ Chrome Background Extension Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer™ HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Charles\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Pixelplan Web Viewer (Enabled) = C:\Users\Charles\AppData\Roaming\Pixelplan\Pixelplan O4C Viewer Web\1.2.7\npPIXELPLANWebViewer.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Adblock Plus = C:\Users\Charles\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.5.5_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Charles\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: Qmee = C:\Users\Charles\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbaanpgkpkoamihninlcegnjclcpibde\0.9.33_0\
CHR - Extension: Chrome In-App Payments service = C:\Users\Charles\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0\

O1 HOSTS File: ([2013/08/28 09:41:35 | 000,449,839 | R--- | M]) - C:\Windows\System32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 15468 more lines...
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office 2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 2010\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKCU\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office 2010\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [KeePass 2 PreLoad] C:\Program Files\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)
O4 - HKLM..\Run: [PMX Daemon] C:\Windows\System32\ico.exe (Primax Electronics Ltd.)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [StartupDelayer] C:\Program Files\r2 Studios\Startup Delayer\Startup Launcher.exe (r2 studios)
O4 - HKLM..\Run: [Windows7FirewallControl] C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe (Sphinx Software)
O4 - HKLM..\Run: [WPCUMI] C:\Windows\System32\wpcumi.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Charles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O4 - Startup: C:\Users\Charles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Serviio.lnk = C:\Program Files\Serviio\bin\ServiioConsole.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 2010\Office14\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 2010\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 2010\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 2010\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 2010\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 2010\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Expression\Web 2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O9 - Extra Button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O9 - Extra 'Tools' menuitem : Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Windows\System32\wpclsp.dll (Microsoft Corporation)
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} http://www.pcpitstop...t/PCPitStop.CAB (PCPitstop Utility)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Value error.)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...r/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {E7637F18-B2C8-43E4-BCFE-BC3437DF469F} https://s.userzoom.com/s/UserZoom.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1F46DDA2-E12C-4FF2-A700-9FA57281BE1A}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{542F07E1-2D71-4B25-92CA-08DBBBA83221}: DhcpNameServer = 192.168.0.1
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\dellwall3.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\dellwall3.jpg
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office 2010\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

========== Files/Folders - Created Within 30 Days ==========

[2013/09/05 23:38:39 | 000,040,776 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013/09/05 23:22:12 | 000,000,000 | ---D | C] -- C:\Users\Charles\Documents\GtG
[2013/09/05 22:14:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Charles\Desktop\OTL.exe
[2013/09/05 22:03:00 | 002,748,256 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Charles\Desktop\iexplore.exe
[2013/09/05 21:23:14 | 001,898,112 | ---- | C] (Bleeping Computer, LLC) -- C:\Users\Charles\Desktop\rkill.com
[2013/09/05 21:20:53 | 005,120,804 | ---- | C] (Swearware) -- C:\Users\Charles\Desktop\ComboFix.exe
[2013/08/30 19:02:19 | 000,242,504 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avchv.sys
[2013/08/30 17:57:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Antivirus Free Edition
[2013/08/30 17:57:50 | 000,633,344 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avc3.sys
[2013/08/30 17:57:50 | 000,486,536 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\avckf.sys
[2013/08/30 17:25:32 | 000,000,000 | ---D | C] -- C:\Users\Charles\AppData\Roaming\QuickScan
[2013/08/30 17:25:25 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2013/08/30 17:25:20 | 000,164,952 | ---- | C] (BitDefender LLC) -- C:\Windows\System32\drivers\gzflt.sys
[2013/08/30 17:25:19 | 000,355,744 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys
[2013/08/30 09:10:00 | 000,000,000 | ---D | C] -- C:\ProgramData\boost_interprocess
[2013/08/28 20:58:16 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013/08/26 23:13:58 | 000,000,000 | ---D | C] -- C:\Users\Charles\Documents\Holiday
[2013/08/22 00:11:09 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\iSpring Solutions
[2013/08/22 00:11:09 | 000,000,000 | ---D | C] -- C:\Program Files\iSpring
[2013/08/19 18:49:10 | 000,000,000 | ---D | C] -- C:\Users\Charles\AppData\Roaming\Highresolution Enterprises
[2013/08/19 18:49:09 | 000,000,000 | ---D | C] -- C:\Program Files\Highresolution Enterprises
[2013/08/18 09:14:32 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013/08/09 20:13:29 | 000,000,000 | ---D | C] -- C:\Users\Charles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Charles\AppData\Roaming\*.tmp files -> C:\Users\Charles\AppData\Roaming\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/09/06 00:00:58 | 000,001,494 | -H-- | M] () -- C:\Users\Charles\Application Data\Microsoft\Internet Explorer\Quick Launch\tlbdata.xml
[2013/09/05 23:38:39 | 000,040,776 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys
[2013/09/05 23:35:22 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/09/05 23:35:03 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2013/09/05 23:35:03 | 000,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2013/09/05 23:34:57 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/09/05 23:34:52 | 3219,312,640 | -HS- | M] () -- C:\hiberfil.sys
[2013/09/05 23:02:49 | 000,001,356 | ---- | M] () -- C:\Users\Charles\AppData\Local\d3d9caps.dat
[2013/09/05 22:15:01 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Charles\Desktop\OTL.exe
[2013/09/05 22:03:08 | 002,748,256 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Charles\Desktop\iexplore.exe
[2013/09/05 21:23:25 | 001,898,112 | ---- | M] (Bleeping Computer, LLC) -- C:\Users\Charles\Desktop\rkill.com
[2013/09/05 21:21:16 | 005,120,804 | ---- | M] (Swearware) -- C:\Users\Charles\Desktop\ComboFix.exe
[2013/09/05 21:09:01 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/08/30 21:13:16 | 000,002,027 | ---- | M] () -- C:\Users\Charles\Desktop\Bitdefender Antivirus.lnk
[2013/08/30 19:02:19 | 000,242,504 | ---- | M] (BitDefender) -- C:\Windows\System32\drivers\avchv.sys
[2013/08/30 18:11:26 | 000,236,906 | ---- | M] () -- C:\ProgramData\1377879899.bdinstall.bin
[2013/08/30 09:09:44 | 000,000,020 | -H-- | M] () -- C:\ProgramData\PKP_DLbx.DAT
[2013/08/28 09:41:35 | 000,449,839 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts
[2013/08/22 00:12:53 | 000,000,344 | -H-- | M] () -- C:\Users\Charles\AppData\Roaming\15a05a1824a8793fae296ac6f79b78023a0c9d3c
[2013/08/22 00:12:17 | 000,000,344 | -H-- | M] () -- C:\ProgramData\15a05a1824a8793fae296ac6f79b78023a0c9d3c
[2013/08/21 07:41:01 | 000,001,833 | ---- | M] () -- C:\Users\Charles\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Serviio.lnk
[2013/08/20 17:32:55 | 000,645,088 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2013/08/20 17:32:55 | 000,123,148 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2013/08/09 22:41:39 | 000,000,849 | ---- | M] () -- C:\topazReStyle.lnk
[2013/08/09 22:39:47 | 000,000,965 | ---- | M] () -- C:\tlphotoFXlabps.lnk
[2013/08/09 18:20:03 | 000,789,937 | ---- | M] () -- C:\Users\Charles\Documents\parking.jpg
[2013/08/08 23:08:06 | 000,449,839 | R--- | M] () -- C:\Windows\System32\drivers\etc\hosts.20130828-094135.backup
[2 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Users\Charles\AppData\Roaming\*.tmp files -> C:\Users\Charles\AppData\Roaming\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/09/05 23:34:52 | 3219,312,640 | -HS- | C] () -- C:\hiberfil.sys
[2013/08/30 21:13:16 | 000,002,027 | ---- | C] () -- C:\Users\Charles\Desktop\Bitdefender Antivirus.lnk
[2013/08/30 18:11:26 | 000,236,906 | ---- | C] () -- C:\ProgramData\1377879899.bdinstall.bin
[2013/08/09 22:41:39 | 000,000,849 | ---- | C] () -- C:\topazReStyle.lnk
[2013/08/09 18:20:03 | 000,789,937 | ---- | C] () -- C:\Users\Charles\Documents\parking.jpg
[2013/07/12 22:01:45 | 000,074,123 | ---- | C] () -- C:\Users\Charles\tim label_lzn.jpg
[2013/06/29 22:37:17 | 000,129,720 | ---- | C] () -- C:\Windows\System32\ammntdrv.sys
[2013/06/29 22:37:17 | 000,026,424 | ---- | C] () -- C:\Windows\System32\ambakdrv.sys
[2013/06/29 22:37:17 | 000,014,392 | ---- | C] () -- C:\Windows\System32\amwrtdrv.sys
[2013/06/25 15:26:00 | 000,055,416 | ---- | C] () -- C:\Windows\System32\drivers\psmounterex.sys
[2013/06/11 18:47:02 | 000,000,344 | -H-- | C] () -- C:\Users\Charles\AppData\Roaming\15a05a1824a8793fae296ac6f79b78023a0c9d3c
[2013/04/07 08:25:52 | 000,000,029 | RH-- | C] () -- C:\ProgramData\FF438E13C7.sys
[2013/03/20 23:38:49 | 000,053,248 | ---- | C] () -- C:\Windows\System32\ZLIB.DLL
[2013/02/13 12:27:16 | 000,000,344 | -H-- | C] () -- C:\ProgramData\15a05a1824a8793fae296ac6f79b78023a0c9d3c
[2013/02/09 10:36:16 | 000,000,822 | ---- | C] () -- C:\Users\Charles\.lmmsrc.xml
[2012/12/04 00:12:32 | 000,000,376 | ---- | C] () -- C:\Users\Charles\AppData\Roaming\burnaware.ini
[2012/11/18 13:11:10 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012/09/15 09:09:15 | 000,000,084 | ---- | C] () -- C:\Users\Charles\AppData\Roaming\AlamySizeCheck Preferences
[2012/08/20 15:41:53 | 000,000,268 | RH-- | C] () -- C:\Users\Charles\AppData\Roaming\StatusSheet
[2012/08/20 15:41:53 | 000,000,268 | R--- | C] () -- C:\ProgramData\Strings
[2012/08/20 15:41:53 | 000,000,020 | ---- | C] () -- C:\ProgramData\PKP_DLes.DAT
[2012/08/20 15:41:53 | 000,000,012 | R--- | C] () -- C:\ProgramData\Textures
[2012/08/20 15:41:12 | 000,000,268 | RH-- | C] () -- C:\Users\Charles\AppData\Roaming\Stingers
[2012/08/20 15:41:12 | 000,000,268 | RH-- | C] () -- C:\Users\Charles\AppData\Roaming\Static Library
[2012/08/20 15:41:12 | 000,000,268 | R--- | C] () -- C:\ProgramData\Super Strings
[2012/08/20 15:41:12 | 000,000,268 | R--- | C] () -- C:\ProgramData\String Ensemble
[2012/08/20 15:41:12 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT
[2012/08/20 15:41:12 | 000,000,020 | ---- | C] () -- C:\ProgramData\PKP_DLev.DAT
[2012/08/20 15:41:12 | 000,000,012 | R--- | C] () -- C:\ProgramData\Track Settings
[2012/08/20 15:40:55 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Techno Kit
[2012/08/20 15:40:55 | 000,000,268 | RH-- | C] () -- C:\Users\Charles\AppData\Roaming\Synth Textures
[2012/08/20 15:40:55 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLeo.DAT
[2012/08/20 15:40:55 | 000,000,012 | RH-- | C] () -- C:\ProgramData\deskjet
[2012/08/11 08:10:44 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012/08/09 22:44:27 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2012/08/07 17:37:41 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2012/07/04 06:09:18 | 000,037,376 | ---- | C] () -- C:\Windows\System32\atitmpxx.dll
[2012/07/04 02:32:18 | 000,159,232 | ---- | C] () -- C:\Windows\System32\clinfo.exe
[2012/04/26 22:27:59 | 000,065,536 | -H-- | C] () -- C:\Windows\System32\WebCamLib.dll
[2012/03/06 18:59:32 | 000,618,823 | ---- | C] () -- C:\Windows\System32\atiicdxx.dat
[2012/01/13 00:08:30 | 000,212,420 | ---- | C] () -- C:\Users\Charles\tim label.jpg
[2012/01/13 00:08:12 | 000,699,792 | ---- | C] () -- C:\Users\Charles\tim label.psd
[2012/01/12 23:59:07 | 028,189,252 | ---- | C] () -- C:\Users\Charles\tim1.tif
[2012/01/12 23:49:54 | 001,483,292 | ---- | C] () -- C:\Users\Charles\tim1 copy.jpg
[2012/01/12 23:49:26 | 028,372,176 | ---- | C] () -- C:\Users\Charles\tim1.psd
[2011/11/01 00:20:34 | 000,000,218 | ---- | C] () -- C:\Users\Charles\.recently-used.xbel
[2011/10/05 22:56:44 | 004,643,559 | ---- | C] () -- C:\Users\Charles\P1120593 edit4.jpg
[2011/10/05 22:28:31 | 004,605,156 | ---- | C] () -- C:\Users\Charles\P1120593 edit3.jpg
[2011/10/05 22:14:20 | 003,983,669 | ---- | C] () -- C:\Users\Charles\P1120593 edit2.jpg
[2011/10/05 20:46:37 | 003,131,077 | ---- | C] () -- C:\Users\Charles\P1120593 edit.jpg
[2011/09/12 23:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\System32\atipblag.dat
[2011/06/27 18:14:29 | 000,000,412 | ---- | C] () -- C:\Users\Charles\AppData\Roaming\All CPU Meter_Settings.ini
[2010/04/23 16:47:35 | 000,013,646 | ---- | C] () -- C:\Users\Charles\backup.tabletprefs
[2010/03/06 19:02:34 | 000,000,268 | RH-- | C] () -- C:\Users\Charles\AppData\Roaming\Spacious
[2010/03/06 19:02:34 | 000,000,268 | R--- | C] () -- C:\ProgramData\Standard
[2010/03/06 19:02:34 | 000,000,020 | ---- | C] () -- C:\ProgramData\PKP_DLdu.DAT
[2010/03/06 19:02:34 | 000,000,012 | R--- | C] () -- C:\ProgramData\String Comparison
[2009/07/27 23:24:23 | 000,208,771 | ---- | C] () -- C:\Users\Charles\vodafone.jpg
[2008/12/05 20:52:11 | 000,000,268 | RH-- | C] () -- C:\Users\Charles\AppData\Roaming\Audio
[2008/12/05 20:52:11 | 000,000,268 | R--- | C] () -- C:\ProgramData\Automatic Filter
[2008/12/05 20:44:30 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLbx.DAT
[2008/06/17 23:37:31 | 000,000,582 | ---- | C] () -- C:\Users\Charles\AppData\Roaming\wklnhst.dat
[2008/06/11 18:19:17 | 000,001,356 | ---- | C] () -- C:\Users\Charles\AppData\Local\d3d9caps.dat
[2008/06/01 15:24:23 | 000,000,632 | RHS- | C] () -- C:\Users\Charles\ntuser.pol
[2008/05/30 23:42:00 | 000,053,760 | ---- | C] () -- C:\Users\Charles\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

========== ZeroAccess Check ==========

[2006/11/02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/04/11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/04/11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

========== LOP Check ==========

[2012/06/07 21:41:25 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\.mono
[2012/07/20 20:15:15 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Acronis
[2011/11/20 23:36:40 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Alien Skin
[2012/02/11 00:06:58 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Anthropics
[2013/04/20 23:03:57 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Anvsoft
[2012/04/26 22:27:59 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Apowersoft
[2013/06/30 16:05:00 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\ASCOMP Software
[2011/10/26 23:54:33 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Ashampoo
[2013/01/25 19:10:22 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Audacity
[2009/11/07 00:05:08 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Auslogics
[2009/07/26 16:32:24 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\avidemux
[2012/04/18 22:51:04 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Bitmeter2
[2012/08/05 23:13:34 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Burn4U
[2012/08/05 23:13:34 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Byngo
[2012/12/14 18:07:59 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Canon
[2012/12/16 23:28:20 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\CD-LabelPrint
[2012/08/05 23:13:34 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\CodedColor
[2010/01/02 22:26:08 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\ColorCop
[2008/11/20 21:33:52 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2011/12/30 11:16:36 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\CoreFTP
[2008/07/09 22:31:56 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\CPS Labs
[2012/10/05 16:03:32 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Digiarty
[2008/05/25 22:15:29 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\DisplayTune
[2013/05/17 22:51:25 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Easy Watermark Studio
[2009/02/24 19:33:47 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Expression Media 2
[2010/08/11 22:46:58 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\fdrtools.com
[2013/08/10 23:10:31 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\FileZilla
[2011/03/26 18:55:00 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\FreeStone Group
[2010/07/21 23:49:50 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Genie-Soft
[2012/08/05 23:13:34 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\GetRightToGo
[2012/10/07 11:19:18 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\HandBrake
[2010/02/11 00:33:29 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\HDRsoft
[2013/08/19 18:49:10 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Highresolution Enterprises
[2012/08/05 23:13:34 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\HippoEDIT
[2012/08/05 23:13:34 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\IcoFX
[2010/02/07 09:29:05 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\ImgBurn
[2009/04/28 22:24:50 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Instant Housecall
[2012/10/31 21:57:43 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\iSpring Solutions
[2011/07/15 23:20:04 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\JAlbum
[2011/02/23 19:07:02 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Jalbum AB
[2008/07/14 19:52:55 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\JGsoft
[2013/08/27 12:36:22 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\KeePass
[2011/01/13 22:56:56 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Keynote Systems
[2010/01/06 13:55:38 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\kompozer.net
[2011/01/20 22:16:05 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Kristanix Software
[2012/08/05 10:35:46 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Leadertech
[2013/07/12 20:29:31 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\LightZone
[2013/03/20 23:39:27 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Likno Software
[2008/05/20 22:22:57 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\LinkManager 4.0
[2012/10/06 08:58:20 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\M8 Software
[2013/05/19 00:14:09 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\MAGIX
[2012/10/07 11:41:14 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\mkvtoolnix
[2011/01/19 21:39:36 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Morpheus Software
[2012/12/02 17:48:25 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\NeatImage SL 32
[2012/08/05 23:13:35 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\NetMeter
[2012/08/20 15:44:31 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Nikon
[2012/08/05 23:13:35 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\OneTouch 4.0
[2013/01/10 23:53:36 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\onOne Software
[2008/07/05 14:18:52 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Opera
[2012/08/05 23:13:35 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\PanoViewer
[2011/07/18 19:02:19 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Picturenaut
[2012/09/12 23:00:06 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Pixelplan
[2012/08/05 23:13:35 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Pixpedia Publisher
[2013/01/04 21:27:21 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\ProcessLasso
[2010/09/06 21:16:06 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Publish Providers
[2013/08/30 17:25:32 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\QuickScan
[2010/02/06 08:57:26 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\r2 Studios
[2008/12/30 21:29:12 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\RawTherapee
[2012/12/01 13:46:19 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\RetouchPilot
[2011/08/03 22:04:05 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Samsung
[2012/08/05 23:13:36 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Scribus
[2012/08/05 10:39:38 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Seagate
[2012/10/01 22:56:02 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Serif
[2010/09/10 18:54:36 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Sony
[2010/09/10 18:50:01 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Sony Creative Software Inc
[2012/10/12 14:09:33 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Spotify
[2012/12/29 15:20:29 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\TeamViewer
[2008/09/21 08:49:14 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Template
[2013/04/07 08:24:32 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\ThePluginSite
[2012/05/31 18:49:39 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Unity
[2012/12/14 18:24:29 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\uTorrent
[2008/09/18 22:08:10 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Xara
[2013/07/25 17:51:16 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\XYplorer
[2012/10/03 22:03:37 | 000,000,000 | ---D | M] -- C:\Users\Charles\AppData\Roaming\Zoner

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 76 bytes -> C:\Users\Charles\Documents\Updater:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Charles\Documents\Recipes:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Charles\Documents\Presentations:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Charles\Documents\My Scanned Documents:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Charles\Documents\My Google Gadgets:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Charles\Documents\My Albums:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Charles\Documents\MoviePlus:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Charles\Documents\Memberships:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Charles\Documents\Mail Attachments:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Charles\Documents\Hart:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Charles\Documents\Expression:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Charles\Documents\Downloads:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Charles\Documents\dixons order.jpg:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Users\Charles\Documents\AdobeStockPhotos:Roxio EMC Stream
@Alternate Data Stream - 76 bytes -> C:\Program Files\Restore Point Shortcut:Roxio EMC Stream
@Alternate Data Stream - 344 bytes -> C:\ProgramData:iSpring Converter 6
@Alternate Data Stream - 194 bytes -> C:\ProgramData\TEMP:867C1254
@Alternate Data Stream - 193 bytes -> C:\ProgramData\TEMP:63CD0333
@Alternate Data Stream - 190 bytes -> C:\ProgramData\TEMP:335CB24A
@Alternate Data Stream - 187 bytes -> C:\ProgramData\TEMP:0A8E2C33
@Alternate Data Stream - 184 bytes -> C:\ProgramData\TEMP:DCD39382
@Alternate Data Stream - 171 bytes -> C:\ProgramData\TEMP:F8B88761
@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5C321E34
@Alternate Data Stream - 115 bytes -> C:\ProgramData\TEMP:CF778051

< End of report >

Edited by f1charlie, 06 September 2013 - 12:20 AM.

  • 0

Advertisements

#2
f1charlie
Posted 06 September 2013 - 03:05 AM

f1charlie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
Looking at Bitdefender's forums, it appears that this is a problem with Bitdefender and hopefully not a virus. I will update when I find out if the update to Bitdefender fixes the problem.
  • 0

#3
f1charlie
Posted 06 September 2013 - 01:55 PM

f1charlie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts
The problem was indeed caused by an update to Bitdefender. Had to uninstall and reinstall to fix - panic over!
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP