Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015 Ran by Otie (administrator) on OTIE-PC on 09-04-2015 15:44:55 Running from C:\Users\Otie\Desktop Loaded Profiles: Otie (Available profiles: Otie & OtieAtkins & _supereasy_1cbackup_ & _ocster_backup_) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () C:\Program Files (x86)\FarStone TotalRecovery\EFB\FBAgent.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Returnil and its licensors) C:\Program Files (x86)\Quietzone\RQZ\rccsvc.exe (Returnil and its licensors) C:\Program Files (x86)\Quietzone\RQZ\rsssvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE () H:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe (Anvisoft) C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Outertech) C:\Program Files (x86)\Cacheman\CachemanServ.exe () C:\Program Files (x86)\OpenDNS\DNSCrypt\OpenDNSCryptService.exe () C:\Program Files (x86)\RestoreIT 2014\IBP\FsLoader.exe (FarStone Technology, Inc.) C:\Program Files (x86)\RestoreIT 2014\IBP\VBPTask.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe () C:\Program Files (x86)\OpenDNS\DNSCrypt\dnscrypt-proxy.exe () C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe (Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe () C:\Program Files (x86)\FarStone TotalRecovery\EFB\DCNTranProc.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (VoodooSoft, LLC) C:\Program Files\VoodooShield\VoodooShieldService.exe (Data Perceptions / PowerProgrammer) C:\Windows\SysWOW64\WebUpdateSvc4.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (O&O Software GmbH) C:\Program Files\OO Software\DiskImage\oodiag.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\System32\vdsldr.exe (CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE (Microsoft Corporation) C:\Windows\System32\alg.exe (Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe (Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe (South Wind Technologies) C:\Program Files (x86)\Earth Alerts\EarthAlerts.exe (WallpaperDownloader.com) H:\Program Files (x86)\WallpaperDownloader\WallpaperDownloader.exe () C:\Program Files (x86)\CalendarPal\CalendarPal.exe (Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe (SpeedBit Ltd.) H:\Program Files (x86)\DAP\DAP.exe (FSL - FreeSoftLand) H:\Program Files (x86)\FSL\FSL_Launcher\FSL_Launcher.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Spotify Ltd) C:\Users\Otie\AppData\Roaming\Spotify\SpotifyWebHelper.exe (IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe (Tweaking.com) C:\Users\Otie\Desktop\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (IncrediMail, Ltd.) C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe (Google Inc.) C:\Users\Otie\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Otie\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Otie\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Otie\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Otie\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Otie\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Otie\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Otie\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Siber Systems Inc.) C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome-nm-host.exe (Google Inc.) C:\Users\Otie\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2353880 2013-11-01] (Microsoft Corp.) HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKLM\...\Policies\Explorer: [NoViewOnDrive] 0 HKLM\...\Policies\Explorer: [NoControlPanel] 0 HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0 HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0 HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0 HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0 HKLM\...\Policies\Explorer: [NoViewContextMenu] 0 HKLM\...\Policies\Explorer: [NoShellSearchButton] 0 HKLM\...\Policies\Explorer: [NoFind] 0 HKLM\...\Policies\Explorer: [NoFile] 0 HKLM\...\Policies\Explorer: [HideClock] 0 HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0 HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0 HKLM\...\Policies\Explorer: [NoSetFolders] 0 HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0 HKLM\...\Policies\Explorer: [NoSetTaskbar] 0 HKLM\...\Policies\Explorer: [NoDeletePrinter] 0 HKLM\...\Policies\Explorer: [NoDFSTab] 0 HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0 HKLM\...\Policies\Explorer: [NoLogoff] 0 HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0 HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0 HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0 HKLM\...\Policies\Explorer: [NoResolveSearch] 0 HKLM\...\Policies\Explorer: [NoSaveSettings] 0 HKLM\...\Policies\Explorer: [NoHardwareTab] 0 HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0 HKLM\...\Policies\Explorer: [NoDesktop] 0 HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0 HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0 HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0 HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0 HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0 HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0 HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0 HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0 HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0 HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0 HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0 HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0 HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0 HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0 HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0 HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Run: [EarthAlerts] => C:\Program Files (x86)\Earth Alerts\EarthAlerts.exe [3467264 2015-04-05] (South Wind Technologies) HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Run: [WallpaperDownloader] => H:\Program Files (x86)\WallpaperDownloader\WallpaperDownloader.exe [766464 2011-10-01] (WallpaperDownloader.com) HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Run: [Google Update] => C:\Users\Otie\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-03-09] (Google Inc.) HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Run: [DriverMax] => C:\Program Files (x86)\Innovative Solutions\DriverMax\drivermax.exe [7162744 2013-07-15] (Innovative Solutions) HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Run: [CalendarPal] => C:\Program Files (x86)\CalendarPal\CalendarPal.exe [1122304 2008-05-21] () HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Run: [Spotify Web Helper] => C:\Users\Otie\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-04-09] (Spotify Ltd) HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Run: [StartMenuX] => C:\Program Files\Start Menu X\StartMenuX.exe [7676736 2015-01-27] (OrdinarySoft) HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110160 2015-01-30] (Siber Systems) HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Run: [DownloadAccelerator] => H:\Program Files (x86)\DAP\DAP.EXE [2918576 2015-02-12] (SpeedBit Ltd.) HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Run: [Spotify] => C:\Users\Otie\AppData\Roaming\Spotify\Spotify.exe [7112248 2015-04-09] (Spotify Ltd) HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\system: [NoDispAppearancePage] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\system: [NoDispBackgroundPage] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\system: [NoDispSettingsPage] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [NoViewOnDrive] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [DisableLocalMachineRun] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [DisableCurrentUserRun] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [NoViewContextMenu] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [NoShellSearchButton] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [NoFind] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [NoFile] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [HideClock] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [NoTrayContextMenu] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [NoTrayItemsDisplay] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [NoSetFolders] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [NoDevMgrUpdate] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [NoSetTaskbar] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [NoDeletePrinter] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [NoDFSTab] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [NoChangeStartMenu] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [NoLogoff] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [NoWindowsUpdate] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [NoEncryptOnMove] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [NoRunasInstallPrompt] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [NoResolveSearch] 1 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [NoSaveSettings] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [NoHardwareTab] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [NoSMBalloonTip] 0 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1 HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\MountPoints2: {59bddfc8-019b-11e1-81ac-806e6f6e6963} - D:\FPU_CD_Bonus.exe HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\MountPoints2: {7b761033-5086-11e1-9466-180373df15a5} - J:\setup.exe -a HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\yowindow.scr [859456 2015-01-23] (repkasoft) HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0 HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0 HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoControlPanel] 0 HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0 HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0 HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0 HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoFind] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0 HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0 HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0 AppInit_DLLs: C:\Users\Otie\AppData\Roaming\Avanquest\PowerDesk\FileMonitor64.dll => C:\Users\Otie\AppData\Roaming\Avanquest\PowerDesk\FileMonitor64.dll [132096 2011-04-19] () Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled () Startup: C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FSL Launcher.lnk ShortcutTarget: FSL Launcher.lnk -> H:\Program Files (x86)\FSL\FSL_Launcher\FSL_Launcher.exe (FSL - FreeSoftLand) ShellIconOverlayIdentifiers: [0GenieTimeLine-BackedUp] -> {88A8B1ED-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\Genie9\Genie Timeline\GSTimelineIconOverlay.gtl () ShellIconOverlayIdentifiers: [0GenieTimeLine-Excluded] -> {B77E8651-93B1-40CD-8ECF-6F33DAC805A0} => C:\Program Files\Genie9\Genie Timeline\GSTimelineIconOverlay.gtl () ShellIconOverlayIdentifiers: [0GenieTimeLine-Folder] -> {CEAF16CE-C11C-4081-BE29-DDE7F45A59DB} => C:\Program Files\Genie9\Genie Timeline\GSTimelineIconOverlay.gtl () ShellIconOverlayIdentifiers: [0GenieTimeLine-NotBackedUp] -> {88A8B1EE-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\Genie9\Genie Timeline\GSTimelineIconOverlay.gtl () ShellIconOverlayIdentifiers: [0GenieTimeLine-Pending ] -> {88A8B1EF-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\Genie9\Genie Timeline\GSTimelineIconOverlay.gtl () ShellIconOverlayIdentifiers: [Carbonite.Green] -> {95A27763-F62A-4114-9072-E81D87DE3B68} => No File ShellIconOverlayIdentifiers: [Carbonite.Partial] -> {E300CD91-100F-4E67-9AF3-1384A6124015} => No File ShellIconOverlayIdentifiers: [Carbonite.Yellow] -> {5E529433-B50E-4bef-A63B-16A6B71B071A} => No File ShellIconOverlayIdentifiers: [COSDriveIconOverlay] -> {5FDACB62-6B7B-4116-9403-C5E0D3852A57} => C:\Program Files\COMODO\COMMON\ShellExtension.dll (C-O-M-O-D-O) ShellIconOverlayIdentifiers: [COSSyncItemInSyncIconOverlay] -> {68F287EF-DA6D-4595-AF52-90FF6CE52AFE} => C:\Program Files\COMODO\COMMON\ShellExtension.dll (C-O-M-O-D-O) ShellIconOverlayIdentifiers: [COSSyncItemModifiedIconOverlay] -> {AE67D273-7253-4236-B55E-D40055B305D6} => C:\Program Files\COMODO\COMMON\ShellExtension.dll (C-O-M-O-D-O) ShellIconOverlayIdentifiers: [COSSyncItemNewIconOverlay] -> {022F23E9-DA0F-4A86-A728-CAF6150C0B63} => C:\Program Files\COMODO\COMMON\ShellExtension.dll (C-O-M-O-D-O) ShellIconOverlayIdentifiers: [COSSyncItemUnsynchronizedIconOverlay] -> {4D7EE7CF-E7A1-45FE-8F80-3A37574918D7} => C:\Program Files\COMODO\COMMON\ShellExtension.dll (C-O-M-O-D-O) ShellIconOverlayIdentifiers: [OODIIcon] -> {14A94384-BBED-47ed-86C0-6BF63FD892D0} => C:\Program Files\OO Software\DiskImage\oodishi.dll (O&O Software GmbH) ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) ShellIconOverlayIdentifiers: [{6238B220-1311-4627-B3DC-55736E5BA95F}] -> {6238B220-1311-4627-B3DC-55736E5BA95F} => C:\Windows\system32\iMobileDisk.dll () ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-BackedUp] -> {88A8B1ED-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\Genie9\Genie Timeline\x86\GSTimelineIconOverlay.gtl () ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Excluded] -> {B77E8651-93B1-40CD-8ECF-6F33DAC805A0} => C:\Program Files\Genie9\Genie Timeline\x86\GSTimelineIconOverlay.gtl () ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Folder] -> {CEAF16CE-C11C-4081-BE29-DDE7F45A59DB} => C:\Program Files\Genie9\Genie Timeline\x86\GSTimelineIconOverlay.gtl () ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-NotBackedUp] -> {88A8B1EE-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\Genie9\Genie Timeline\x86\GSTimelineIconOverlay.gtl () ShellIconOverlayIdentifiers-x32: [0GenieTimeLine-Pending ] -> {88A8B1EF-EFEA-4A15-8D88-FA0055DCB824} => C:\Program Files\Genie9\Genie Timeline\x86\GSTimelineIconOverlay.gtl () BootExecute: autocheck autochk * GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.thundercloud.net/start/index.htm SearchScopes: HKLM -> DefaultScope {49606DC7-976D-4030-A74E-9FB5C842FA68} URL = SearchScopes: HKLM-x32 -> DefaultScope value is missing. SearchScopes: HKU\S-1-5-21-2573087068-2607692701-1072482724-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://www.google.com/search?q={sear SearchScopes: HKU\S-1-5-21-2573087068-2607692701-1072482724-1000 -> {977E617C-0D56-4C5E-A3E6-88C2C3A13C25} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=902615&p={searchTerms} SearchScopes: HKU\S-1-5-21-2573087068-2607692701-1072482724-1000 -> {EFC8261A-27C7-438E-AD54-A6BB4B8F614D} URL = http://www.bing.com/search?FORM=U219DF&PC=U219&q={searchTerms}&src=IE-SearchBox BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-04-06] (IObit) BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-01-30] (Siber Systems Inc.) BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll [2014-10-23] (Webroot) BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft) BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-01-30] (Siber Systems Inc.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-08] (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: Ads Removal -> {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -> No File BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation) BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll [2014-10-23] (Webroot) BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.) BHO-x32: SpeedBit Link Verification Helper -> {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} -> H:\Program Files (x86)\DAP\LinkVerifier.dll [2013-03-06] (Speedbit Ltd.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-08] (Oracle Corporation) BHO-x32: Download Accelerator Plus Integration -> {FF6C3CF0-4B15-11D1-ABED-709549C10000} -> H:\Program Files (x86)\DAP\dapieloader.dll [2015-02-12] (SpeedBit Ltd.) Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-01-30] (Siber Systems Inc.) Toolbar: HKLM - Steganos Password Manager Toolbar - {9C65D12D-CF9D-454D-8049-61965D8C6FFF} - C:\Program Files (x86)\Steganos Privacy Suite 14\SPMIEToolbar64.dll [2013-07-17] (Steganos Software GmbH) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft) Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2015-01-30] (Siber Systems Inc.) Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.) Toolbar: HKLM-x32 - CaptureSaver - {5148AB7D-8868-4490-B6DA-F98368488582} - H:\Program Files (x86)\CaptureSaver\CaptureSaverIE.dll [2011-06-20] (www.capturesaver.com) Toolbar: HKU\S-1-5-21-2573087068-2607692701-1072482724-1000 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2015-01-30] (Siber Systems Inc.) DPF: HKLM-x32 {149E45D8-163E-4189-86FC-45022AB2B6C9} DPF: HKLM-x32 {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell.com/systemprofiler/SysProExe.CAB DPF: HKLM-x32 {CC450D71-CC90-424C-8638-1F2DBAC87A54} Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-03-29] (Belarc, Inc.) Handler-x32: copernicagent - {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll [2004-12-02] (Copernic Technologies Inc.) Handler-x32: copernicagentcache - {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll [2004-12-02] (Copernic Technologies Inc.) Handler: cozi - {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - No File Handler: intu-help-qb4 - {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - No File Handler-x32: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\SysWOW64\mscoree.dll [2010-11-20] (Microsoft Corporation) Handler: WSIEChrome - {6D02ED5F-FD0D-4C4C - No File ShellExecuteHooks-x32: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - No File [ ] Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941 FF DefaultSearchEngine: GoodSearch FF DefaultSearchEngine.US: GoodSearch FF SelectedSearchEngine: GoodSearch FF Homepage: hxxp://thundercloud.net/start/index.htm FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll [2014-12-18] () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-02] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-04-15] (Foxit Corporation) FF Plugin-x32: @glance.net/GlanceClient -> C:\Program Files (x86)\Glance29\npglance.dll [2014-09-16] (Glance Networks, Inc.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Windows\SysWOW64\npdeployJava1.dll [2015-04-08] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-08] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-08] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-03-26] (Nitro PDF) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation) FF Plugin-x32: @siber.com/RoboForm -> C:\Program Files (x86)\Siber Systems\AI RoboForm\chrome\plugin\np-rf-plugin.dll [2015-01-30] (Siber Systems Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-04] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-09-12] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2573087068-2607692701-1072482724-1000: @nds.com/PlayerPlugin -> C:\Users\Otie\AppData\Local\DIRECTV Player\npPlayerPlugin.dll [2012-07-19] (NDS) FF Plugin HKU\S-1-5-21-2573087068-2607692701-1072482724-1000: @stickypassword.com/Sticky Password -> C:\Program Files (x86)\Sticky Password\npspAutofill.dll [2013-08-01] (Lamantine Software a.s.) FF Plugin HKU\S-1-5-21-2573087068-2607692701-1072482724-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Otie\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.) FF Plugin HKU\S-1-5-21-2573087068-2607692701-1072482724-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Otie\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.) FF Plugin HKU\S-1-5-21-2573087068-2607692701-1072482724-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Otie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-02-18] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-2573087068-2607692701-1072482724-1000: en.pixelplan.pl/PIXELPLANWebViewer -> C:\Users\Otie\AppData\Roaming\Pixelplan\Pixelplan O4C Viewer Web\1.2.7\npPIXELPLANWebViewer.dll [2012-09-06] (Pixelplan S.C.) FF Plugin HKU\S-1-5-21-2573087068-2607692701-1072482724-1000: facebook.com/fbDesktopPlugin -> C:\Users\Otie\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll [2012-09-25] (Facebook, Inc.) FF Plugin HKU\S-1-5-21-2573087068-2607692701-1072482724-1000: NDS.com/PlayerPlugin -> C:\Users\Otie\AppData\Local\DIRECTV Player\npPlayerPlugin.dll [2012-07-19] (NDS) FF user.js: detected! => C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\user.js [2014-12-20] FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll [2013-02-23] (Catalina Marketing Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npIconixProxy110.dll [2012-03-20] () FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2014-09-12] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2014-11-26] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2014-11-26] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2014-11-26] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2014-11-26] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2014-11-26] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\browser\plugins\npMozCouponPrinter.dll [2014-10-01] (Coupons, Inc.) FF SearchPlugin: C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\searchplugins\duckduckgo.xml [2014-04-13] FF SearchPlugin: C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\searchplugins\goodsearch.xml [2013-02-19] FF Extension: ArcadeWeb - C:\Users\Otie\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\text_links@arcadeweb.com [2011-11-26] FF Extension: Ads Removal - C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\Extensions\adremoveext@adremoveext.net [2014-08-23] FF Extension: Adblock Plus Pop-up Addon - C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\Extensions\adblockpopups@jessehakanen.net.xpi [2014-01-01] FF Extension: CaptureSaver - C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\Extensions\CaptureSaver@goldgingko.com.xpi [2014-07-02] FF Extension: Translate This! - C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\Extensions\jid0-k75TfRGfOXPHfEZmJ9cKu5eCgLc@jetpack.xpi [2014-09-08] FF Extension: Free Memory - C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\Extensions\jid1-n85lxPv1NAWVTQ@jetpack.xpi [2014-02-09] FF Extension: NoTrace - C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\Extensions\notrace@unisa.it.xpi [2014-02-09] FF Extension: Classic Compact Options - C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\Extensions\notreal.ccoptions@environmentalchemistry.com.xpi [2014-01-01] FF Extension: Multirow Bookmarks Toolbar Plus - C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\Extensions\{4c7097f7-08f2-4ef2-9b9f-f95fa4cbb064}.xpi [2014-01-03] FF Extension: NoScript - C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-01-01] FF Extension: Adblock Plus - C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-01] FF Extension: Iconix - C:\Program Files (x86)\Mozilla Firefox\extensions\{852B9B5F-E8A7-49b4-B7C3-79A3E8A829F6} [2014-05-11] FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-05-11] FF HKLM-x32\...\Firefox\Extensions: [daplinkchecker@speedbit.com] - H:\Program Files (x86)\DAP\daplinkchecker FF Extension: DAP Link Checker - H:\Program Files (x86)\DAP\daplinkchecker [2013-03-06] FF HKLM-x32\...\Firefox\Extensions: [{00F0643E-B367-4779-B45D-7046EBA37A88}] - C:\Program Files (x86)\Steganos Privacy Suite 14\spmplugin3 FF Extension: Steganos Password Manager - C:\Program Files (x86)\Steganos Privacy Suite 14\spmplugin3 [2014-05-10] FF HKLM-x32\...\Firefox\Extensions: [Player@Wondershare.com] - C:\ProgramData\Wondershare\Player\Player@Wondershare.com FF Extension: Wondershare Player - C:\ProgramData\Wondershare\Player\Player@Wondershare.com [2014-07-24] FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox FF Extension: RoboForm Toolbar for Firefox - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2011-11-03] FF HKLM-x32\...\Firefox\Extensions: [webrootsecure@webroot.com] - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer FF Extension: Webroot Filtering Extension - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer [2014-08-16] FF HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Firefox\Extensions: [{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}] - H:\Program Files (x86)\DAP\DAPFireFox FF Extension: Download Accelerator Plus (DAP) extension - H:\Program Files (x86)\DAP\DAPFireFox [2015-02-12] FF HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Firefox\Extensions: [CaptureSaver@goldgingko.com] - H:\Program Files (x86)\CaptureSaver\Firefox FF Extension: No Name - H:\Program Files (x86)\CaptureSaver\Firefox [2013-03-19] FF HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Firefox\Extensions: [{54affe52-8223-453b-be1e-2fe2e250045c}] - C:\Users\Otie\AppData\Roaming\Lamantine\Sticky Password\spAutofill FF Extension: Sticky Password Autofill Engine - C:\Users\Otie\AppData\Roaming\Lamantine\Sticky Password\spAutofill [2013-08-21] FF HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Firefox\Extensions: [{b9aa91db-385d-4c69-8a2f-96790aa9405b}] - c:\program files (x86)\copernic\desktopsearch4\firefoxconnector FF Extension: Copernic Desktop Search - Search Firefox content - c:\program files (x86)\copernic\desktopsearch4\firefoxconnector [2015-01-04] FF HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox FF Extension: No Name - C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\extensions\iobitascsurfingprotection@iobit.com [Not Found] Chrome: ======= CHR Profile: C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Copernic Desktop Search Connector) - C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnnbdaahphjgdgfhliignpepgnbnfomp [2015-01-09] CHR Extension: (MapsGalaxy) - C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplpjadbknogbflmjibalndpigmeekig [2015-01-23] CHR Extension: (Email this page (by Google)) - C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbeoemfhkdniadbojeencpkgmobndpai [2014-11-28] CHR Extension: (Download Accelerator Plus (DAP)) - C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb [2014-03-09] CHR Extension: (Ads Removal) - C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2015-04-02] CHR Extension: (Pin It Button) - C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2015-01-17] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-04] CHR Extension: (Google Wallet) - C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-04] CHR Extension: (MyMusicCloud) - C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\plaelelbkmommhmjlepigoiepmdaihbk [2014-11-28] CHR Extension: (RoboForm) - C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2014-02-20] CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-02-20] CHR HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [cnnbdaahphjgdgfhliignpepgnbnfomp] - c:\program files (x86)\copernic\desktopsearch4\ChromeConnector\ChromeConnector.crx [2014-11-04] CHR HKLM-x32\...\Chrome\Extension: [anbokkmepepimgojjogolhgghcfjklgn] - No Path Or update_url value CHR HKLM-x32\...\Chrome\Extension: [bkdegagmpemadclljncealhmmkojfoam] - C:\ProgramData\Wondershare\Player\Player@Wondershare.com.crx [2014-07-24] CHR HKLM-x32\...\Chrome\Extension: [ffdcfjdljhbehggjdkdioajnknjcpbjb] - H:\Program Files (x86)\DAP\DAPChrome\DAPChrome6.crx [2015-02-12] CHR HKLM-x32\...\Chrome\Extension: [flhffmlebdljeojiioaifnbjdgimjidh] - C:\Program Files (x86)\Savvy Suggestor\SavvySuggestor.crx [2013-03-19] CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - C:\ProgramData\WRData\PKG\CHROME\CHROME_1.0.2.42.crx [2014-10-23] CHR HKLM-x32\...\Chrome\Extension: [lfffjahnfbocnaooecgijfnbpcfekoik] - No Path Or update_url value CHR HKLM-x32\...\Chrome\Extension: [odoegbfnimkkocjoeoelkonmlfpbhlnc] - No Path Or update_url value CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-02-20] StartMenuInternet: Google Chrome.ZKQNNAMAU5GYRZ5AX7MHZYPD44 - C:\Users\Otie\AppData\Local\Google\Chrome\Application\chrome.exe Opera: ======= OPR Extension: (Ghostery) - C:\Users\Otie\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg [2013-08-08] OPR Extension: (DuckDuckGo for Opera) - C:\Users\Otie\AppData\Roaming\Opera Software\Opera Stable\Extensions\cfbekbndggmbdkfhjandenfihkdkndil [2013-08-08] OPR Extension: (Documents) - C:\Users\Otie\AppData\Roaming\Opera Software\Opera Stable\Extensions\dppmcfgmeabflhohikbaegalkbjnbomd [2013-08-09] OPR Extension: (Sticky Password Autofill Engine) - C:\Users\Otie\AppData\Roaming\Opera Software\Opera Stable\Extensions\fhdcahhbjlmpbdcjnbhcobdaeieomgop [2013-08-21] OPR Extension: (Pocket (formerly Read It Later)) - C:\Users\Otie\AppData\Roaming\Opera Software\Opera Stable\Extensions\hedlhkdmdlcjhiblbmfggdiaeekblnoi [2013-08-08] OPR Extension: (media enhance) - C:\Users\Otie\AppData\Roaming\Opera Software\Opera Stable\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo [2014-03-16] OPR Extension: (Adblock Plus) - C:\Users\Otie\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2013-08-08] OPR Extension: (RoboForm) - C:\Program Files (x86)\Siber Systems\AI RoboForm\Opera [2011-11-03] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-08-16] (SUPERAntiSpyware.com) S3 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43072 2012-03-19] (ArcSoft, Inc.) S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-01-14] (Adobe Systems) [File not signed] R2 AHDDC2; H:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe [1518504 2012-07-30] () R2 AnviCsbSvc; C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe [42680 2013-12-23] (Anvisoft) S3 Apache2.2; C:\Program Files (x86)\SMTPing\Apache\bin\httpd.exe [20549 2012-01-28] (Apache Software Foundation) [File not signed] R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.) S3 becldr3Service; C:\Program Files\BCL Technologies\easyConverter SDK 3\Common\becldr.exe [263168 2013-07-03] () [File not signed] S3 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.) R2 CachemanService; C:\Program Files (x86)\Cacheman\CachemanServ.exe [238152 2013-05-14] (Outertech) R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64624 2014-06-12] (CyberGhost S.R.L) S3 COSService.exe; C:\Program Files\COMODO\COMMON\COSService.exe [3484352 2014-05-01] (COMODO Security Solutions) R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.) R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.) S4 DiskBoss Service; C:\Program Files (x86)\DiskBoss\bin\diskbsa.exe [102400 2013-06-06] () [File not signed] S3 dleaCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe [45224 2010-05-21] () S3 dlea_device; C:\Windows\system32\dleacoms.exe [1052328 2010-05-21] ( ) S3 dlea_device; C:\Windows\SysWOW64\dleacoms.exe [1052328 2010-05-21] ( ) R2 DNSCrypt; C:\Program Files (x86)\OpenDNS\DNSCrypt\OpenDNSCryptService.exe [14336 2012-08-31] () [File not signed] R2 DriveClone Network Client IBP; C:\Program Files (x86)\RestoreIT 2014\IBP\fsloader.exe [135888 2013-03-11] () S4 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG) [File not signed] R2 FBAgent; C:\Program Files (x86)\FarStone TotalRecovery\EFB\FBAgent.exe [73064 2013-05-15] () S3 FileMarkerApplyIconService; H:\Program Files (x86)\FileMarker.NET\FileMarkerService.exe [717576 2013-11-01] (ArcticLine Software) S3 Filemind.Windows.Service; C:\Program Files\FileMind\FileMind.Windows.Service.exe [479480 2012-10-22] () S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [3276800 2008-08-07] (MAGIX®) [File not signed] S4 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [241728 2014-03-11] (Foxit Corporation) S3 GenieTimelineService; C:\Program Files\Genie9\Genie Timeline\GenieTimelineService.exe [678464 2013-12-08] (Genie9) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-27] (NVIDIA Corporation) S3 HDDSvc; C:\Program Files (x86)\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe [479232 2015-01-15] (AltrixSoft (http://www.altrixsoft.com/)) [File not signed] S4 IconixService; C:\Program Files (x86)\Common Files\Iconix\IconixService.exe [284512 2012-01-23] () R2 Leawo_service; C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe [1114608 2013-12-12] () S4 MotoHelper; C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe [214896 2011-12-06] () S3 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-03-26] (Nitro PDF Software) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-27] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-27] (NVIDIA Corporation) S4 ocster_backup; c:\Program Files\Ocster Backup\bin\backupService-ox.exe [23896 2014-12-23] () R2 OO DiskImage; C:\Program Files\OO Software\DiskImage\oodiag.exe [6258480 2013-09-09] (O&O Software GmbH) S4 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1657640 2014-05-12] (O&O Software GmbH) S3 PGMTrusted; P:\Program Files (x86)\Pogo Games\PGMTrusted.exe [519920 2012-10-29] (iWin Inc.) S2 PowerBoosterServer; H:\Program Files (x86)\Amigabit Powerbooster\PowerBoosterServer32.exe [100704 2014-02-27] () S3 PRTGCoreService; C:\Program Files (x86)\PRTG Network Monitor\PRTG Server.exe [4345616 2012-02-09] (Paessler AG) S3 PRTGProbeService; C:\Program Files (x86)\PRTG Network Monitor\PRTG Probe.exe [3835152 2012-02-09] (Paessler AG) S4 PuranDefrag; C:\Windows\system32\PuranDefragS.exe [292736 2012-08-13] (Puran Software) [File not signed] S3 PyCron; C:\Program Files (x86)\SMTPing\PyCron\pycron.exe [24576 2006-06-05] () [File not signed] S4 QBCFMonitorService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe [45056 2010-09-30] (Intuit) [File not signed] S3 QBFCService; C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe [61440 2009-07-23] (Intuit Inc.) [File not signed] S4 QBVSS; C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe [1251840 2010-09-17] () [File not signed] R2 rccsvc; C:\Program Files (x86)\Quietzone\RQZ\rccsvc.exe [2043392 2014-04-10] (Returnil and its licensors) S3 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [1141232 2014-05-29] (Paramount Software UK Ltd) R2 rsssvc; C:\Program Files (x86)\Quietzone\RQZ\rsssvc.exe [1061808 2014-04-10] (Returnil and its licensors) S4 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC) S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2012-05-23] (Sony Corporation) [File not signed] S3 Steganos Volatile Disk; C:\Windows\SysWOW64\STGRAMDiskHandler64.exe [450560 2013-07-17] (Softwareentwicklung Remus - ArchiCrypt) [File not signed] S3 SuperEasy Software Defrag Service; H:\Program Files (x86)\SuperEasy Software\Live Defrag\supereasydefragservice.exe [1429976 2012-03-13] (SuperEasy Software) S3 supereasy_1cbackup; c:\Program Files\SuperEasy Software\1-Click Backup Free\bin\backupService-sez1cb.exe [24672 2013-11-28] () R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-03-04] (Dell Inc.) S3 SynchronizationService.exe; C:\Program Files\COMODO\COMMON\SynchronizationService.exe [2559168 2014-05-01] (COMODO Security Solutions) R2 Tran_Process_Proc; C:\Program Files (x86)\FarStone TotalRecovery\EFB\DCNTranProc.exe [71024 2012-11-14] () R2 VoodooShieldService; C:\Program Files\VoodooShield\VoodooShieldService.exe [320352 2014-10-21] (VoodooSoft, LLC) R2 WebUpdate4; C:\Windows\SysWOW64\WebUpdateSvc4.exe [412776 2013-11-25] (Data Perceptions / PowerProgrammer) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S3 WiseBootAssistant; H:\Program Files (x86)\GOTD\Wise\Wise Care 365\BootTime.exe [580232 2013-05-28] (WiseCleaner.com) S2 ASCAntivirusSrv; No ImagePath S4 IMFservice; H:\Program Files (x86)\IObit\IObit Malware Fighter2\IMFsrv.exe [X] S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [X] S4 楗敳潂瑯獁楳瑳湡t; 㩈停潲牧浡䘠汩獥⠠㡸⤶坜獩⁥慃敲㌠㔶䉜潯呴浩⹥硥e [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.) S3 ampa; C:\Windows\system32\ampa.sys [17008 2013-12-18] () S3 ampa; C:\Windows\SysWOW64\ampa.sys [17008 2013-12-18] () R0 bdisk; C:\Windows\System32\DRIVERS\bdisk.sys [86000 2014-05-01] (COMODO Security Solutions Inc.) S3 BioNT_BS; H:\Program Files (x86)\Paragon_Software\Partition_Manager_11_Personal_Special_Edition\bluescrn\BioNT_bs.sys [22096 2011-08-29] (Paragon Software GmbH) R1 BTOWSFF; C:\Windows\System32\Drivers\BTOWSFF.sys [32576 2012-12-22] (Toolwiz.com) R0 BTOWSVF; C:\Windows\System32\Drivers\BTOWSVF.sys [50496 2012-12-22] (Toolwiz.com) R0 CBUFS; C:\Windows\System32\DRIVERS\CBUFS.sys [234808 2014-05-01] (COMODO Security Solutions Inc.) R0 cbvd; C:\Windows\System32\DRIVERS\cbvd.sys [681376 2014-05-01] (COMODO Security Solutions Inc.) S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] () R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation) S3 ddmdrv; C:\Windows\system32\ddmdrv.sys [15288 2011-06-15] () [File not signed] S3 ddmdrv; C:\Windows\SysWOW64\ddmdrv.sys [12728 2011-06-15] () [File not signed] R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation) S3 DigiartyVirtualCDBus; C:\Windows\System32\drivers\DigiartyVirtualCDBus.sys [276256 2013-12-13] (Digiarty Software, Inc.) R1 ElRawDisk; C:\Windows\system32\drivers\rsdrvx64.sys [30752 2013-09-15] (EldoS Corporation) R3 FARMNTIO; c:\windows\system32\drivers\farmntio.sys [25144 2013-04-11] () [File not signed] R3 GEARAspiWDM; C:\Windows\SysWOW64\DRIVERS\GEARAspiWDM.sys [15664 2012-06-08] (GEAR Software Inc.) S3 gfiark; C:\Windows\System32\drivers\gfiark.sys [39504 2013-04-11] (ThreatTrack Security) R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2013-07-16] (GFI Software) R3 glancedrv; C:\Windows\System32\DRIVERS\glancedrv.sys [36384 2009-05-13] (Glance Networks, Inc) R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-03-20] (Glarysoft Ltd) R2 HCDisk; C:\Windows\System32\Drivers\HCDisk.sys [67296 2013-03-28] () R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [39248 2013-02-26] (Paragon Software Group) R3 ISpeakVA; C:\Windows\System32\drivers\wav_mixer.sys [35592 2014-05-09] () R0 KSafeDISK; C:\Windows\System32\Drivers\KSafeDISK.sys [52544 2012-12-22] (Toolwiz.com) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-03-31] (Malwarebytes Corporation) S3 MDA_NTDRV; C:\Windows\system32\MDA_NTDRV.sys [21208 2013-02-25] () R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99800 2014-02-08] (Intel Corporation) R1 mse; C:\Windows\System32\drivers\mse.sys [51896 2015-01-10] (Windows (R) Win 7 DDK provider) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-27] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation) R0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [116936 2013-09-09] (O&O Software GmbH) R0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [41160 2013-09-09] (O&O Software GmbH) R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [255688 2013-09-09] (O&O Software GmbH) R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [44744 2013-09-09] (O&O Software GmbH) U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [35816 2014-03-31] (Greatis Software) S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] () S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] () R0 Reparse; C:\Windows\System32\DRIVERS\CBReparse.sys [678280 2014-05-01] (COMODO Security Solutions Inc.) R0 rmseffmv; C:\Windows\System32\drivers\rmseffmv.sys [31432 2014-04-10] (CJSC Returnil Software) R0 rmseng; C:\Windows\System32\drivers\rmseng.sys [333728 2014-04-10] (CJSC Returnil Software) S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-07-19] (RapidSolution Software AG) R1 RrNetCapFilterDriver; C:\Windows\System32\DRIVERS\RrNetCapFilterDriver.sys [24744 2014-04-28] (Audials AG) R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-07-19] (RapidSolution Software AG) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC) R0 Shdbus; C:\Windows\SysWow64\DRIVERS\Shdbus.sys [12672 2010-11-29] () [File not signed] R0 Shield; C:\Windows\SysWow64\DRIVERS\Shield.sys [97664 2010-11-29] () [File not signed] R0 Shieldf; C:\Windows\SysWow64\DRIVERS\Shieldf.sys [32128 2010-11-29] () [File not signed] R0 ShieldM; C:\Windows\SysWow64\DRIVERS\Shieldm.sys [18304 2010-11-29] () [File not signed] R1 SLEE_18_DRIVER; C:\Windows\Sleen1864.sys [109144 2014-01-30] (Softwareentwicklung Remus - ArchiCrypt - ) R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [31472 2014-03-31] (Synaptics Incorporated) R1 STGMFEngine64; C:\Windows\system32\drivers\STGMFEngine64.sys [28576 2013-07-17] (Softwareentwicklung Remus - ArchiCrypt.com) S1 SUHDCrypt; C:\Windows\SysWOW64\Drivers\PDisk.sys [208256 2012-10-20] (Pdisk Foundation) [File not signed] R1 UimBus; C:\Windows\System32\DRIVERS\uimx64.sys [59184 2011-11-14] (Windows (R) 2000 DDK provider) R1 Uim_IM; C:\Windows\System32\Drivers\Uim_IMx64.sys [572336 2011-11-14] (Paragon) R1 Uim_VIM; C:\Windows\System32\Drivers\uim_vimx64.sys [352816 2011-11-14] (Paragon) U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] () R3 UVFltr; C:\Windows\System32\DRIVERS\UVFltr.sys [26832 2013-03-11] (Farstone Technology Inc) R3 vdbus; C:\Windows\System32\DRIVERS\vdbus.sys [829648 2014-05-01] (COMODO Security Solutions Inc.) R0 vidsflt53; C:\Windows\System32\DRIVERS\vsflt53.sys [141920 2013-11-29] (Acronis) R0 VVBackd5; C:\Windows\System32\Drivers\VVBackd5.sys [150216 2013-11-08] (Farstone inc.) R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2014-01-23] (WinISO.com) S3 WinRing0_1_2_0; H:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [14544 2012-08-01] (OpenLibSys.org) S3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [35344 2013-04-27] () R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [114176 2015-02-01] (Webroot) S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog64.sys [X] S3 cleanhlp; \??\C:\Program Files (x86)\Ashampoo\Ashampoo Anti-Virus\cleanhlp64.sys [X] S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X] U4 CSC; No ImagePath U4 CSCService; No ImagePath U3 DfSdkS; No ImagePath S3 FileMonitor; \??\H:\Program Files (x86)\IObit\IObit Malware Fighter2\Drivers\win7_amd64\FileMonitor.sys [X] U4 Messenger; No ImagePath S3 motusbdevice; system32\DRIVERS\motusbdevice.sys [X] S3 PcdrNdisuio; syswow64\drivers\pcdrndisuio.sys [X] S3 RegFilter; \??\H:\Program Files (x86)\IObit\IObit Malware Fighter2\drivers\win7_amd64\regfilter.sys [X] U0 SR; No ImagePath U2 srservice; No ImagePath S3 UrlFilter; \??\H:\Program Files (x86)\IObit\IObit Malware Fighter2\drivers\win7_amd64\UrlFilter.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-09 15:17 - 2015-04-08 07:23 - 00898472 _____ (Oracle Corporation) C:\Windows\SysWOW64\npdeployJava1.dll 2015-04-09 15:17 - 2015-04-08 07:23 - 00818088 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll 2015-04-09 08:38 - 2015-04-09 08:38 - 00007088 _____ () C:\Users\Otie\Desktop\System Idle Process.txt 2015-04-09 08:34 - 2015-04-09 08:34 - 02480312 _____ (Sysinternals - www.sysinternals.com) C:\Users\Otie\Desktop\procexp (1).exe 2015-04-08 17:39 - 2015-04-08 17:39 - 00015458 ___RH () C:\farstone_pe.letter 2015-04-08 17:10 - 2015-04-08 17:10 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-OTIE-PC-Windows-7-Home-Premium-(64-bit).dat 2015-04-08 17:10 - 2015-04-08 17:10 - 00000000 ____D () C:\RegBackup 2015-04-08 16:39 - 2015-04-08 16:39 - 00003644 _____ () C:\Windows\System32\Tasks\Tweaking.com - Windows Repair Tray Icon 2015-04-08 16:39 - 2015-04-08 16:39 - 00001821 _____ () C:\Users\Otie\Desktop\Tweaking.com - Windows Repair.lnk 2015-04-08 16:39 - 2015-04-08 16:39 - 00000000 ____D () C:\Users\Otie\Desktop\Tweaking.com 2015-04-08 16:39 - 2015-04-08 16:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com 2015-04-08 16:37 - 2015-04-08 16:37 - 12849424 _____ () C:\Users\Otie\Desktop\tweaking.com_windows_repair_aio_setup.exe 2015-04-08 16:33 - 2015-04-08 16:35 - 00008012 _____ () C:\VEW.txt 2015-04-08 16:31 - 2015-04-08 16:31 - 00061440 _____ ( ) C:\Users\Otie\Desktop\VEW.exe 2015-04-07 21:10 - 2015-03-13 11:38 - 00622224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe 2015-04-07 21:08 - 2015-03-13 15:41 - 32114888 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2015-04-07 21:08 - 2015-03-13 15:41 - 25460880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2015-04-07 21:08 - 2015-03-13 15:41 - 24775368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2015-04-07 21:08 - 2015-03-13 15:41 - 20466376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2015-04-07 21:08 - 2015-03-13 15:41 - 18580512 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2015-04-07 21:08 - 2015-03-13 15:41 - 17258024 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2015-04-07 21:08 - 2015-03-13 15:41 - 16022016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2015-04-07 21:08 - 2015-03-13 15:41 - 14121624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2015-04-07 21:08 - 2015-03-13 15:41 - 13297144 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2015-04-07 21:08 - 2015-03-13 15:41 - 13210080 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2015-04-07 21:08 - 2015-03-13 15:41 - 10775080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2015-04-07 21:08 - 2015-03-13 15:41 - 10715864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2015-04-07 21:08 - 2015-03-13 15:41 - 10262160 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2015-04-07 21:08 - 2015-03-13 15:41 - 03611792 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2015-04-07 21:08 - 2015-03-13 15:41 - 03249352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2015-04-07 21:08 - 2015-03-13 15:41 - 02906928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2015-04-07 21:08 - 2015-03-13 15:41 - 01896136 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434788.dll 2015-04-07 21:08 - 2015-03-13 15:41 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434788.dll 2015-04-07 21:08 - 2015-03-13 15:41 - 00997856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll 2015-04-07 21:08 - 2015-03-13 15:41 - 00970384 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll 2015-04-07 21:08 - 2015-03-13 15:41 - 00944784 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll 2015-04-07 21:08 - 2015-03-13 15:41 - 00930448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll 2015-04-07 21:08 - 2015-03-13 15:41 - 00909512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll 2015-04-07 21:08 - 2015-03-13 15:41 - 00878328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll 2015-04-07 21:08 - 2015-03-13 15:41 - 00354112 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll 2015-04-07 21:08 - 2015-03-13 15:41 - 00306208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll 2015-04-07 21:08 - 2015-03-13 15:41 - 00178512 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll 2015-04-07 21:08 - 2015-03-13 15:41 - 00164568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll 2015-04-07 19:57 - 2015-04-07 19:57 - 00096908 _____ () C:\ProgramData\1428450792.bdinstall.bin 2015-04-07 19:57 - 2015-04-07 19:57 - 00032329 _____ () C:\ProgramData\1428451024.bdinstall.bin 2015-04-07 19:53 - 2015-04-07 19:53 - 00037822 _____ () C:\ProgramData\1428450790.bdinstall.bin 2015-04-07 19:51 - 2015-04-07 19:51 - 00382536 _____ (BitDefender S.R.L.) C:\Windows\system32\Drivers\trufos.sys.upd 2015-04-07 18:47 - 2015-04-07 18:47 - 00006846 _____ () C:\Users\Otie\Desktop\Procexp.txt 2015-04-07 18:41 - 2015-04-07 18:41 - 02480312 _____ (Sysinternals - www.sysinternals.com) C:\Users\Otie\Downloads\procexp.exe 2015-04-07 18:30 - 2015-04-07 18:36 - 00193361 _____ () C:\Users\Otie\Desktop\Addition.txt 2015-04-07 18:25 - 2015-04-09 15:45 - 00061742 _____ () C:\Users\Otie\Desktop\FRST.txt 2015-04-07 18:25 - 2015-04-09 15:43 - 00128201 _____ () C:\Users\Otie\Desktop\FRST1.txt 2015-04-07 15:37 - 2015-04-07 15:37 - 00000000 ____D () C:\Users\Otie\AppData\Local\PackageAware 2015-04-07 15:34 - 2014-02-14 09:21 - 00000426 _____ () C:\AVScanner.ini 2015-04-07 10:48 - 2015-04-07 20:03 - 00000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc 2015-04-06 08:24 - 2015-04-06 08:24 - 00003182 _____ () C:\Windows\System32\Tasks\ASCU8_PerformanceMonitor 2015-04-06 08:24 - 2015-04-06 08:24 - 00002884 _____ () C:\Windows\System32\Tasks\Uninstaller_SkipUac_Otie 2015-04-06 08:24 - 2015-04-06 08:24 - 00002866 _____ () C:\Windows\System32\Tasks\ASCU8_SkipUac_Otie 2015-04-06 08:24 - 2015-04-06 08:24 - 00001252 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk 2015-04-06 08:23 - 2015-04-06 08:23 - 00000000 ____D () C:\ProgramData\{ACBCD40A-42A8-4FF9-BD42-ABCD14998CBA} 2015-04-04 15:35 - 2015-04-04 15:35 - 02095616 _____ (Farbar) C:\Users\Otie\Desktop\FRST64.exe 2015-04-04 15:28 - 2015-04-09 15:44 - 00000000 ____D () C:\FRST 2015-04-04 13:04 - 2015-04-04 13:04 - 00000000 ___SD () C:\Windows\SysWOW64\GWX 2015-04-04 13:03 - 2015-04-04 13:06 - 00000000 ___SD () C:\Windows\system32\GWX 2015-04-03 10:59 - 2014-04-05 18:38 - 00059880 _____ (Kerish Products) C:\Windows\system32\GPUTemp.dll 2015-04-03 10:58 - 2015-04-03 10:58 - 00000000 ____D () C:\ProgramData\Kerish Products 2015-04-03 10:57 - 2015-04-03 10:57 - 25397112 _____ (Kerish Products ) C:\Users\Otie\Downloads\Kerish_Doctor_4.60 (1).exe 2015-04-03 10:56 - 2015-04-03 10:57 - 25397112 _____ (Kerish Products ) C:\Users\Otie\Downloads\Kerish_Doctor_4.60.exe 2015-04-03 09:08 - 2015-04-03 09:09 - 00063886 _____ () C:\Users\Otie\Downloads\Accounts.20150403_090820.OFX 2015-04-02 19:19 - 2015-04-02 19:19 - 00000990 _____ () C:\Users\Otie\Desktop\vacation adventures - park ranger 3.lnk.70442.gzquar 2015-04-02 19:18 - 2015-04-02 19:18 - 00000906 _____ () C:\Users\Otie\Desktop\solitaire perfect match.lnk.823299.gzquar 2015-04-02 18:09 - 2015-04-02 18:10 - 00001084 _____ () C:\Users\Otie\Desktop\Fear for Sale Endless Voyage Collectors.lnk 2015-04-02 17:57 - 2015-04-02 17:57 - 00001408 _____ () C:\Users\Otie\Desktop\poker_solit.exe.lnk 2015-04-02 13:27 - 2015-04-02 13:33 - 129306865 _____ () C:\Users\Otie\Downloads\RoyalFlushSolit.rar 2015-04-02 13:26 - 2015-04-02 13:26 - 00000889 _____ () C:\Users\Otie\Desktop\Detective Quest.lnk 2015-04-02 13:25 - 2015-04-02 13:45 - 60382200 _____ () C:\Users\Otie\Downloads\HolidaySolitaireEaster.rar 2015-04-02 13:14 - 2015-04-02 13:14 - 00000867 _____ () C:\Users\Otie\Desktop\Magic Encyclopedia Moon Light.lnk 2015-04-02 13:04 - 2015-04-02 13:10 - 164509058 _____ () C:\Users\Otie\Downloads\DetectiveMysteryHiddenObject6in1 (1).rar 2015-04-02 12:58 - 2015-04-02 13:36 - 1003057221 _____ (Games ) C:\Users\Otie\Downloads\FearSaleEndlessVoyageCE.exe 2015-04-02 10:48 - 2015-04-02 10:48 - 00198305 _____ () C:\ProgramData\1427983808.bdinstall.bin 2015-04-02 10:10 - 2015-04-08 07:14 - 00000000 ____D () C:\Program Files\Bitdefender 2015-04-02 10:10 - 2015-04-02 10:10 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\QuickScan 2015-04-01 12:13 - 2015-04-01 12:13 - 00000915 _____ () C:\Users\Public\Desktop\RonyaSoft Poster Designer (Poster Forge).lnk 2015-04-01 12:13 - 2015-04-01 12:13 - 00000000 ____D () C:\Users\Public\Documents\RonyaSoft 2015-04-01 12:13 - 2015-04-01 12:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RonyaSoft 2015-04-01 12:12 - 2015-04-01 12:12 - 27925837 _____ () C:\Users\Otie\Downloads\RonyaSoftPosterDesigner202-fj9anc.zip 2015-03-31 10:55 - 2015-03-31 10:55 - 00001163 _____ () C:\Users\Otie\Desktop\1-abc.net File Washer.lnk 2015-03-31 10:54 - 2015-03-31 10:54 - 07717203 _____ () C:\Users\Otie\Downloads\1abcnetFileWasher700-pj8zs5.zip 2015-03-31 10:24 - 2015-03-31 10:24 - 00000661 _____ () C:\Users\Public\Desktop\DK Finder.lnk 2015-03-31 10:22 - 2015-03-31 10:22 - 00986364 _____ (Denes Kellner ) C:\Users\Otie\Downloads\install DK Finder 2.1.3.0.exe 2015-03-30 13:18 - 2015-04-02 16:12 - 00003484 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask 2015-03-30 13:18 - 2015-03-30 13:18 - 00004024 _____ () C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask 2015-03-30 13:18 - 2015-03-30 13:18 - 00000000 ____D () C:\ProgramData\PC-Doctor for Windows 2015-03-30 13:18 - 2015-03-30 13:18 - 00000000 ____D () C:\Program Files\Dell Support Center 2015-03-29 12:05 - 2015-03-29 12:05 - 00000987 _____ () C:\Users\Otie\Desktop\BTAW_TheOthers_CE.lnk 2015-03-29 12:05 - 2015-03-29 12:05 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bridge to Another World 2 The Others 2015-03-29 11:50 - 2015-03-29 11:50 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\PlayFirst 2015-03-29 11:50 - 2015-03-29 11:50 - 00000000 ____D () C:\ProgramData\PlayFirst 2015-03-29 10:31 - 2015-03-29 10:31 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\Sowhat 2015-03-29 10:15 - 2015-03-29 10:17 - 121563093 _____ () C:\Users\Otie\Downloads\R.F.S.rar 2015-03-29 10:04 - 2015-03-29 10:04 - 00000801 _____ () C:\Users\Otie\Desktop\RainbowMystery.lnk 2015-03-29 10:04 - 2015-03-29 10:04 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rainbow Mystery 2015-03-29 10:03 - 2015-03-29 10:03 - 00001072 _____ () C:\Users\Otie\Desktop\RoyalExpress.exe.lnk 2015-03-29 10:01 - 2015-03-29 10:01 - 00000901 _____ () C:\Users\Otie\Desktop\HolidayJigsawEaster2.lnk 2015-03-29 10:01 - 2015-03-29 10:01 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Holiday Jigsaw Easter 2 2015-03-29 10:00 - 2015-03-29 10:00 - 12766213 _____ () C:\Users\Otie\Downloads\Rain Mys.rar 2015-03-29 09:57 - 2015-03-29 09:57 - 00000886 _____ () C:\Users\Otie\Desktop\DogUnit.lnk 2015-03-29 09:57 - 2015-03-29 09:57 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dog Unit New York Detective Max 2015-03-29 09:53 - 2015-03-29 09:58 - 76605981 _____ () C:\Users\Otie\Downloads\Roy Ex.rar 2015-03-29 09:51 - 2015-03-29 10:09 - 544833864 _____ () C:\Users\Otie\Downloads\D.H.2.N.C.rar 2015-03-29 09:51 - 2015-03-29 09:59 - 139104574 _____ () C:\Users\Otie\Downloads\H.J.E.2.rar 2015-03-29 09:50 - 2015-03-29 10:36 - 1073741824 _____ () C:\Users\Otie\Downloads\B.A.W.2.T.O.part1.rar 2015-03-29 09:50 - 2015-03-29 09:57 - 230300840 _____ () C:\Users\Otie\Downloads\B.A.W.2.T.O.part2.rar 2015-03-29 09:49 - 2015-03-29 09:54 - 170878237 _____ () C:\Users\Otie\Downloads\D.U.N.Y.D.M.rar 2015-03-28 06:45 - 2015-03-28 06:47 - 65230890 _____ () C:\Users\Otie\Downloads\Music Of Nashville Season 1 Vol 1 OST (Deluxe Edition).rar 2015-03-28 06:44 - 2015-03-28 06:47 - 80952012 _____ () C:\Users\Otie\Downloads\Music Of Nashville Season 2 Vol 1 OST (Deluxe Editon).rar 2015-03-28 06:32 - 2015-03-28 06:32 - 00000000 ____D () C:\Users\Otie\AppData\Local\flipbook 2015-03-28 06:32 - 2015-03-28 06:32 - 00000000 ____D () C:\Users\Otie\AppData\Local\1stflip 2015-03-28 06:30 - 2015-03-28 06:30 - 00000836 _____ () C:\Users\Public\Desktop\1stFlip FlipBook Creator.lnk 2015-03-28 06:30 - 2015-03-28 06:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1stFlip FlipBook Creator 2015-03-28 06:28 - 2015-03-28 06:29 - 61458425 _____ () C:\Users\Otie\Downloads\1stFlipFlipbookCreator101-fh1cb9.zip 2015-03-28 06:26 - 2015-03-28 06:26 - 00000715 _____ () C:\Users\Otie\Desktop\The Great Pharaoh.exe.lnk 2015-03-28 06:21 - 2015-03-28 06:22 - 53143507 _____ () C:\Users\Otie\Downloads\TheGreatPharaoh-dgh3va.zip 2015-03-27 13:20 - 2015-03-27 13:20 - 00001184 _____ () C:\Users\Otie\Desktop\Mystery Trackers Nightsville Horror Collectors.lnk 2015-03-27 13:07 - 2015-03-27 13:07 - 00000928 _____ () C:\Users\Otie\Desktop\Demon Hunter 2 New Chapter Premium.lnk 2015-03-27 11:49 - 2015-03-27 11:49 - 00001149 _____ () C:\Users\Otie\Desktop\App.exe.lnk 2015-03-27 11:48 - 2015-03-27 11:48 - 00001342 _____ () C:\Users\Otie\Desktop\CloverTale_TheMagicValley.exe.lnk 2015-03-27 11:48 - 2015-03-27 11:48 - 00000868 _____ () C:\Users\Otie\Desktop\JMS.exe.lnk 2015-03-27 11:47 - 2015-03-27 11:47 - 00000733 _____ () C:\Users\Otie\Desktop\Depths of Time.exe.lnk 2015-03-27 11:44 - 2015-03-27 11:44 - 00000883 _____ () C:\Users\Otie\Desktop\Fishdom Depths of Time CE.lnk 2015-03-27 11:19 - 2015-03-27 11:32 - 251420273 _____ (Games ) C:\Users\Otie\Downloads\FishdomDepthsTimeCE.exe 2015-03-27 11:17 - 2015-03-27 11:23 - 206495008 _____ (Games ) C:\Users\Otie\Downloads\CloverTaleMagicValley.exe 2015-03-27 11:17 - 2015-03-27 11:20 - 104349489 _____ () C:\Users\Otie\Downloads\JewelMatchSnowscapesNew.rar 2015-03-27 11:15 - 2015-03-27 11:39 - 824259898 _____ () C:\Users\Otie\Downloads\DemonHunterChrBeyondUntoldStorybfg.rar 2015-03-27 11:14 - 2015-03-27 11:53 - 904233398 _____ (Games ) C:\Users\Otie\Downloads\DemonHunter2NewChapterPE.exe 2015-03-27 11:12 - 2015-03-27 11:17 - 164509058 _____ () C:\Users\Otie\Downloads\DetectiveMysteryHiddenObject6in1.rar 2015-03-27 11:09 - 2015-03-27 12:27 - 1400793992 _____ (Games ) C:\Users\Otie\Downloads\MysteryTrackersNightsvilleHorrorCE.exe 2015-03-26 06:22 - 2015-03-26 06:23 - 14691432 _____ () C:\Users\Otie\Downloads\yosetup (1).exe 2015-03-26 06:21 - 2015-03-26 06:21 - 14691432 _____ () C:\Users\Otie\Downloads\yosetup.exe 2015-03-25 12:30 - 2015-03-25 12:31 - 00001728 _____ () C:\Users\Otie\Desktop\HP Scan.lnk 2015-03-25 10:52 - 2015-03-25 10:52 - 00001886 _____ () C:\Users\Public\Desktop\Zoner Photo Studio 16.lnk 2015-03-25 10:52 - 2015-03-25 10:52 - 00001886 _____ () C:\Users\Public\Desktop\Zoner Photo Studio 16 x64.lnk 2015-03-25 10:52 - 2015-03-25 10:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoner Photo Studio 16 2015-03-25 10:44 - 2015-03-25 10:45 - 57193120 _____ (ZONER software ) C:\Users\Otie\Downloads\zps16_en_pro_sos.exe 2015-03-25 06:53 - 2015-03-25 06:53 - 00062337 _____ () C:\Users\Otie\Downloads\Accounts.20150325_065345.OFX 2015-03-24 21:33 - 2015-03-24 21:35 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\PackOnPc 2015-03-24 14:07 - 2015-03-24 14:07 - 00000000 ____D () C:\Users\Otie\Documents\Marco Polo Save 2015-03-24 14:06 - 2015-03-24 14:06 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\com.totem.marcopolo 2015-03-24 13:49 - 2015-03-24 13:49 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Detective Mystery - 6 In 1 Hidden Object Collection 2015-03-24 13:48 - 2015-03-24 13:48 - 00000946 _____ () C:\Users\Otie\Desktop\The Travels of Marco Polo.lnk 2015-03-24 13:48 - 2015-03-24 13:48 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Travels of Marco Polo 2015-03-24 13:46 - 2015-03-24 13:46 - 00001187 _____ () C:\Users\Otie\Desktop\The Secret Order 4 - Beyond Time Collector's Edition.lnk 2015-03-24 13:46 - 2015-03-24 13:46 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Secret Order 4 - Beyond Time Collector's Edition 2015-03-24 13:44 - 2015-03-24 13:44 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vacation Adventures - Park Ranger 3 2015-03-24 10:10 - 2015-03-24 10:10 - 00000766 _____ () C:\Users\Otie\Desktop\Pachinko Pop.lnk 2015-03-24 10:10 - 2015-03-24 10:10 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\SteelSteedStudio 2015-03-24 10:10 - 2015-03-24 10:10 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pachinko Pop 2015-03-24 10:09 - 2015-03-24 10:09 - 00000934 _____ () C:\Users\Otie\Desktop\True Detective Solitaire.lnk 2015-03-24 10:09 - 2015-03-24 10:09 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\True Detective Solitaire 2015-03-24 10:07 - 2015-03-24 10:21 - 472471205 _____ () C:\Users\Otie\Downloads\The Travels of Marco Polo.rar 2015-03-24 10:07 - 2015-03-24 10:12 - 159554381 _____ () C:\Users\Otie\Downloads\Detective Mystery- 6 In 1 Hidden Object Collection.rar 2015-03-24 10:06 - 2015-03-24 10:54 - 973007580 _____ () C:\Users\Otie\Downloads\The Secret Order 4 - Beyond Time Collector's Edition.rar 2015-03-24 10:06 - 2015-03-24 10:08 - 59999118 _____ () C:\Users\Otie\Downloads\True Detective Solitaire.rar 2015-03-24 10:05 - 2015-03-24 10:15 - 195371516 _____ () C:\Users\Otie\Downloads\Vacation Adventures - Park Ranger 3.rar 2015-03-24 10:05 - 2015-03-24 10:09 - 108779908 _____ () C:\Users\Otie\Downloads\Pachinko Pop.rar 2015-03-23 06:30 - 2015-03-23 06:30 - 00020992 ___SH () C:\Users\Otie\Documents\Thumbs.db 2015-03-22 14:07 - 2015-03-22 14:07 - 00000000 ____D () C:\Users\Otie\Documents\The Lonely Hearts Murders SE 2015-03-22 08:58 - 2015-03-22 08:58 - 00001044 _____ () C:\Users\Public\Desktop\Play More Playrix Games!.lnk 2015-03-22 08:58 - 2015-03-22 08:58 - 00001028 _____ () C:\Users\Public\Desktop\Brink of Consciousness - The Lonely Hearts Murders.lnk 2015-03-22 08:58 - 2015-03-22 08:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brink of Consciousness - The Lonely Hearts Murders 2015-03-22 08:42 - 2015-03-22 08:55 - 781588506 _____ () C:\Users\Otie\Downloads\BrinkOfConsciousnessLonelyHeartsMurders-hu7f4a.zip 2015-03-21 06:50 - 2015-03-21 06:50 - 08795496 _____ (PearlMountain Technology Co., Ltd ) C:\Users\Otie\Downloads\CollageIt-March2015.exe 2015-03-20 07:08 - 2015-03-20 07:08 - 00000000 ____D () C:\Users\Otie\AppData\Local\Unity 2015-03-20 07:07 - 2015-03-20 07:07 - 01081088 _____ (Unity Technologies ApS) C:\Users\Otie\Downloads\UnityWebPlayer.exe 2015-03-20 06:53 - 2015-03-20 06:53 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys 2015-03-20 06:53 - 2015-03-20 06:53 - 00002968 _____ () C:\Windows\System32\Tasks\GU5SkipUAC 2015-03-20 06:53 - 2015-03-20 06:53 - 00002622 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5 2015-03-20 06:53 - 2015-03-20 06:53 - 00001108 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk 2015-03-20 06:53 - 2015-03-20 06:53 - 00001096 _____ () C:\Users\Public\Desktop\Glary Utilities 5.lnk 2015-03-20 06:53 - 2015-03-20 06:53 - 00000330 _____ () C:\Windows\Tasks\GlaryInitialize 5.job 2015-03-20 06:53 - 2015-03-20 06:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5 2015-03-20 06:53 - 2015-03-20 06:53 - 00000000 ____D () C:\ProgramData\GlarySoft 2015-03-20 06:52 - 2015-04-09 07:17 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5 2015-03-20 06:50 - 2015-03-20 06:51 - 15006728 _____ () C:\Users\Otie\Downloads\gup5setup.exe 2015-03-19 06:34 - 2015-03-19 06:37 - 00000000 ____D () C:\ProgramData\Smarty Uninstaller 4 2015-03-19 06:33 - 2015-03-19 06:33 - 16119816 _____ () C:\Users\Otie\Downloads\SmartyUninstaller412-fh9s8d.zip 2015-03-18 11:20 - 2015-03-18 11:20 - 06386208 _____ (YL Computing, Inc ) C:\Users\Otie\Downloads\wuinstall.exe 2015-03-18 07:50 - 2015-03-18 07:51 - 00000065 ____H () C:\Windows\memofor.ini 2015-03-18 07:50 - 2015-03-18 07:50 - 00000052 ____H () C:\Windows\SysWOW64\$winnpt$.ini 2015-03-18 07:49 - 2015-03-18 07:52 - 00000079 _____ () C:\Windows\Protection.INI 2015-03-18 07:46 - 2015-03-18 07:48 - 00000827 _____ () C:\Users\Otie\Desktop\COVERT Pro AE.lnk 2015-03-18 07:46 - 2015-03-18 07:48 - 00000090 _____ () C:\Windows\fileAECPinst.ini 2015-03-18 07:46 - 2015-03-18 07:47 - 27660500 _____ () C:\Users\Otie\Downloads\COVERTpro309-ki98gs (1).zip 2015-03-18 07:44 - 2015-03-18 07:45 - 27660500 _____ () C:\Users\Otie\Downloads\COVERTpro309-ki98gs.zip 2015-03-15 09:55 - 2015-03-15 09:55 - 00001355 _____ () C:\Users\Otie\Desktop\EternalJourney_NewAtlantis.exe.lnk 2015-03-15 09:48 - 2015-03-15 09:52 - 541502602 _____ () C:\Users\Otie\Downloads\EternalJourneyNewAtlantis-f56dg7.zip 2015-03-13 14:02 - 2015-03-13 14:02 - 00001977 _____ () C:\Users\Public\Desktop\CloudBerry Box.lnk 2015-03-13 14:02 - 2015-03-13 14:02 - 00000000 ____D () C:\Users\Otie\CloudBerryBox 2015-03-13 14:02 - 2015-03-13 14:02 - 00000000 ____D () C:\Users\Otie\AppData\Local\CloudBerryLab 2015-03-13 14:02 - 2015-03-13 14:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CloudBerryLab 2015-03-13 14:02 - 2015-03-13 14:02 - 00000000 ____D () C:\ProgramData\CloudBerryLab 2015-03-13 14:02 - 2015-03-13 14:02 - 00000000 ____D () C:\Program Files\CloudBerryLab 2015-03-13 08:41 - 2015-03-13 08:41 - 08520192 _____ () C:\Users\Otie\Downloads\CloudBerryBoxSetup_v1.2.0.16.exe 2015-03-12 06:51 - 2015-03-12 06:51 - 00000827 _____ () C:\Users\Public\Desktop\Hard Drive Inspector.lnk 2015-03-12 06:51 - 2015-03-12 06:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Drive Inspector Professional 2015-03-12 06:51 - 2015-03-12 06:51 - 00000000 ____D () C:\ProgramData\AltrixSoft 2015-03-12 06:48 - 2015-03-12 06:49 - 12377710 _____ () C:\Users\Otie\Downloads\HardDriveInspectorPro430.zip 2015-03-11 17:50 - 2015-03-11 17:50 - 00000000 ____D () C:\Windows\system32\appraiser 2015-03-11 17:27 - 2015-01-08 19:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls 2015-03-11 17:27 - 2015-01-08 19:43 - 00419936 _____ () C:\Windows\system32\locale.nls 2015-03-11 16:51 - 2015-03-11 16:51 - 00604440 _____ () C:\Users\Otie\Downloads\SAS_ForceUpdate.exe 2015-03-10 16:11 - 2015-02-20 00:41 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll 2015-03-10 16:11 - 2015-02-20 00:40 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll 2015-03-10 16:11 - 2015-02-20 00:40 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2015-03-10 16:11 - 2015-02-20 00:40 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll 2015-03-10 16:11 - 2015-02-20 00:13 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll 2015-03-10 16:11 - 2015-02-20 00:13 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2015-03-10 16:11 - 2015-02-20 00:13 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll 2015-03-10 16:11 - 2015-02-20 00:12 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll 2015-03-10 16:11 - 2015-02-19 23:29 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2015-03-10 16:11 - 2015-02-19 23:09 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2015-03-10 16:11 - 2015-02-02 23:34 - 05554104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-03-10 16:11 - 2015-02-02 23:30 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll 2015-03-10 16:11 - 2015-02-02 23:30 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll 2015-03-10 16:11 - 2015-02-02 23:12 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll 2015-03-10 16:11 - 2015-02-02 23:12 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll 2015-03-10 16:10 - 2015-02-02 23:34 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-03-10 16:10 - 2015-02-02 23:34 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys 2015-03-10 16:10 - 2015-02-02 23:33 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-03-10 16:10 - 2015-02-02 23:31 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll 2015-03-10 16:10 - 2015-02-02 23:31 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll 2015-03-10 16:10 - 2015-02-02 23:31 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll 2015-03-10 16:10 - 2015-02-02 23:31 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll 2015-03-10 16:10 - 2015-02-02 23:31 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll 2015-03-10 16:10 - 2015-02-02 23:31 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-03-10 16:10 - 2015-02-02 23:31 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll 2015-03-10 16:10 - 2015-02-02 23:31 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll 2015-03-10 16:10 - 2015-02-02 23:31 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2015-03-10 16:10 - 2015-02-02 23:31 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll 2015-03-10 16:10 - 2015-02-02 23:31 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-03-10 16:10 - 2015-02-02 23:31 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll 2015-03-10 16:10 - 2015-02-02 23:31 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll 2015-03-10 16:10 - 2015-02-02 23:31 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll 2015-03-10 16:10 - 2015-02-02 23:31 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll 2015-03-10 16:10 - 2015-02-02 23:31 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-03-10 16:10 - 2015-02-02 23:31 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll 2015-03-10 16:10 - 2015-02-02 23:31 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll 2015-03-10 16:10 - 2015-02-02 23:31 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll 2015-03-10 16:10 - 2015-02-02 23:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx 2015-03-10 16:10 - 2015-02-02 23:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll 2015-03-10 16:10 - 2015-02-02 23:30 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL 2015-03-10 16:10 - 2015-02-02 23:30 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-03-10 16:10 - 2015-02-02 23:30 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll 2015-03-10 16:10 - 2015-02-02 23:30 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll 2015-03-10 16:10 - 2015-02-02 23:30 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll 2015-03-10 16:10 - 2015-02-02 23:30 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll 2015-03-10 16:10 - 2015-02-02 23:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll 2015-03-10 16:10 - 2015-02-02 23:30 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-03-10 16:10 - 2015-02-02 23:30 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll 2015-03-10 16:10 - 2015-02-02 23:30 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll 2015-03-10 16:10 - 2015-02-02 23:30 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-03-10 16:10 - 2015-02-02 23:30 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe 2015-03-10 16:10 - 2015-02-02 23:30 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll 2015-03-10 16:10 - 2015-02-02 23:30 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe 2015-03-10 16:10 - 2015-02-02 23:30 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-03-10 16:10 - 2015-02-02 23:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll 2015-03-10 16:10 - 2015-02-02 23:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll 2015-03-10 16:10 - 2015-02-02 23:30 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe 2015-03-10 16:10 - 2015-02-02 23:30 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-03-10 16:10 - 2015-02-02 23:30 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll 2015-03-10 16:10 - 2015-02-02 23:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe 2015-03-10 16:10 - 2015-02-02 23:30 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe 2015-03-10 16:10 - 2015-02-02 23:30 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe 2015-03-10 16:10 - 2015-02-02 23:30 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe 2015-03-10 16:10 - 2015-02-02 23:29 - 00008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll 2015-03-10 16:10 - 2015-02-02 23:28 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-03-10 16:10 - 2015-02-02 23:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll 2015-03-10 16:10 - 2015-02-02 23:19 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys 2015-03-10 16:10 - 2015-02-02 23:16 - 03973048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-03-10 16:10 - 2015-02-02 23:16 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-03-10 16:10 - 2015-02-02 23:12 - 11411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll 2015-03-10 16:10 - 2015-02-02 23:12 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll 2015-03-10 16:10 - 2015-02-02 23:12 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll 2015-03-10 16:10 - 2015-02-02 23:12 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-03-10 16:10 - 2015-02-02 23:12 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll 2015-03-10 16:10 - 2015-02-02 23:12 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll 2015-03-10 16:10 - 2015-02-02 23:12 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2015-03-10 16:10 - 2015-02-02 23:12 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll 2015-03-10 16:10 - 2015-02-02 23:12 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll 2015-03-10 16:10 - 2015-02-02 23:12 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll 2015-03-10 16:10 - 2015-02-02 23:12 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll 2015-03-10 16:10 - 2015-02-02 23:12 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll 2015-03-10 16:10 - 2015-02-02 23:12 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll 2015-03-10 16:10 - 2015-02-02 23:12 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll 2015-03-10 16:10 - 2015-02-02 23:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll 2015-03-10 16:10 - 2015-02-02 23:12 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-03-10 16:10 - 2015-02-02 23:12 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ubpm.dll 2015-03-10 16:10 - 2015-02-02 23:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-03-10 16:10 - 2015-02-02 23:12 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll 2015-03-10 16:10 - 2015-02-02 23:12 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll 2015-03-10 16:10 - 2015-02-02 23:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll 2015-03-10 16:10 - 2015-02-02 23:12 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll 2015-03-10 16:10 - 2015-02-02 23:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-03-10 16:10 - 2015-02-02 23:12 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll 2015-03-10 16:10 - 2015-02-02 23:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx 2015-03-10 16:10 - 2015-02-02 23:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll 2015-03-10 16:10 - 2015-02-02 23:11 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL 2015-03-10 16:10 - 2015-02-02 23:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe 2015-03-10 16:10 - 2015-02-02 23:11 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe 2015-03-10 16:10 - 2015-02-02 23:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll 2015-03-10 16:10 - 2015-02-02 23:08 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-03-10 16:10 - 2015-02-02 22:32 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys 2015-03-10 16:10 - 2015-01-30 23:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2015-03-10 16:10 - 2015-01-30 23:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll 2015-03-10 16:10 - 2015-01-30 19:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2015-03-10 16:10 - 2014-10-31 18:24 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-03-10 16:10 - 2014-06-27 20:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2015-03-10 16:10 - 2014-06-27 20:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll 2015-03-10 16:09 - 2015-03-06 01:56 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-03-10 16:09 - 2015-03-06 01:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-03-10 16:09 - 2015-03-06 01:42 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-03-10 16:09 - 2015-03-06 01:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-03-10 16:09 - 2015-03-06 01:42 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-03-10 16:09 - 2015-03-06 01:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-03-10 16:09 - 2015-03-06 01:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-03-10 16:09 - 2015-03-06 01:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-03-10 16:09 - 2015-03-06 01:42 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-03-10 16:09 - 2015-03-06 01:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-03-10 16:09 - 2015-03-06 01:42 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-03-10 16:09 - 2015-03-06 01:42 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-03-10 16:09 - 2015-03-06 01:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-03-10 16:09 - 2015-03-06 01:41 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-03-10 16:09 - 2015-03-06 01:41 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-03-10 16:09 - 2015-03-06 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-03-10 16:09 - 2015-03-06 01:38 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-03-10 16:09 - 2015-03-06 01:36 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-03-10 16:09 - 2015-03-06 01:10 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-03-10 16:09 - 2015-03-06 01:10 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-03-10 16:09 - 2015-03-06 01:10 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-03-10 16:09 - 2015-03-06 01:10 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-03-10 16:09 - 2015-03-06 01:10 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-03-10 16:09 - 2015-03-06 01:10 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-03-10 16:09 - 2015-03-06 01:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-03-10 16:09 - 2015-03-06 01:10 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-03-10 16:09 - 2015-03-06 01:09 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-03-10 16:09 - 2015-03-06 01:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-03-10 16:09 - 2015-03-06 01:07 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-03-10 16:09 - 2015-03-06 01:07 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-03-10 16:09 - 2015-03-06 01:06 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-03-10 16:09 - 2015-02-25 23:25 - 03204096 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-03-10 16:09 - 2015-02-23 23:15 - 00389800 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-03-10 16:09 - 2015-02-23 22:32 - 00342696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-03-10 16:09 - 2015-02-20 21:16 - 25021440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-03-10 16:09 - 2015-02-20 20:41 - 12827648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-03-10 16:09 - 2015-02-20 20:27 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-03-10 16:09 - 2015-02-20 20:27 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-03-10 16:09 - 2015-02-20 20:25 - 19720192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-03-10 16:09 - 2015-02-20 19:58 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-03-10 16:09 - 2015-02-20 19:32 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-03-10 16:09 - 2015-02-19 23:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-03-10 16:09 - 2015-02-19 23:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-03-10 16:09 - 2015-02-19 22:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-03-10 16:09 - 2015-02-19 22:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-03-10 16:09 - 2015-02-19 22:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-03-10 16:09 - 2015-02-19 22:48 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-03-10 16:09 - 2015-02-19 22:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-03-10 16:09 - 2015-02-19 22:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-03-10 16:09 - 2015-02-19 22:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-03-10 16:09 - 2015-02-19 22:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-03-10 16:09 - 2015-02-19 22:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-03-10 16:09 - 2015-02-19 22:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-03-10 16:09 - 2015-02-19 22:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-03-10 16:09 - 2015-02-19 22:32 - 06035456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-03-10 16:09 - 2015-02-19 22:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-03-10 16:09 - 2015-02-19 22:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-03-10 16:09 - 2015-02-19 22:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-03-10 16:09 - 2015-02-19 22:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-03-10 16:09 - 2015-02-19 22:09 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-03-10 16:09 - 2015-02-19 22:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-03-10 16:09 - 2015-02-19 22:08 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-03-10 16:09 - 2015-02-19 22:08 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-03-10 16:09 - 2015-02-19 22:06 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-03-10 16:09 - 2015-02-19 22:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-03-10 16:09 - 2015-02-19 22:03 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-03-10 16:09 - 2015-02-19 22:01 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-03-10 16:09 - 2015-02-19 22:00 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-03-10 16:09 - 2015-02-19 21:58 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-03-10 16:09 - 2015-02-19 21:56 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-03-10 16:09 - 2015-02-19 21:56 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-03-10 16:09 - 2015-02-19 21:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-03-10 16:09 - 2015-02-19 21:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-03-10 16:09 - 2015-02-19 21:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-03-10 16:09 - 2015-02-19 21:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-03-10 16:09 - 2015-02-19 21:43 - 14398976 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-03-10 16:09 - 2015-02-19 21:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-03-10 16:09 - 2015-02-19 21:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-03-10 16:09 - 2015-02-19 21:30 - 04300288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-03-10 16:09 - 2015-02-19 21:28 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-03-10 16:09 - 2015-02-19 21:24 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-03-10 16:09 - 2015-02-19 21:24 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-03-10 16:09 - 2015-02-19 21:23 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-03-10 16:09 - 2015-02-19 21:16 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-03-10 16:09 - 2015-02-19 21:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-03-10 16:09 - 2015-02-19 21:01 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-03-10 16:09 - 2015-02-19 20:57 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-03-10 16:09 - 2015-02-19 20:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-03-10 16:09 - 2015-02-13 01:26 - 12875264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-03-10 16:09 - 2015-02-13 01:22 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-03-10 16:09 - 2015-02-02 23:31 - 01424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-03-10 16:09 - 2015-02-02 23:12 - 01230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-03-10 16:09 - 2015-01-30 19:56 - 00459336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-03-10 16:09 - 2015-01-16 22:48 - 01067520 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll 2015-03-10 16:09 - 2015-01-16 22:30 - 00828928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll 2015-03-10 16:08 - 2015-02-03 23:16 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2015-03-10 16:08 - 2015-02-03 22:54 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-04-09 15:40 - 2012-10-24 07:48 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\Earth Alerts 2015-04-09 15:30 - 2013-06-07 16:15 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\IObit 2015-04-09 15:28 - 2012-05-26 09:02 - 00000000 ____D () C:\ProgramData\IObit 2015-04-09 15:27 - 2013-06-07 16:21 - 00000000 ____D () C:\Program Files (x86)\IObit 2015-04-09 15:22 - 2011-11-03 20:50 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\DK Finder 2015-04-09 15:17 - 2011-10-28 13:49 - 00000000 ____D () C:\Program Files (x86)\Java 2015-04-09 15:00 - 2013-08-08 14:32 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-04-09 14:52 - 2013-03-09 09:18 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2573087068-2607692701-1072482724-1000UA.job 2015-04-09 14:52 - 2012-02-29 11:41 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-04-09 14:25 - 2014-02-19 08:24 - 01414875 _____ () C:\Windows\WindowsUpdate.log 2015-04-09 09:52 - 2015-02-05 10:47 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-04-09 09:52 - 2013-03-09 09:18 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2573087068-2607692701-1072482724-1000Core.job 2015-04-09 07:19 - 2014-04-17 08:43 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\Spotify 2015-04-09 07:19 - 2014-04-17 08:43 - 00000000 ____D () C:\Users\Otie\AppData\Local\Spotify 2015-04-09 07:16 - 2011-10-28 13:58 - 00000000 ____D () C:\ProgramData\Temp 2015-04-09 04:38 - 2009-07-14 00:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-04-09 04:38 - 2009-07-14 00:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-04-08 17:43 - 2009-07-14 01:13 - 00787576 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-04-08 17:39 - 2014-09-16 08:47 - 00000433 _____ () C:\Windows\system32\Drivers\etc\hosts.ics 2015-04-08 17:38 - 2015-01-13 16:30 - 00006231 _____ () C:\Windows\setupact.log 2015-04-08 17:37 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-04-08 17:36 - 2015-01-27 14:17 - 00300450 _____ () C:\Windows\PFRO.log 2015-04-08 17:36 - 2011-10-28 15:32 - 00000000 ____D () C:\ProgramData\NVIDIA 2015-04-08 17:18 - 2011-02-10 12:10 - 00787576 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2015-04-08 16:37 - 2015-02-12 09:51 - 00000403 _____ () C:\Users\Otie\Desktop\My DAP Downloads.lnk 2015-04-08 07:23 - 2014-09-29 12:04 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2015-04-08 07:23 - 2014-09-29 12:04 - 00191400 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2015-04-08 07:23 - 2014-09-29 12:04 - 00190888 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2015-04-08 07:23 - 2014-09-29 12:04 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2015-04-08 07:23 - 2013-11-29 13:38 - 00000000 ____D () C:\ProgramData\Oracle 2015-04-08 07:18 - 2014-01-11 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-04-08 07:14 - 2013-07-25 11:40 - 00000000 ____D () C:\Program Files\Soluto 2015-04-07 21:10 - 2011-10-28 13:54 - 00000000 ____D () C:\Temp 2015-04-07 21:08 - 2011-10-28 15:32 - 00000000 ____D () C:\Program Files\NVIDIA Corporation 2015-04-07 20:07 - 2013-07-09 07:48 - 00000000 ____D () C:\ProgramData\Soluto 2015-04-07 20:04 - 2015-02-05 10:47 - 00003652 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-04-07 18:19 - 2012-09-26 07:00 - 00000000 ____D () C:\Program Files (x86)\Ashampoo 2015-04-07 15:46 - 2012-03-24 16:07 - 00000000 ____D () C:\ProgramData\Carbonite 2015-04-07 15:35 - 2013-11-02 07:22 - 00000000 ____D () C:\ProgramData\ProductData 2015-04-07 13:56 - 2011-12-23 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo 2015-04-07 13:51 - 2012-07-21 06:40 - 00000000 ____D () C:\ProgramData\Lavasoft 2015-04-07 13:48 - 2013-10-08 11:00 - 00000000 ____D () C:\Program Files (x86)\AntiLogger 2015-04-07 13:41 - 2014-08-04 20:58 - 00000000 __HDC () C:\ProgramData\{727C5CC8-3A5E-4517-BA8B-35A93F9B2EBD} 2015-04-07 11:06 - 2013-08-08 14:32 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-04-07 11:05 - 2012-05-25 10:52 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-04-07 11:05 - 2011-10-28 13:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-04-07 11:04 - 2015-02-06 10:53 - 00003126 _____ () C:\Windows\System32\Tasks\Trojan Remover 2015-04-07 10:31 - 2013-01-27 10:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-04-07 10:28 - 2014-11-27 11:40 - 01851392 _____ () C:\Users\Otie\Documents\MyAddressBook.eabx 2015-04-07 08:35 - 2013-09-23 13:53 - 00000000 ____D () C:\Users\Otie\Documents\EDocs 2015-04-07 08:24 - 2011-11-12 06:44 - 00000000 ____D () C:\Users\Otie\AppData\Local\Deployment 2015-04-06 08:39 - 2012-02-08 18:43 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\Nitro PDF 2015-04-06 08:10 - 2011-11-11 05:12 - 00000000 ____D () C:\Users\Otie\Documents\Family Tree Maker 2015-04-05 23:59 - 2014-05-11 08:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-04-05 09:46 - 2015-01-20 16:09 - 00000000 ____D () C:\Users\Otie\Documents\Efficient Organizer Backup 2015-04-05 09:46 - 2014-11-27 11:44 - 00000000 ____D () C:\Users\Otie\Documents\Efficient Organizer AutoBackup 2015-04-05 09:34 - 2012-10-28 05:26 - 00000000 ____D () C:\Program Files (x86)\Earth Alerts 2015-04-04 21:26 - 2015-02-17 16:04 - 00000872 _____ () C:\Users\Otie\Desktop\Fishdom Seasons Under the Sea.lnk 2015-04-04 12:47 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF 2015-04-04 09:52 - 2011-11-23 15:55 - 00000000 ____D () C:\Program Files (x86)\Google 2015-04-04 09:46 - 2014-12-27 08:50 - 00000000 ____D () C:\Abelssoft 2015-04-04 09:46 - 2014-11-02 12:23 - 00000000 ____D () C:\Program Files (x86)\PC Shower 2014 2015-04-04 09:46 - 2014-09-05 05:23 - 00000000 ____D () C:\Program Files (x86)\SuperLauncher 2015-04-04 09:46 - 2014-04-22 11:04 - 00000000 ____D () C:\Program Files (x86)\iLike 2015-04-04 09:46 - 2014-03-04 12:18 - 00000000 ____D () C:\Program Files\Family Tree Maker 2014 2015-04-04 09:46 - 2014-01-09 10:16 - 00000000 ____D () C:\Program Files (x86)\linkcollector 2015-04-04 09:46 - 2013-12-19 12:44 - 00000000 ____D () C:\BigFishGamesCache 2015-04-04 09:46 - 2013-12-02 09:10 - 00000000 ____D () C:\Program Files\CyberGhost 5 2015-04-04 09:46 - 2013-07-23 12:49 - 00000000 ____D () C:\Program Files\Badosoft 2015-04-04 09:46 - 2013-02-14 16:25 - 00000000 ____D () C:\Program Files (x86)\TurboTax 2015-04-04 09:46 - 2012-12-31 09:47 - 00000000 ____D () C:\Program Files\DivX 2015-04-04 09:46 - 2012-12-28 07:21 - 00000000 ____D () C:\Program Files (x86)\DAMN NFO Viewer 2015-04-04 09:46 - 2012-02-24 22:18 - 00000000 ____D () C:\Program Files (x86)\iCare Format Recovery 2015-04-04 09:46 - 2012-02-10 07:36 - 00000000 ____D () C:\Program Files (x86)\PRTG Network Monitor 2015-04-04 09:46 - 2011-11-19 17:01 - 00000000 ____D () C:\Program Files (x86)\iTunes 2015-04-04 09:46 - 2011-11-15 05:49 - 00000000 ____D () C:\Program Files (x86)\QuickTime 2015-04-04 09:46 - 2011-11-08 18:36 - 00000000 ____D () C:\Program Files (x86)\Dell V310-V510 Series 2015-04-03 19:00 - 2012-05-01 06:22 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware 2015-04-03 09:29 - 2014-05-21 10:48 - 00377823 _____ () C:\Users\Otie\Through May 2014.amk 2015-04-02 22:06 - 2013-06-13 06:41 - 00000000 ____D () C:\Program Files (x86)\Jigsaw Puzzle Platinum 2 2015-04-02 20:30 - 2012-01-16 16:20 - 00000508 _____ () C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 39c4d925-a8d1-4f3e-b1c2-2488c829fed5.job 2015-04-02 19:25 - 2013-12-14 15:15 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-04-02 19:24 - 2014-11-19 08:00 - 00000000 ___RD () C:\Users\OtieAtkins\Virtual Machines 2015-04-02 18:46 - 2015-02-12 13:28 - 00000000 ____D () C:\ProgramData\SupportAssistAgent 2015-04-02 14:01 - 2013-03-09 09:25 - 00002368 _____ () C:\Users\Otie\Desktop\Google Chrome.lnk 2015-04-02 12:53 - 2014-11-03 08:52 - 00000000 ____D () C:\Users\Otie\AppData\Local\Adobe 2015-04-02 12:30 - 2009-07-14 00:45 - 00774856 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-04-01 23:51 - 2013-11-24 12:58 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\Casual Arts 2015-04-01 14:18 - 2014-02-01 15:18 - 00000274 _____ () C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job 2015-04-01 13:13 - 2014-04-18 14:41 - 00276464 _____ () C:\Users\Otie\AppData\Local\GDIPFONTCACHEV1.DAT 2015-04-01 12:05 - 2011-11-28 10:31 - 00000000 ____D () C:\Users\Otie\Documents\My PDFS 2015-03-31 10:55 - 2014-05-11 08:36 - 00000000 ____D () C:\Program Files (x86)\1-abc 2015-03-31 10:55 - 2012-07-11 06:16 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-abc 2015-03-31 10:24 - 2012-01-28 11:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DK Finder 2015-03-31 07:35 - 2015-02-09 09:08 - 00001341 _____ () C:\Users\Otie\Desktop\younited.lnk 2015-03-31 00:15 - 2014-05-14 22:29 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-03-30 13:18 - 2011-10-28 13:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell 2015-03-29 13:20 - 2013-06-13 18:43 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\4 Friends Games 2015-03-29 10:34 - 2011-11-03 00:51 - 00000000 ____D () C:\Users\Otie\AppData\Local\VirtualStore 2015-03-28 14:18 - 2014-02-01 15:18 - 00000290 _____ () C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job 2015-03-28 11:16 - 2012-01-04 11:28 - 00000000 ___RD () C:\Users\Otie\Documents\My Word Docs 2015-03-27 23:44 - 2014-11-23 22:25 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll 2015-03-27 23:44 - 2014-01-11 22:12 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll 2015-03-27 23:43 - 2014-11-23 22:25 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll 2015-03-27 23:43 - 2014-01-11 22:12 - 01570672 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll 2015-03-27 12:36 - 2015-02-17 16:35 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\Jewel Match Snowscapes 2015-03-27 11:24 - 2015-01-04 08:45 - 00000989 _____ () C:\Users\Otie\Desktop\Clover Tale - The Magic Valley.lnk 2015-03-25 22:25 - 2014-08-09 20:06 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\Hoyle Casino Vol. 1 2015-03-25 10:52 - 2013-06-19 07:59 - 00000000 ____D () C:\Program Files\Zoner 2015-03-25 10:52 - 2012-02-08 20:56 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\Zoner 2015-03-25 10:52 - 2012-02-08 20:56 - 00000000 ____D () C:\Users\Otie\AppData\Local\Zoner 2015-03-25 07:12 - 2011-11-26 10:24 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2015-03-24 22:53 - 2014-12-17 00:16 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\Hoyle Card Games 2012 2015-03-24 10:18 - 2013-11-25 18:19 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\8floor 2015-03-23 16:14 - 2011-11-19 14:11 - 00000000 ____D () C:\Windows\pss 2015-03-22 14:43 - 2011-11-09 07:55 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\Mipony 2015-03-22 14:07 - 2013-08-10 10:28 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\MagicIndie 2015-03-21 06:51 - 2015-01-17 09:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CollageIt Pro 1.9.5 2015-03-21 06:51 - 2014-06-08 07:28 - 00000807 _____ () C:\Users\Public\Desktop\CollageIt.lnk 2015-03-20 06:53 - 2013-12-25 08:30 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\GlarySoft 2015-03-20 06:53 - 2013-12-25 08:30 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 4 2015-03-18 11:23 - 2013-07-25 08:21 - 00000261 _____ () C:\Windows\SysWOW64\_WKERNEL.SYL 2015-03-15 10:32 - 2012-07-24 11:31 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\AlawarEntertainment 2015-03-13 15:41 - 2015-01-26 16:54 - 03303448 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2015-03-13 15:41 - 2014-11-04 16:34 - 00027441 _____ () C:\Windows\system32\nvinfo.pb 2015-03-13 14:02 - 2011-11-03 00:51 - 00000000 ____D () C:\Users\Otie 2015-03-13 12:16 - 2011-02-17 14:10 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2015-03-13 12:16 - 2011-02-17 12:10 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2015-03-13 12:16 - 2011-02-17 12:10 - 00935056 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2015-03-13 12:16 - 2011-02-17 12:10 - 00386248 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2015-03-13 12:16 - 2011-02-17 12:09 - 06861968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2015-03-13 12:16 - 2011-02-17 12:09 - 03526856 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2015-03-12 06:33 - 2014-07-21 06:49 - 00000000 ___RD () C:\Users\Otie\Virtual Machines 2015-03-11 18:55 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache 2015-03-11 17:50 - 2014-05-15 06:29 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-03-11 17:50 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\tracing 2015-03-11 17:50 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2015-03-11 17:50 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\Dism 2015-03-11 17:50 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2015-03-11 17:50 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\AppCompat 2015-03-11 17:28 - 2011-11-18 15:48 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-03-11 09:10 - 2012-10-16 05:54 - 04246327 _____ () C:\Windows\system32\nvcoproc.bin 2015-03-11 05:55 - 2013-10-15 08:30 - 00000000 ____D () C:\Users\Otie\AppData\Roaming\ClassicShell ==================== Files in the root of some directories ======= 2014-03-18 14:11 - 2014-03-18 14:11 - 0000876 _____ () C:\Program Files (x86)\config.xml 2013-05-26 19:34 - 2013-05-26 19:39 - 4167680 _____ () C:\Program Files (x86)\GUTDD86.tmp 2014-03-18 14:11 - 2014-03-18 14:11 - 0088353 _____ () C:\Program Files (x86)\Help.html 2011-03-09 18:34 - 2011-03-09 18:34 - 0002088 _____ () C:\Program Files (x86)\ps.crl 2004-01-13 15:18 - 2004-01-13 15:18 - 0001306 _____ () C:\Program Files (x86)\ps_rootca.crt 2014-03-18 14:25 - 2014-03-18 14:25 - 0002987 _____ () C:\Program Files (x86)\scf.dat 2013-06-04 06:15 - 2013-06-04 06:15 - 0000007 _____ () C:\Program Files (x86)\SysResources Managersyok12.dat 2009-07-11 23:08 - 2009-07-11 23:08 - 0001860 _____ () C:\Program Files (x86)\Common Files\Microsoft.VC90.CRT.manifest 2000-07-15 00:00 - 2000-07-15 00:00 - 0136192 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSDERUN.DLL 2013-09-02 09:18 - 2013-10-05 08:05 - 0001211 _____ () C:\Users\Otie\AppData\Roaming\Ashampoo Gadge It event.log 2012-12-03 08:39 - 2014-02-20 18:50 - 0000567 _____ () C:\Users\Otie\AppData\Roaming\burnaware.ini 2013-01-17 06:45 - 2013-01-17 06:45 - 0000176 _____ () C:\Users\Otie\AppData\Roaming\Earthquakes Meter_Settings.ini 2013-07-24 20:19 - 2013-07-29 16:11 - 0503509 _____ () C:\Users\Otie\AppData\Roaming\log.sflog 2013-07-14 07:17 - 2008-07-07 13:22 - 0000014 _____ () C:\Users\Otie\AppData\Roaming\options.ini 2013-07-14 07:17 - 2012-07-07 13:04 - 0000003 _____ () C:\Users\Otie\AppData\Roaming\options_pdfcombine.ini 2013-07-14 07:17 - 2013-02-23 12:15 - 0000003 _____ () C:\Users\Otie\AppData\Roaming\options_pdfrotator.ini 2011-11-25 12:44 - 2011-11-25 12:44 - 0007859 _____ () C:\Users\Otie\AppData\Roaming\pcouffin.cat 2011-11-25 12:44 - 2011-11-25 12:44 - 0001167 _____ () C:\Users\Otie\AppData\Roaming\pcouffin.inf 2011-11-25 12:44 - 2011-11-25 12:44 - 0000034 _____ () C:\Users\Otie\AppData\Roaming\pcouffin.log 2013-07-14 07:17 - 2013-06-09 09:38 - 0000053 _____ () C:\Users\Otie\AppData\Roaming\setting.ini 2013-07-14 07:17 - 2013-06-08 13:43 - 0000030 _____ () C:\Users\Otie\AppData\Roaming\setup.ini 2013-07-14 07:17 - 2013-06-09 09:30 - 0000043 _____ () C:\Users\Otie\AppData\Roaming\setup_pdfcombine.ini 2013-07-14 07:17 - 2013-06-09 10:34 - 0000043 _____ () C:\Users\Otie\AppData\Roaming\setup_pdfrotator.ini 2013-04-13 15:37 - 2013-04-13 15:37 - 0019634 _____ () C:\Users\Otie\AppData\Roaming\UserTile.png 2011-11-25 12:45 - 2012-11-17 20:06 - 0001173 _____ () C:\Users\Otie\AppData\Roaming\vso_ts_preview.xml 2013-11-07 08:50 - 2014-03-31 10:50 - 0000163 _____ () C:\Users\Otie\AppData\Roaming\WB.CFG 2013-08-14 07:42 - 2013-08-14 07:42 - 0000037 ___SH () C:\Users\Otie\AppData\Local\70149b02515b3bb20dd492.47983420 2011-11-27 07:10 - 2011-11-27 07:10 - 0144324 _____ () C:\Users\Otie\AppData\Local\ars.cache 2011-11-27 07:10 - 2011-11-27 07:10 - 0845123 _____ () C:\Users\Otie\AppData\Local\census.cache 2011-11-08 08:51 - 2015-02-16 09:11 - 0070656 _____ () C:\Users\Otie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2011-11-27 07:02 - 2011-11-27 07:02 - 0000036 _____ () C:\Users\Otie\AppData\Local\housecall.guid.cache 2012-03-05 12:07 - 2012-03-05 12:08 - 0000684 _____ () C:\Users\Otie\AppData\Local\mcset.cfg 2011-11-19 20:24 - 2012-02-11 09:36 - 0002205 _____ () C:\Users\Otie\AppData\Local\PrimoBurnerMM.log 2012-06-14 05:28 - 2012-06-14 05:28 - 0014378 _____ () C:\Users\Otie\AppData\Local\ramcpuversion.txt 2012-03-29 16:42 - 2014-12-21 15:35 - 0007633 _____ () C:\Users\Otie\AppData\Local\resmon.resmoncfg 2013-12-28 08:01 - 2013-12-28 08:02 - 0001156 _____ () C:\Users\Otie\AppData\Local\Tenorshare Music Cleanup.dat 2012-05-20 06:04 - 2005-08-05 11:25 - 0003180 _____ () C:\Users\Otie\AppData\Local\ZortamMp3MediaStudio.iss 2015-04-02 10:48 - 2015-04-02 10:48 - 0198305 _____ () C:\ProgramData\1427983808.bdinstall.bin 2015-04-07 19:53 - 2015-04-07 19:53 - 0037822 _____ () C:\ProgramData\1428450790.bdinstall.bin 2015-04-07 19:57 - 2015-04-07 19:57 - 0096908 _____ () C:\ProgramData\1428450792.bdinstall.bin 2015-04-07 19:57 - 2015-04-07 19:57 - 0032329 _____ () C:\ProgramData\1428451024.bdinstall.bin 2011-11-08 18:34 - 2011-11-08 18:34 - 0000000 _____ () C:\ProgramData\cmn_upld.log 2014-05-19 14:34 - 2014-10-03 16:07 - 0823517 _____ () C:\ProgramData\dlea.log 2012-10-22 14:20 - 2014-06-20 12:25 - 0000309 _____ () C:\ProgramData\dleaDiagnostics.log 2011-11-08 20:58 - 2014-06-20 13:54 - 0283850 _____ () C:\ProgramData\dleaJSW.log 2011-11-08 18:25 - 2014-10-03 16:08 - 3380339 _____ () C:\ProgramData\dleascan.log 2011-11-09 04:19 - 2011-11-09 04:19 - 0000252 _____ () C:\ProgramData\FastPics.log 2011-11-08 18:34 - 2011-11-08 18:34 - 0000000 _____ () C:\ProgramData\LxWbGwLog.log 2015-04-07 10:48 - 2015-04-07 20:03 - 0000193 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc 2014-09-03 13:37 - 2015-02-22 14:17 - 0000799 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc 2013-11-10 08:08 - 2013-12-09 17:02 - 0000152 _____ () C:\ProgramData\zen_msave.log Some content of TEMP: ==================== C:\Users\Otie\AppData\Local\Temp\AQOle32.dll C:\Users\Otie\AppData\Local\Temp\AQShell32.dll C:\Users\OtieAtkins\AppData\Local\Temp\ToolwizUpdate532493.exe C:\Users\OtieAtkins\AppData\Local\Temp\ToolwizUpdate581322.exe C:\Users\OtieAtkins\AppData\Local\Temp\ToolwizUpdate663019.exe C:\Users\OtieAtkins\AppData\Local\Temp\ToolwizUpdate83527006.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-04-08 08:13 ==================== End Of Log ============================