==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-2573087068-2607692701-1072482724-1000_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {1F0B2544-9468-D082-12B5-7AEE85889A47} No File CustomCLSID: HKU\S-1-5-21-2573087068-2607692701-1072482724-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Otie\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2573087068-2607692701-1072482724-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2573087068-2607692701-1072482724-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2573087068-2607692701-1072482724-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Otie\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2573087068-2607692701-1072482724-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Otie\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2573087068-2607692701-1072482724-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Otie\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2573087068-2607692701-1072482724-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Otie\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2573087068-2607692701-1072482724-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> No File Path CustomCLSID: HKU\S-1-5-21-2573087068-2607692701-1072482724-1000_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {435ADCB2-9468-D082-E44C-2BB285889A47} No File CustomCLSID: HKU\S-1-5-21-2573087068-2607692701-1072482724-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Otie\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2573087068-2607692701-1072482724-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Otie\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2573087068-2607692701-1072482724-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Otie\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\FileSyncApi64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2573087068-2607692701-1072482724-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Otie\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2573087068-2607692701-1072482724-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Otie\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2573087068-2607692701-1072482724-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Otie\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-2573087068-2607692701-1072482724-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Otie\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll (Dropbox, Inc.) ==================== Restore Points ========================= 04-04-2015 13:00:10 Windows Update 07-04-2015 13:39:50 AA11 07-04-2015 20:02:05 Removed Soluto 08-04-2015 17:11:37 Tweaking.com - Windows Repair 09-04-2015 02:14:00 Windows Update 09-04-2015 08:43:02 Removed Java 7 Update 45 (64-bit) 09-04-2015 15:08:31 Removed Java 7 Update 67 09-04-2015 15:15:48 Removed Java(TM) 6 Update 35 ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 22:34 - 2014-05-15 19:21 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {03BBFB1A-D017-4D98-BB56-69BE57508C4D} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Users\Otie\Desktop\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-11] (Tweaking.com) Task: {0E3D49FB-B7D9-4D6D-B987-08096B80E8E2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2573087068-2607692701-1072482724-1000Core => C:\Users\Otie\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-09] (Google Inc.) Task: {12F448D1-B6A1-4BB1-9BD7-9974401EFF2F} - System32\Tasks\HP AR Program Upload - 53a39bcf9deb45ee8414de53894d1a8fde7bd13890b74b9c9c1a03e5b1928701 => C:\Program Files\HP\HP Officejet 6600\bin\HPRewards.exe [2012-10-17] (TODO: ) Task: {1444ED83-6955-4917-B479-A65639113A27} - System32\Tasks\Csb_IdleScan_Task => C:\Program Files (x86)\Anvisoft\Cloud System Booster\CloudSystemBooster.exe [2013-12-23] (Anvisoft) Task: {189F9C91-4B4A-4398-AC85-6DCC54FCE03A} - System32\Tasks\{47D22CE5-3F29-4FB5-B4C4-29DDB8101E99} => pcalua.exe -a "S:\Installations\IBM Lotus Organizer 6\instmsia.exe" -d "S:\Installations\IBM Lotus Organizer 6" Task: {1BE0EC41-3748-4F29-9C5B-9C520589E289} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation) Task: {31115BCA-5E6C-4938-8348-8AC506DD4A07} - System32\Tasks\Daihinia Versioncheck => H:\Program Files (x86)\Daihinia\verchk.exe [2013-10-03] () Task: {373DD677-B158-4178-8730-C6856B232771} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-03-04] (Dell Inc.) Task: {39AD1188-17F5-4711-AAD2-850C126CD774} - System32\Tasks\PicturethrillUpdate => C:\Users\Otie\AppData\Local\Aristov\Picturethrill\PicturethrillUpdate.exe [2013-01-06] (Kodi Studios) Task: {3D438549-E6BF-4475-A7D8-D137894E6944} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-12-01] (Apple Inc.) Task: {3D5F2902-CCB1-4185-9CE7-155A5592996B} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe Task: {3EC0BF75-D5A0-43C5-B4E6-7616F61B95FF} - System32\Tasks\Trojan Remover => C:\Program Files\Loaris\Trojan Remover\ltr.exe [2015-03-27] (Loaris Inc.) Task: {444105C1-CF59-4C4F-AC33-1CE98529EC4D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation) Task: {46694077-7943-4FA6-9B64-E83E17A71807} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "http://www.roboform.com/test-pass.html?aaa=KICMLMKJIMOMLMKJJMLJCNMJHMNMNJCNLMOMLMLMCNHMJJMMHMCNOJNMNJNMJMLJMMOMHMGMGMLMJNJICMIMCNGMCNOMNMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMOMFMEKMICNJJCKFMOMOMHMMMJNHICMMJBJKJLIMJJNBJCMALLIGJKJJNKJCMJNNICMJNDJCMKJBJJNMJCMNMFMHMOMMMFMPMJNFICMGJLJKJBJLIGJLIGJKJMIBNKJHIKJ" Task: {47199922-4CFB-431F-A622-40925306661B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {496BAE96-514B-45FF-91E3-72A79D46A160} - \media enhance-chromeinstaller No Task File <==== ATTENTION Task: {49B2C43F-A3B5-40A8-B4CA-A987B09F7358} - System32\Tasks\Picturethrill => C:\Users\Otie\AppData\Local\Aristov\Picturethrill\Picturethrill.exe [2013-01-06] (Kodi Studios) Task: {4D0528DA-EB24-4EDC-95E4-DE6D960E33C6} - System32\Tasks\MotoHelper Initial Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] () Task: {4F8DA387-0E45-4461-98CF-124E294F1297} - System32\Tasks\{D0E42776-13AC-4E8B-B99F-8CA95AA499FA} => pcalua.exe -a I:\Temp\IncrediBackup_install(2).exe -d I:\Temp Task: {55D72D11-7B8C-4678-BAD9-DFAA16CBDF85} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation) Task: {5C30AEEE-3A71-4DD5-82B0-95D3F057808C} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-03-20] (PC-Doctor, Inc.) Task: {5E815D0D-6E33-4A0A-B5E4-4EE2722B240C} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe Task: {61E453EC-EFA2-47F3-92DF-A8DFC321BE43} - System32\Tasks\{E539C191-8E14-4FC1-9B75-B85630A731D9} => pcalua.exe -a C:\PROGRA~2\COMMON~1\RandSync\SetupHelper.exe -d C:\Windows\system32 -c /AG "C:\PROGRA~2\COMMON~1\RandSync\Master.ini" Task: {625A6589-4C7E-40D5-BDD0-823D1440A3C2} - System32\Tasks\ASCU8_SkipUac_Otie => F:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\ASC.exe Task: {693AAC4A-7300-4AFA-88A7-D26AF2590548} - System32\Tasks\{E29C5E7D-217E-49F5-980A-D3881A968F3A} => pcalua.exe -a C:\Downloads\BR14_Compact_ea_x64-November2014.exe -d C:\Downloads Task: {69BFC808-4F20-4C0F-944D-8730BEEE7993} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.) Task: {6B0B6537-EC5D-4440-8E54-109760910AC5} - System32\Tasks\ASCU8_PerformanceMonitor => F:\Program Files (x86)\IObit\Advanced SystemCare Ultimate 8\Monitor.exe Task: {6E10A4D3-9F91-483E-9078-6A6038AD1459} - System32\Tasks\{15B02C7E-64B7-41E2-BE9D-F35B74B6D147} => pcalua.exe -a C:\Users\Otie\Downloads\IncrediBackup_install.exe -d C:\Users\Otie\Downloads Task: {729D206D-8989-4B4D-BF88-1948D23681D5} - System32\Tasks\SlimCleaner Run => C:\Program Files (x86)\SlimCleaner\SlimCleaner.exe [2013-07-10] (SlimWare Utilities, Inc.) Task: {74E48617-9A5C-47A4-A05B-D8DB4915F0F3} - System32\Tasks\{D9F1D141-8D32-46D7-9C2E-5D9C8A7BE007} => pcalua.exe -a S:\Downloads\Yosumin.exe -d S:\Downloads Task: {75D52D39-7180-41BD-965F-458F181B0094} - System32\Tasks\FileSearchyPro_SkipUAC => C:\Program Files (x86)\FileSearchy Pro\FileSearchyPro.exe [2014-09-27] () Task: {7822ABE8-B037-4A02-AA0E-F2533A551810} - \media enhance-enabler No Task File <==== ATTENTION Task: {80543CB2-9444-4E92-83EF-3DC121C6A0A6} - System32\Tasks\SUPERAntiSpyware Scheduled Task 39c4d925-a8d1-4f3e-b1c2-2488c829fed5 => F:\program files\superantispyware\SASTask.exe Task: {82EE79B2-AEF3-4696-A055-7C8BE18BE8BD} - \media enhance-updater No Task File <==== ATTENTION Task: {84A4B791-0C97-4859-AF55-57A36F2D1253} - System32\Tasks\{691744EF-9315-4942-95FF-527F53B812EA} => P:\BigFish Games\Abra Academy\lzrzzjm.exe [2008-09-17] () Task: {8A0AA8B5-33E7-41FC-B0A8-3E9E73A204DE} - \media enhance-codedownloader No Task File <==== ATTENTION Task: {8E54E38B-0705-4854-86F3-60E161A37063} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-03-16] (Glarysoft Ltd) Task: {90862628-CEEA-4403-8BE8-B4604D52BE5D} - System32\Tasks\{4C1DEF42-B84A-44D5-B0EB-F520E2766DBD} => pcalua.exe -a "C:\Users\Otie\Documents\My Completed Downloads\DiscWizardSetup-14387.en.exe" -d "C:\Users\Otie\Documents\My Completed Downloads" Task: {94C15B7C-D7ED-4303-B537-9E16E1AB2DAF} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-03-20] (PC-Doctor, Inc.) Task: {9694F065-D7D7-4225-9999-0EDB7FEF7219} - System32\Tasks\{82BDF963-A64B-49AD-8355-9123218215FD} => pcalua.exe -a "S:\Installations\IBM Lotus Organizer 6\instmsiw.exe" -d "S:\Installations\IBM Lotus Organizer 6" Task: {9CB15615-1595-4BE9-ACDB-4F1926E143AA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.) Task: {A0B286F8-C37A-44CD-BFD3-FF2FF59CB82A} - \LaunchApp No Task File <==== ATTENTION Task: {A9710A3C-72F8-44EA-BC2F-3C4F57C9B5AC} - System32\Tasks\{9E4A3EF9-0373-48CB-A84B-7932BA0CCB8A} => pcalua.exe -a C:\Temp\PandoSetupNCI.exe -d C:\Users\Otie\Desktop Task: {B8A678AF-39EF-4090-80D2-4F2DBE20C7D9} - System32\Tasks\{88380C96-5A21-4BA1-96BB-264243933746} => pcalua.exe -a C:\Downloads\BR14_Compact_ea_x64.exe -d C:\Downloads Task: {B8DE219B-C4A4-4051-B09B-55E06965CE81} - System32\Tasks\MotoHelper MUM => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] () Task: {B9F371EC-057E-4D90-B38F-7C5367DF4A25} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-03-16] (Glarysoft Ltd) Task: {BE46A3CA-352C-46C0-A24F-FA31B18016C1} - System32\Tasks\Anvi Ultimate Defrag => H:\Program Files (x86)\Anvisoft\Anvi Ultimate Defrag\ScheduleDefrag.exe [2013-05-16] (Anvisoft) Task: {C05ABA7B-F132-44DF-A2E8-1516257A0194} - System32\Tasks\{38C72E5B-20D2-4EE1-BA04-2A9AF7489D4B} => pcalua.exe -a P:\Games\Mystery_of_Unicorn_Castle\Mystery_of_Unicorn_Castle.exe -d P:\Games\Mystery_of_Unicorn_Castle Task: {C0AC2938-22DA-4CFF-B5E4-1A450FE4919A} - \media enhance-firefoxinstaller No Task File <==== ATTENTION Task: {C32CFBB9-F856-4C91-9464-9D21385BF672} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-07] (Adobe Systems Incorporated) Task: {C59B1BCC-D613-4DD8-8524-6FE55BCD3111} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2573087068-2607692701-1072482724-1000UA => C:\Users\Otie\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-09] (Google Inc.) Task: {CA5DFA1A-B1CF-4814-BA2E-CF023EC02C2B} - System32\Tasks\Driver Booster SkipUAC (Otie) => C:\Program Files (x86)\IObit\Driver Booster 2 Pro\DriverBooster.exe [2014-10-22] (IObit) Task: {CB0E267B-E656-4F94-92BF-EEE16829D4A5} - System32\Tasks\{39A6F5A5-69F3-40B4-9551-6C802E74C28F} => pcalua.exe -a H:\Temp\MysticLegacyGreatRing.exe -d H:\Temp Task: {CB99AFFB-B06D-4E6B-9C90-560F18661CAE} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2015-01-30] (Siber Systems) Task: {CECAA81C-AAB7-42DC-9B86-9E8908B55EDC} - System32\Tasks\CCleanerSkipUAC => H:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd) Task: {CF0FC61D-5BC5-4390-A525-A18140126712} - System32\Tasks\Uninstaller_SkipUac_Otie => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-01-04] (IObit) Task: {D5EF5DB5-0381-4447-87FD-1FAF6FB95696} - System32\Tasks\{7FA7D5DA-493B-47FA-937D-634DEE6E0E4F} => pcalua.exe -a C:\Downloads\ReflectionsLifeTreeDreamsCE.exe -d C:\Downloads Task: {DC39CD21-8163-43E2-A006-D885C763FA32} - \DigitalSite No Task File <==== ATTENTION Task: {E009226C-337A-402E-98EA-D2B45379339E} - System32\Tasks\MotoHelper Routing => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] () Task: {E12F7773-2249-4F92-AEF1-280B91CAA1B0} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {E470113A-B0E7-4BE5-A11C-8ED58E906238} - System32\Tasks\{AF1B2D7E-C5ED-42E6-A161-9336A8F585E9} => P:\BigFish Games\Abra Academy\lzrzzjm.exe [2008-09-17] () Task: {ED29282F-3949-4574-B2E0-ED1BF181D500} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation) Task: {F068AEBB-43DF-4386-8901-7779D0BDEA35} - System32\Tasks\SUPERAntiSpyware Scheduled Task 7bf20141-dabc-4caa-9489-a9d4d6c4a0d6 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2011-05-04] (SUPERAdBlocker.com) Task: {F1311F3C-47D4-4CE1-A55F-D014865B7F4C} - System32\Tasks\MotoHelper Update => C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperUpdate.exe [2011-12-06] () Task: {F1475062-A2A1-4F31-8D4F-7DE846530372} - System32\Tasks\HPCustParticipation HP Officejet 6600 => C:\Program Files\HP\HP Officejet 6600\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.) Task: {FAE4A4A5-7496-4F9D-9B62-D2726148011B} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon3\Bin\mxup.exe [2014-12-11] (Maxthon International ltd.) Task: C:\Windows\Tasks\1 Copernic Intra-Daily ~Otie-PC Otie.job => C:\Program Files (x86)\Copernic Agent\CopernicAgent.exe Task: C:\Windows\Tasks\2 Copernic Daily ~Otie-PC Otie.job => C:\Program Files (x86)\Copernic Agent\CopernicAgent.exe Task: C:\Windows\Tasks\3 Copernic Weekly ~Otie-PC Otie.job => C:\Program Files (x86)\Copernic Agent\CopernicAgent.exe/TRACK 3 Copernic Weekly OtieOn a weekly basis.TAg Task: C:\Windows\Tasks\4 Copernic Monthly ~Otie-PC Otie.job => C:\Program Files (x86)\Copernic Agent\CopernicAgent.exe Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe Task: C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2573087068-2607692701-1072482724-1000Core.job => C:\Users\Otie\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2573087068-2607692701-1072482724-1000UA.job => C:\Users\Otie\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 39c4d925-a8d1-4f3e-b1c2-2488c829fed5.job => F:\program files\superantispyware\SASTask.exedF:\program files\superantispyware\SUPERANTISPYWARE.EXE Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 7bf20141-dabc-4caa-9489-a9d4d6c4a0d6.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe ==================== Loaded Modules (whitelisted) ============== 2011-04-19 17:34 - 2011-04-19 17:34 - 00132096 _____ () C:\Users\Otie\AppData\Roaming\Avanquest\PowerDesk\FileMonitor64.dll 2013-11-22 07:57 - 2013-05-15 15:00 - 00073064 _____ () C:\Program Files (x86)\FarStone TotalRecovery\EFB\FBAgent.exe 2011-11-08 18:37 - 2009-12-31 02:17 - 00053760 _____ () C:\Windows\System32\DLEAPMON.DLL 2011-11-08 18:37 - 2009-01-13 09:15 - 05709824 _____ () C:\Windows\System32\DLEAOEM.DLL 2011-11-08 18:26 - 2009-11-04 08:17 - 00189440 _____ () C:\Windows\system32\spool\PRTPROCS\x64\dleadrpp.dll 2014-01-25 08:06 - 2012-07-30 11:48 - 01518504 _____ () H:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe 2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2012-08-31 10:03 - 2012-08-31 10:03 - 00014336 _____ () C:\Program Files (x86)\OpenDNS\DNSCrypt\OpenDNSCryptService.exe 2014-05-19 10:34 - 2013-03-11 11:43 - 00135888 _____ () C:\Program Files (x86)\RestoreIT 2014\IBP\fsloader.exe 2012-08-31 10:03 - 2012-08-31 10:03 - 00537918 _____ () C:\Program Files (x86)\OpenDNS\DNSCrypt\dnscrypt-proxy.exe 2014-09-03 06:26 - 2013-12-12 11:32 - 01114608 _____ () C:\Program Files (x86)\Common Files\Appkeys\yytool64.exe 2012-10-16 05:54 - 2015-03-13 12:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2013-11-22 07:57 - 2012-11-14 18:07 - 00071024 _____ () C:\Program Files (x86)\FarStone TotalRecovery\EFB\DCNTranProc.exe 2014-05-22 06:55 - 2013-12-02 09:29 - 00163328 _____ () C:\Program Files\Genie9\Genie Timeline\GSTimelineIconOverlay.gtl 2014-05-22 06:55 - 2013-11-20 03:39 - 00045568 _____ () C:\Program Files\Genie9\Genie Timeline\GSLogging.gtl 2014-05-22 06:55 - 2013-12-02 09:29 - 00211456 _____ () C:\Program Files\Genie9\Genie Timeline\Settings.gtl 2014-05-22 06:55 - 2013-11-20 03:39 - 00089600 _____ () C:\Program Files\Genie9\Genie Timeline\GSEncryption.gtl 2010-07-15 00:44 - 2010-07-15 00:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll 2013-07-17 07:54 - 2013-07-17 07:54 - 00220672 _____ () C:\Program Files (x86)\Steganos Privacy Suite 14\ShellExtension.dll 2014-06-17 07:41 - 2014-06-17 07:41 - 03525431 _____ () C:\Program Files (x86)\PrivaZer\PrivaMenu5.dll 2013-09-06 07:39 - 2012-08-01 15:44 - 00139024 _____ () H:\Program Files (x86)\Razer\Razer Game Booster\GBV3ContextMenu.dll 2008-05-21 17:56 - 2008-05-21 17:56 - 01122304 _____ () C:\Program Files (x86)\CalendarPal\CalendarPal.exe 2013-11-22 07:57 - 2013-08-01 10:59 - 00088576 _____ () C:\Program Files (x86)\FarStone TotalRecovery\EFB\zlibwapi.dll 2013-11-22 07:57 - 2013-10-12 11:00 - 00296448 _____ () C:\Program Files (x86)\FarStone TotalRecovery\EFB\FBCmdDsp.dll 2013-11-22 07:57 - 2013-10-29 10:12 - 00052736 _____ () C:\Program Files (x86)\FarStone TotalRecovery\EFB\FlBckpBk.dll 2013-11-22 07:57 - 2013-10-08 17:12 - 00087040 _____ () C:\Program Files (x86)\FarStone TotalRecovery\EFB\EasyFuncs.dll 2013-11-22 07:57 - 2013-10-12 11:00 - 00217600 _____ () C:\Program Files (x86)\FarStone TotalRecovery\EFB\DiskMgr.dll 2013-11-22 07:57 - 2013-07-19 11:42 - 00241664 _____ () C:\Program Files (x86)\FarStone TotalRecovery\EFB\diskpart.dll 2013-11-22 07:57 - 2013-10-12 11:00 - 00017408 _____ () C:\Program Files (x86)\FarStone TotalRecovery\EFB\VDiskConvert.dll 2013-11-22 07:57 - 2013-04-07 12:08 - 00011776 _____ () C:\Program Files (x86)\FarStone TotalRecovery\EFB\VHDiskMgr.dll 2013-11-22 07:57 - 2013-06-05 11:21 - 00153088 _____ () C:\Program Files (x86)\FarStone TotalRecovery\EFB\FileFind.dll 2013-11-22 07:57 - 2012-11-14 18:06 - 00050544 _____ () C:\Program Files (x86)\FarStone TotalRecovery\EFB\Fat32.dll 2013-11-22 07:57 - 2012-11-14 18:07 - 00132464 _____ () C:\Program Files (x86)\FarStone TotalRecovery\EFB\NtfsLib.dll 2013-11-22 07:57 - 2013-10-12 10:58 - 00289792 _____ () C:\Program Files (x86)\FarStone TotalRecovery\EFB\FlBckpRt.dll 2013-11-22 07:57 - 2013-10-08 16:36 - 00088576 _____ () C:\Program Files (x86)\FarStone TotalRecovery\EFB\EfbCheckImg.dll 2013-11-22 07:57 - 2013-08-19 12:13 - 00215552 _____ () C:\Program Files (x86)\FarStone TotalRecovery\EFB\DiskClone.dll 2013-11-22 07:57 - 2013-10-09 16:23 - 00194560 _____ () C:\Program Files (x86)\FarStone TotalRecovery\EFB\EFBSearchTool.dll 2013-11-22 07:57 - 2013-04-07 12:08 - 00022528 _____ () C:\Program Files (x86)\FarStone TotalRecovery\EFB\FBEventMgr.dll 2013-11-22 07:57 - 2012-11-14 18:06 - 00157552 _____ () C:\Program Files (x86)\FarStone TotalRecovery\EFB\FtpPipeModule.dll 2013-11-22 07:57 - 2013-04-07 11:25 - 00013824 _____ () C:\Program Files (x86)\FarStone TotalRecovery\EFB\VssBackup.dll 2014-05-19 10:34 - 2013-03-11 11:43 - 00180992 _____ () C:\Program Files (x86)\RestoreIT 2014\IBP\diskpart.dll 2014-05-19 10:34 - 2014-01-08 16:11 - 00110592 _____ () C:\Program Files (x86)\RestoreIT 2014\IBP\Snapshot.dll 2014-05-19 10:34 - 2013-03-11 11:43 - 00156368 _____ () C:\Program Files (x86)\RestoreIT 2014\IBP\FSDOS.dll 2014-05-19 10:34 - 2013-03-11 11:44 - 00082736 _____ () C:\Program Files (x86)\RestoreIT 2014\IBP\UVFilter.dll 2014-05-19 10:34 - 2013-03-11 11:44 - 00099024 _____ () C:\Program Files (x86)\RestoreIT 2014\IBP\VBcfgEx.dll 2014-05-19 10:34 - 2013-03-11 11:43 - 00066320 _____ () C:\Program Files (x86)\RestoreIT 2014\IBP\DiskMsg.dll 2014-05-19 10:34 - 2013-03-11 11:44 - 00226072 _____ () C:\Program Files (x86)\RestoreIT 2014\IBP\vbioctl.dll 2014-05-19 10:34 - 2013-03-11 11:43 - 00037584 _____ () C:\Program Files (x86)\RestoreIT 2014\IBP\FindFileStart.dll 2013-11-22 07:57 - 2012-11-14 18:07 - 00091584 _____ () C:\Program Files (x86)\FarStone TotalRecovery\EFB\TransferManager.dll 2013-11-22 07:57 - 2012-11-14 18:06 - 00062832 _____ () C:\Program Files (x86)\FarStone TotalRecovery\EFB\CommonFun.dll 2013-11-22 07:57 - 2012-11-14 18:06 - 00054712 _____ () C:\Program Files (x86)\FarStone TotalRecovery\EFB\FTPFunModule.dll 2013-11-22 07:57 - 2012-11-14 18:07 - 00617952 _____ () C:\Program Files (x86)\FarStone TotalRecovery\EFB\XpIcfOpt.dll 2014-11-13 16:36 - 2014-11-13 16:36 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ba8588c3319d63350220ec2ac3eb2c36\IsdiInterop.ni.dll 2011-10-28 13:49 - 2010-09-13 18:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2012-08-28 12:32 - 2012-08-15 14:11 - 00053248 _____ () H:\Program Files (x86)\DAP\zlib.dll 2015-03-30 22:18 - 2015-03-27 23:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2014-01-06 09:24 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madExcept_.bpl 2014-01-06 09:24 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madBasic_.bpl 2014-01-06 09:24 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Uninstaller\madDisAsm_.bpl 2012-05-11 01:21 - 2012-05-11 01:21 - 00172544 _____ () C:\Windows\SysWow64\iMobileDisk.dll 2013-02-21 08:17 - 2013-02-21 08:17 - 00033128 _____ () C:\Program Files (x86)\IncrediMail\Bin\IMHttpComm.dll 2013-02-21 08:17 - 2013-02-21 08:17 - 00072104 _____ () C:\Program Files (x86)\IncrediMail\Bin\wlessfp1.dll 2013-02-21 08:17 - 2013-02-21 08:17 - 00268712 _____ () C:\Program Files (x86)\IncrediMail\Bin\ImLookExU.dll 2015-04-02 13:58 - 2015-03-30 17:07 - 01174856 _____ () C:\Users\Otie\AppData\Local\Google\Chrome\Application\41.0.2272.118\libglesv2.dll 2015-04-02 13:58 - 2015-03-30 17:07 - 00080200 _____ () C:\Users\Otie\AppData\Local\Google\Chrome\Application\41.0.2272.118\libegl.dll 2015-04-02 13:58 - 2015-03-30 17:07 - 09279304 _____ () C:\Users\Otie\AppData\Local\Google\Chrome\Application\41.0.2272.118\pdf.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Windows\system.ini:c1_encryption_d AlternateDataStreams: C:\Windows\system.ini:c1_encryption_e AlternateDataStreams: C:\Windows\win.ini:c1_encryption_d AlternateDataStreams: C:\Windows\win.ini:c1_encryption_e AlternateDataStreams: C:\Windows\system32\Drivers\vftibgjt.sys:changelist AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns1 AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns2 AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns3 AlternateDataStreams: C:\ProgramData\Nalpeiron:user.ns4 AlternateDataStreams: C:\ProgramData\Temp:03A039A3 AlternateDataStreams: C:\ProgramData\Temp:0441DB7A AlternateDataStreams: C:\ProgramData\Temp:04FCF942 AlternateDataStreams: C:\ProgramData\Temp:070D9534 AlternateDataStreams: C:\ProgramData\Temp:0785072C AlternateDataStreams: C:\ProgramData\Temp:090FB735 AlternateDataStreams: C:\ProgramData\Temp:091193F8 AlternateDataStreams: C:\ProgramData\Temp:0A74923C AlternateDataStreams: C:\ProgramData\Temp:0AC32449 AlternateDataStreams: C:\ProgramData\Temp:0B352B60 AlternateDataStreams: C:\ProgramData\Temp:0D0F6CE7 AlternateDataStreams: C:\ProgramData\Temp:0DACB2B7 AlternateDataStreams: C:\ProgramData\Temp:101708D3 AlternateDataStreams: C:\ProgramData\Temp:12D21A9A AlternateDataStreams: C:\ProgramData\Temp:16A4620C AlternateDataStreams: C:\ProgramData\Temp:1828723E AlternateDataStreams: C:\ProgramData\Temp:1B927722 AlternateDataStreams: C:\ProgramData\Temp:1CE11B51 AlternateDataStreams: C:\ProgramData\Temp:260575F1 AlternateDataStreams: C:\ProgramData\Temp:26499772 AlternateDataStreams: C:\ProgramData\Temp:2B9B6BC0 AlternateDataStreams: C:\ProgramData\Temp:2BC498A4 AlternateDataStreams: C:\ProgramData\Temp:2CB9631F AlternateDataStreams: C:\ProgramData\Temp:2CEFEABF AlternateDataStreams: C:\ProgramData\Temp:33DB8278 AlternateDataStreams: C:\ProgramData\Temp:370E4EFB AlternateDataStreams: C:\ProgramData\Temp:373E1720 AlternateDataStreams: C:\ProgramData\Temp:3C282BEA AlternateDataStreams: C:\ProgramData\Temp:4DDE401B AlternateDataStreams: C:\ProgramData\Temp:517EFA90 AlternateDataStreams: C:\ProgramData\Temp:553CA6CA AlternateDataStreams: C:\ProgramData\Temp:561B1D2B AlternateDataStreams: C:\ProgramData\Temp:56E2E879 AlternateDataStreams: C:\ProgramData\Temp:5704AA2B AlternateDataStreams: C:\ProgramData\Temp:5BC73C48 AlternateDataStreams: C:\ProgramData\Temp:5D351BC6 AlternateDataStreams: C:\ProgramData\Temp:5E9E3A14 AlternateDataStreams: C:\ProgramData\Temp:60A4BB64 AlternateDataStreams: C:\ProgramData\Temp:614F17D3 AlternateDataStreams: C:\ProgramData\Temp:62EBE39C AlternateDataStreams: C:\ProgramData\Temp:6B50A605 AlternateDataStreams: C:\ProgramData\Temp:7757A6D4 AlternateDataStreams: C:\ProgramData\Temp:7BE5BAAB AlternateDataStreams: C:\ProgramData\Temp:7C412B92 AlternateDataStreams: C:\ProgramData\Temp:7DC5D762 AlternateDataStreams: C:\ProgramData\Temp:80F63EC3 AlternateDataStreams: C:\ProgramData\Temp:81067530 AlternateDataStreams: C:\ProgramData\Temp:834DD57E AlternateDataStreams: C:\ProgramData\Temp:84D15556 AlternateDataStreams: C:\ProgramData\Temp:84E7BFEB AlternateDataStreams: C:\ProgramData\Temp:918B7566 AlternateDataStreams: C:\ProgramData\Temp:93B1FB40 AlternateDataStreams: C:\ProgramData\Temp:93F3E4C9 AlternateDataStreams: C:\ProgramData\Temp:94B46CA2 AlternateDataStreams: C:\ProgramData\Temp:9812B773 AlternateDataStreams: C:\ProgramData\Temp:98DFF516 AlternateDataStreams: C:\ProgramData\Temp:9A870F8B AlternateDataStreams: C:\ProgramData\Temp:9B285B76 AlternateDataStreams: C:\ProgramData\Temp:9D06FB9C AlternateDataStreams: C:\ProgramData\Temp:A07E3E9D AlternateDataStreams: C:\ProgramData\Temp:A3B8F70C AlternateDataStreams: C:\ProgramData\Temp:A7596EAE AlternateDataStreams: C:\ProgramData\Temp:A9662AE0 AlternateDataStreams: C:\ProgramData\Temp:AA0017FD AlternateDataStreams: C:\ProgramData\Temp:AA8AD2BF AlternateDataStreams: C:\ProgramData\Temp:AD2DB2F9 AlternateDataStreams: C:\ProgramData\Temp:B0456F0C AlternateDataStreams: C:\ProgramData\Temp:B06385AA AlternateDataStreams: C:\ProgramData\Temp:B1CD2545 AlternateDataStreams: C:\ProgramData\Temp:B36361EE AlternateDataStreams: C:\ProgramData\Temp:B42826C8 AlternateDataStreams: C:\ProgramData\Temp:BFE23423 AlternateDataStreams: C:\ProgramData\Temp:C22674B6 AlternateDataStreams: C:\ProgramData\Temp:C826D367 AlternateDataStreams: C:\ProgramData\Temp:C83012A4 AlternateDataStreams: C:\ProgramData\Temp:CA400C1B AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1 AlternateDataStreams: C:\ProgramData\Temp:D3331ADB AlternateDataStreams: C:\ProgramData\Temp:D3A82449 AlternateDataStreams: C:\ProgramData\Temp:D5CCCBAA AlternateDataStreams: C:\ProgramData\Temp:D6255023 AlternateDataStreams: C:\ProgramData\Temp:D7698CA1 AlternateDataStreams: C:\ProgramData\Temp:DF3CC840 AlternateDataStreams: C:\ProgramData\Temp:E0F0F1BE AlternateDataStreams: C:\ProgramData\Temp:E40EED9B AlternateDataStreams: C:\ProgramData\Temp:E51234A9 AlternateDataStreams: C:\ProgramData\Temp:EAF3ADF5 AlternateDataStreams: C:\ProgramData\Temp:EB86F355 AlternateDataStreams: C:\ProgramData\Temp:EC0A74A1 AlternateDataStreams: C:\ProgramData\Temp:F5E90ED3 AlternateDataStreams: C:\ProgramData\Temp:F68098AE AlternateDataStreams: C:\ProgramData\Temp:F89F2593 AlternateDataStreams: C:\ProgramData\Temp:F8B88761 AlternateDataStreams: C:\ProgramData\Temp:FA206A00 AlternateDataStreams: C:\ProgramData\Temp:FB7C85A7 AlternateDataStreams: C:\Users\Otie\Downloads:Shareaza.GUID AlternateDataStreams: C:\Users\Otie\Desktop\FRST64.exe:BDU AlternateDataStreams: C:\Users\Otie\Downloads\FearSaleEndlessVoyageCE.exe:BDU AlternateDataStreams: C:\Users\Otie\Downloads\Kerish_Doctor_4.60 (1).exe:BDU AlternateDataStreams: C:\Users\Otie\Downloads\Kerish_Doctor_4.60.exe:BDU AlternateDataStreams: C:\Users\Otie\Downloads\procexp.exe:BDU ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION! HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION! HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION! HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION! ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: Apple Mobile Device => 2 MSCONFIG\Services: ASO3DiskOptimizer => 2 MSCONFIG\Services: SpotfluxUpdate => 3 MSCONFIG\Services: Zoolz 2 Service => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Event Planner Reminder.lnk => C:\Windows\pss\Event Planner Reminder.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Intuit Data Protect.lnk => C:\Windows\pss\Intuit Data Protect.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Lotus Organizer EasyClip.lnk => C:\Windows\pss\Lotus Organizer EasyClip.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk => C:\Windows\pss\QuickBooks Update Agent.lnk.CommonStartup MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^QuickBooks_Standard_21.lnk => C:\Windows\pss\QuickBooks_Standard_21.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Otie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => C:\Windows\pss\Facebook Messenger.lnk.Startup MSCONFIG\startupfolder: C:^Users^Otie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnkStartup MSCONFIG\startupfolder: C:^Users^Otie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup MSCONFIG\startupfolder: C:^Users^Otie^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^younited.lnk => C:\Windows\pss\younited.lnk.Startup MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: AntiLogger => "C:\Program Files (x86)\AntiLogger\AntiLogger.exe" /minimized MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: Ashampoo Core Tuner => C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner\autostarter.exe MSCONFIG\startupreg: BackupSF3 => H:/Program Files (x86)/BackupSF3/BackupSF3.exe -h MSCONFIG\startupreg: boincmgr => "E:\Program Files (x86)\BOINC\boincmgr.exe" /a /s MSCONFIG\startupreg: boinctray => "E:\Program Files (x86)\BOINC\boinctray.exe" MSCONFIG\startupreg: CalendarPal => C:\Program Files (x86)\CalendarPal\CalendarPal.exe -min MSCONFIG\startupreg: Chameleon System Monitor => "C:\Program Files (x86)\Common Files\Chameleon Manager\monitor.exe" /startup MSCONFIG\startupreg: Classic Start Menu => "C:\Program Files\Classic Shell\ClassicStartMenu.exe" -autorun MSCONFIG\startupreg: CloudBerry Box => C:\Program Files\CloudBerryLab\CloudBerry Box\CloudBerryBox.exe MSCONFIG\startupreg: CPMonitor => "E:\Program Files (x86)\Roxio 2010\5.0\CPMonitor.exe" MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min MSCONFIG\startupreg: DayMate => "I:\Program Files (x86)\DayMate\daymate.exe" MSCONFIG\startupreg: Dell V310-V510 Series => "C:\Program Files (x86)\Dell V310-V510 Series\fm3032.exe" /s MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe" MSCONFIG\startupreg: Digiarty_Software_AirPlayit => "E:\Program Files (x86)\Digiarty\WinX_DVD_Ripper_Platinum_Streamer_Edition\Air_Playit_Server\airplayit.exe" -min MSCONFIG\startupreg: EaseUs Tray => "C:\Program Files (x86)\EaseUS\Todo Backup\bin\TrayNotify.exe" MSCONFIG\startupreg: EaseUs Watch => "C:\Program Files (x86)\EaseUS\Todo Backup\bin\EuWatch.exe" MSCONFIG\startupreg: EzPrint => "C:\Program Files (x86)\Dell V310-V510 Series\ezprint.exe" MSCONFIG\startupreg: Facebook Update => "C:\Users\Otie\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver MSCONFIG\startupreg: facemoods => "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I MSCONFIG\startupreg: Google Update => "C:\Users\Otie\AppData\Local\Google\Update\GoogleUpdate.exe" /c MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun MSCONFIG\startupreg: Handy Start Menu => "C:\Users\Otie\AppData\Local\ChemTable Software\Handy Start Menu\HandyStartMenu.exe" /Enable MSCONFIG\startupreg: HDInspector.exe => F:\Program Files (x86)32\Hard Drive Inspector\HDInspector.exe MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe MSCONFIG\startupreg: IconixOEAddOn => "C:\Program Files (x86)\Iconix\OEAddOn\OEdmn_6.exe" MSCONFIG\startupreg: Intuit SyncManager => "C:\Program Files (x86)\Common Files\Intuit\Sync\IntuitSyncManager.exe startup" MSCONFIG\startupreg: IObit Malware Fighter => "H:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: MegaPanel => "C:\Program Files (x86)\National Consumer Panel\NCP Internet Transporter\HSTrans.exe" MSCONFIG\startupreg: NeroLauncher => "C:\Program Files (x86)\Nero\SyncUP\NeroLauncher.exe 900" MSCONFIG\startupreg: NielsenOnline => C:\Program Files (x86)\NetRatingsNetSight\NetSight\NielsenOnline.exe MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" MSCONFIG\startupreg: Pando => "C:\Program Files (x86)\Pando Networks\Pando\pando.exe" /Minimized MSCONFIG\startupreg: QNPlus => H:\Program Files (x86)\Conceptworld\QNPlus\QNPlus.exe MSCONFIG\startupreg: QuickTime Task => "E:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: Reader Application Helper => C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe" MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe" MSCONFIG\startupreg: SearchSettings => "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart MSCONFIG\startupreg: Soluto => c:\program files\soluto\soluto.exe /init MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Otie\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" MSCONFIG\startupreg: Telist 6.0 => H:\Program Files (x86)\Telist60\telist.exe MSCONFIG\startupreg: TrayIcRun => "C:\Program Files (x86)\ArcadeWeb\tray.exe" MSCONFIG\startupreg: TrueImageMonitor.exe => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe MSCONFIG\startupreg: UIWatcher => H:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 4\UIWatcher.exe MSCONFIG\startupreg: Uniblue ProcessQuickLink 2 => "C:\Program Files (x86)\Uniblue\ProcessQuickLink 2\ProcessQuickLink2.exe" /autostart MSCONFIG\startupreg: UpdReg => C:\Windows\UpdReg.EXE MSCONFIG\startupreg: WinPatrol => E:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe -expressboot MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 15\Program32\ZPSTRAY.EXE ==================== Accounts: ============================= Administrator (S-1-5-21-2573087068-2607692701-1072482724-500 - Administrator - Disabled) Guest (S-1-5-21-2573087068-2607692701-1072482724-501 - Limited - Enabled) HomeGroupUser$ (S-1-5-21-2573087068-2607692701-1072482724-1016 - Limited - Enabled) IME_ADMIN (S-1-5-21-2573087068-2607692701-1072482724-1007 - Limited - Enabled) IME_USER (S-1-5-21-2573087068-2607692701-1072482724-1006 - Limited - Enabled) Otie (S-1-5-21-2573087068-2607692701-1072482724-1000 - Administrator - Enabled) => C:\Users\Otie OtieAtkins (S-1-5-21-2573087068-2607692701-1072482724-1013 - Administrator - Enabled) => C:\Users\OtieAtkins PrivacyOptimizerFP (S-1-5-21-2573087068-2607692701-1072482724-1011 - Limited - Enabled) _ocster_backup_ (S-1-5-21-2573087068-2607692701-1072482724-1017 - Administrator - Enabled) => C:\Users\_ocster_backup_ _supereasy_1cbackup_ (S-1-5-21-2573087068-2607692701-1072482724-1014 - Administrator - Enabled) => C:\Users\_supereasy_1cbackup_ ==================== Faulty Device Manager Devices ============= Name: TAP-Windows Adapter V9 Description: TAP-Windows Adapter V9 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: TAP-Windows Provider V9 Service: tap0901 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: TAP-Windows Adapter V9 #2 Description: TAP-Windows Adapter V9 Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: TAP-Windows Provider V9 Service: tap0901 Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: AntiLog32 Description: AntiLog32 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: AntiLog32 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Microsoft 6to4 Adapter Description: Microsoft 6to4 Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Microsoft ISATAP Adapter Description: Microsoft ISATAP Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Microsoft Virtual WiFi Miniport Adapter Description: Microsoft Virtual WiFi Miniport Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: vwifimp Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Microsoft ISATAP Adapter #2 Description: Microsoft ISATAP Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Microsoft ISATAP Adapter #3 Description: Microsoft ISATAP Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Microsoft ISATAP Adapter #4 Description: Microsoft ISATAP Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Microsoft ISATAP Adapter #5 Description: Microsoft ISATAP Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. Name: Teredo Tunneling Pseudo-Interface Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ========================= Application errors: ================== System errors: ============= Error: (04/09/2015 01:41:23 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY) Description: The following fatal alert was received: 80. Error: (04/08/2015 05:39:25 PM) (Source: ipnathlp) (EventID: 30013) (User: ) Description: 192.168.0.103192.168.137.0255.255.255.0 Error: (04/08/2015 05:39:25 PM) (Source: ipnathlp) (EventID: 1233) (User: ) Description: Error: (04/08/2015 05:39:09 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: SUHDCrypt Error: (04/08/2015 05:38:17 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FBAgent service. Error: (04/08/2015 05:36:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The AdvancedSystemCareAntivirus service failed to start due to the following error: %%3 Error: (04/08/2015 05:35:12 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: \??\C:\Windows\SysWow64\Drivers\PDisk.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. Error: (04/08/2015 05:17:56 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the DellDataVault service. Error: (04/08/2015 05:17:21 PM) (Source: ipnathlp) (EventID: 1233) (User: ) Description: Error: (04/08/2015 07:22:52 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: The Intuit Update Service v4 service hung on starting. Microsoft Office Sessions: ========================= CodeIntegrity Errors: =================================== Date: 2014-04-24 14:41:36.157 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\PMEMNT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-04-24 14:41:36.056 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\PMEMNT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-04-24 08:10:41.721 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\PMEMNT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-04-24 08:10:41.636 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\PMEMNT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-04-20 20:22:26.949 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\PMEMNT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-04-20 20:22:26.864 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\PMEMNT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-04-18 23:50:29.950 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\PMEMNT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-04-18 23:50:29.803 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\PMEMNT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-04-18 13:59:17.841 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\PMEMNT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2014-04-18 13:59:17.743 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\SysWOW64\drivers\PMEMNT.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz Percentage of memory in use: 36% Total physical RAM: 12270.45 MB Available physical RAM: 7808.95 MB Total Pagefile: 28268.63 MB Available Pagefile: 23089.91 MB Total Virtual: 8192 MB Available Virtual: 8191.84 MB ==================== Drives ================================ Drive c: (OS) (Fixed) (Total:800.53 GB) (Free:190.96 GB) NTFS Drive e: (Main drive data) (Fixed) (Total:1049.2 GB) (Free:253.04 GB) NTFS Drive f: (New Volume) (Fixed) (Total:2794.39 GB) (Free:2482.92 GB) NTFS Drive h: (Programs) (Fixed) (Total:931.51 GB) (Free:128.24 GB) NTFS Drive p: (New Volume) (Fixed) (Total:473.63 GB) (Free:267.52 GB) NTFS Drive r: (Backups) (Fixed) (Total:457.88 GB) (Free:299.99 GB) NTFS Drive s: (Games Misc) (Fixed) (Total:341.8 GB) (Free:302.72 GB) NTFS Drive t: (Music) (Fixed) (Total:1055.46 GB) (Free:226.56 GB) NTFS Drive z: (RECOVERY) (Fixed) (Total:13.25 GB) (Free:3.23 GB) NTFS ==>[System with boot components (obtained from reading drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 1863 GB) (Disk ID: F5DD099C) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Active) - (Size=13.2 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=800.5 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=1049.2 GB) - (Type=OF Extended) Attempted reading MBR returned 0 bytes. Could not read MBR for disk 1. ======================================================== Disk: 2 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 1012F27D) Partition 1: (Not Active) - (Size=473.6 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=457.9 GB) - (Type=OF Extended) ======================================================== Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BFEDE0C3) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 8 (MBR Code: Windows XP) (Size: 1397.3 GB) (Disk ID: 28DC55AD) Partition 1: (Not Active) - (Size=341.8 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=1055.5 GB) - (Type=07 NTFS) ==================== End Of Log ============================