Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Need help removing Virus, Spyware and/or Malware


  • Please log in to reply

#1
otieatkins

otieatkins

    Member

  • Member
  • PipPipPip
  • 105 posts
My system keeps stalling (a little round circle keeps spinning) and then the display jumps and I can continue. It happens when I am typing (like here about 5 times already), when deleting emails and when browsing (not responding). Windows 7, 12 gb ram, 3.8 ghz. I tried restoring but it did not help.

OTL logfile created on: 10/9/2013 7:17:15 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Otie\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16686)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

11.98 Gb Total Physical Memory | 7.21 Gb Available Physical Memory | 60.18% Memory free
23.96 Gb Paging File | 17.88 Gb Available in Paging File | 74.63% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 800.53 Gb Total Space | 617.57 Gb Free Space | 77.15% Space Free | Partition Type: NTFS
Drive E: | 1049.20 Gb Total Space | 158.57 Gb Free Space | 15.11% Space Free | Partition Type: NTFS
Drive H: | 931.51 Gb Total Space | 401.69 Gb Free Space | 43.12% Space Free | Partition Type: NTFS
Drive S: | 341.80 Gb Total Space | 76.29 Gb Free Space | 22.32% Space Free | Partition Type: NTFS
Drive T: | 1055.46 Gb Total Space | 61.10 Gb Free Space | 5.79% Space Free | Partition Type: NTFS

Computer Name: OTIE-PC | User Name: Otie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/10/09 19:15:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Otie\Desktop\OTL.exe
PRC - [2013/10/08 23:00:08 | 001,862,536 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
PRC - [2013/10/05 14:41:17 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013/09/30 18:23:04 | 004,153,784 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
PRC - [2013/09/30 18:23:02 | 004,329,408 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
PRC - [2013/09/24 02:43:09 | 017,905,064 | ---- | M] (Zemana Ltd.) -- C:\Program Files (x86)\AntiLogger\AntiLogger.exe
PRC - [2013/09/02 13:03:12 | 001,360,192 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
PRC - [2013/09/02 13:00:36 | 000,807,800 | ---- | M] (Spigot, Inc.) -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
PRC - [2013/08/22 20:33:53 | 000,109,784 | ---- | M] (Siber Systems) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2013/08/16 18:09:02 | 001,549,120 | ---- | M] (IObit) -- H:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
PRC - [2013/07/11 14:31:00 | 004,215,440 | ---- | M] (H.D.S. Hungary) -- C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
PRC - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2013/06/13 02:27:38 | 001,236,336 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe
PRC - [2013/06/13 02:27:36 | 018,834,784 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAware.exe
PRC - [2013/04/25 16:54:10 | 000,335,168 | ---- | M] (IObit) -- H:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
PRC - [2013/03/06 09:06:22 | 003,824,272 | ---- | M] (Speedbit Ltd.) -- H:\Program Files (x86)\DAP\DAP.exe
PRC - [2013/02/21 08:17:01 | 000,367,016 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
PRC - [2013/02/21 08:17:01 | 000,264,616 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
PRC - [2012/12/22 14:44:03 | 007,664,960 | ---- | M] (Toolwiz.com) -- C:\Program Files (x86)\ToolwizCareFree\ToolwizTools.exe
PRC - [2012/12/22 14:44:03 | 005,190,976 | ---- | M] (Toolwiz) -- C:\Program Files (x86)\ToolwizCareFree\ToolwizCares.exe
PRC - [2012/09/20 05:39:12 | 003,677,000 | ---- | M] (GFI Software) -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe
PRC - [2012/08/31 10:03:00 | 000,537,918 | ---- | M] () -- C:\Program Files (x86)\OpenDNS\DNSCrypt\dnscrypt-proxy.exe
PRC - [2012/08/31 10:03:00 | 000,098,072 | ---- | M] (OpenDNS) -- C:\Program Files (x86)\OpenDNS\DNSCrypt\OpenDNSInterface.exe
PRC - [2012/08/31 10:03:00 | 000,014,336 | ---- | M] () -- C:\Program Files (x86)\OpenDNS\DNSCrypt\OpenDNSCryptService.exe
PRC - [2012/02/02 16:48:48 | 002,880,856 | ---- | M] () -- H:\games\FamilyVacationCalifornia\Family Vacation - California\FamilyVacation.exe
PRC - [2010/09/13 19:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/06/16 17:42:58 | 000,839,680 | ---- | M] () -- C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe
PRC - [2009/05/05 23:32:10 | 001,287,168 | ---- | M] (FSL - FreeSoftLand) -- H:\Program Files (x86)\FSL\FSL_Launcher\FSL_Launcher.exe
PRC - [2003/06/02 18:28:16 | 000,229,433 | ---- | M] (Lotus Development Corporation) -- C:\lotus\org6\organize\EasyClip6.exe


========== Modules (No Company Name) ==========

MOD - [2013/10/08 23:00:08 | 016,233,864 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
MOD - [2013/10/05 14:41:11 | 003,364,464 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013/10/05 08:02:08 | 000,036,864 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\YouTubeCom.dll
MOD - [2013/10/03 21:08:25 | 000,010,752 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\zsharenet.dll
MOD - [2013/10/03 21:08:24 | 000,012,800 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\XSevenTo.dll
MOD - [2013/10/03 21:08:23 | 000,012,800 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\SpdFileCom.dll
MOD - [2013/10/03 21:08:21 | 000,011,776 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\fivegiganet.dll
MOD - [2013/10/03 21:08:21 | 000,010,240 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\MegaUploadCom.dll
MOD - [2013/09/12 03:25:49 | 017,477,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\c0593e0b0fafb24a15548809f246d9e0\System.ServiceModel.ni.dll
MOD - [2013/09/12 03:21:57 | 011,914,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\0cb40437ecbf8ab60a297ff419b7f830\System.Web.ni.dll
MOD - [2013/08/14 03:39:05 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\e043ad64456256a8ee5b934e227d9782\System.Runtime.Serialization.ni.dll
MOD - [2013/08/14 03:39:03 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\1327ad2637aab17189c5461fbf30dc19\SMDiagnostics.ni.dll
MOD - [2013/08/14 03:38:42 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\9a1bc983c28c695729b3e46acdc6933e\System.Management.ni.dll
MOD - [2013/08/14 03:36:07 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\c664f44617c6a89edcc171fa8596c89d\System.ServiceProcess.ni.dll
MOD - [2013/08/14 03:35:40 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\28ea347a952d20959ac6ae02d7457d39\System.Windows.Forms.ni.dll
MOD - [2013/08/14 03:35:36 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll
MOD - [2013/08/14 03:35:33 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll
MOD - [2013/08/14 03:35:30 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\8f7d83126a3cf283e5ac97f2d6d99f12\System.Configuration.ni.dll
MOD - [2013/08/14 03:35:15 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll
MOD - [2013/07/11 03:45:00 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll
MOD - [2013/03/06 09:17:14 | 000,009,216 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\AddonsCondition.dll
MOD - [2013/02/21 08:17:03 | 000,072,104 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\wlessfp1.dll
MOD - [2013/02/21 08:17:02 | 000,268,712 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\ImLookExU.dll
MOD - [2013/02/21 08:17:02 | 000,133,544 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\ImComUtlU.dll
MOD - [2013/02/21 08:17:02 | 000,033,128 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\IMHttpComm.dll
MOD - [2013/02/09 07:38:16 | 000,080,296 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\ImAppRU.dll
MOD - [2013/02/05 19:34:30 | 000,797,184 | ---- | M] () -- H:\Program Files (x86)\Audials\Audials 10\ac3filter.ax
MOD - [2013/01/23 17:17:12 | 000,108,888 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\PMC.dll
MOD - [2012/02/02 16:48:48 | 002,880,856 | ---- | M] () -- H:\games\FamilyVacationCalifornia\Family Vacation - California\FamilyVacation.exe
MOD - [2011/11/09 10:40:46 | 008,013,088 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2011/11/01 14:27:40 | 000,118,784 | ---- | M] () -- H:\Program Files (x86)\Batch Picture Resizer\DLLReg.dll
MOD - [2010/06/16 17:42:58 | 000,839,680 | ---- | M] () -- C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe


========== Services (SafeList) ==========

SRV:64bit: - File not found [On_Demand | Stopped] -- c:\Program Files\Ocster Backup\bin\backupService-ox.exe -- (ocster_backup)
SRV:64bit: - File not found [On_Demand | Stopped] -- C:\Program Files\iPod\bin\iPodService.exe -- (iPod Service)
SRV:64bit: - File not found [Disabled | Stopped] -- C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe /service -- (GsServer)
SRV:64bit: - [2013/08/04 07:10:22 | 000,453,648 | ---- | M] (Genie9) [Auto | Running] -- C:\Program Files\Genie9\Zoolz2\ZoolzService.exe -- (Zoolz 2 Service)
SRV:64bit: - [2013/07/24 10:49:08 | 000,182,848 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoLauncherService.exe -- (SolutoLauncherService)
SRV:64bit: - [2013/07/24 10:49:06 | 000,798,784 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)
SRV:64bit: - [2013/07/24 09:53:36 | 001,942,528 | ---- | M] (GlavSoft LLC.) [On_Demand | Stopped] -- C:\Program Files\Soluto\SolutoRemoteService.exe -- (SolutoRemoteService)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/03/26 18:13:08 | 000,230,416 | ---- | M] (Nitro PDF Software) [On_Demand | Stopped] -- C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe -- (NitroReaderDriverReadSpool3)
SRV:64bit: - [2012/10/22 06:45:27 | 000,479,480 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\FileMind\FileMind.Windows.Service.exe -- (Filemind.Windows.Service)
SRV:64bit: - [2012/09/25 14:56:38 | 000,301,760 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService.exe)
SRV:64bit: - [2012/09/07 22:49:59 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2012/08/13 17:27:44 | 000,292,736 | ---- | M] (Puran Software) [Disabled | Stopped] -- C:\Windows\SysNative\PuranDefragS.exe -- (PuranDefrag)
SRV:64bit: - [2012/02/03 16:18:04 | 006,378,128 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [On_Demand | Running] -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe -- (CarboniteService)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/05/21 22:20:04 | 000,045,224 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\dleaserv.exe -- (dleaCATSCustConnectService)
SRV:64bit: - [2009/12/09 16:24:07 | 001,047,552 | ---- | M] ( ) [On_Demand | Stopped] -- C:\Windows\SysNative\dleacoms.exe -- (dlea_device)
SRV - [2013/10/08 23:00:08 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013/10/05 14:41:16 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/09/30 18:23:04 | 004,153,784 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2013/09/02 13:00:36 | 000,807,800 | ---- | M] (Spigot, Inc.) [Auto | Running] -- C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe -- (Application Updater)
SRV - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013/06/13 02:27:38 | 001,236,336 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service)
SRV - [2013/06/06 04:48:26 | 000,102,400 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\DiskBoss\bin\diskbsa.exe -- (DiskBoss Service)
SRV - [2013/05/31 16:38:33 | 000,176,128 | ---- | M] (Covalent Storage Systems) [On_Demand | Stopped] -- C:\Program Files (x86)\DigitalLifeboat\Data Protection Service\DataProtectionUpdateService.exe -- (Digital Lifeboat Update Service)
SRV - [2013/05/31 16:38:33 | 000,010,240 | ---- | M] (Covalent Storage Systems) [On_Demand | Stopped] -- C:\Program Files (x86)\DigitalLifeboat\Data Protection Service\DataProtectionService.exe -- (Digital Lifeboat Backup Service)
SRV - [2013/05/28 14:36:16 | 000,580,232 | ---- | M] (WiseCleaner.com) [On_Demand | Stopped] -- H:\Program Files (x86)\GOTD\Wise\Wise Care 365\BootTime.exe -- (WiseBootAssistant)
SRV - [2013/04/25 16:54:10 | 000,335,168 | ---- | M] (IObit) [Auto | Running] -- H:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe -- (IMFservice)
SRV - [2013/04/18 16:58:08 | 000,574,272 | ---- | M] (IObit) [On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe -- (AdvancedSystemCareService6)
SRV - [2013/03/16 13:13:06 | 000,023,624 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe -- (Guard Agent)
SRV - [2013/03/16 13:00:52 | 000,068,168 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe -- (EaseUS Agent)
SRV - [2012/12/29 06:34:47 | 001,260,472 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012/09/20 05:39:12 | 003,677,000 | ---- | M] (GFI Software) [Auto | Running] -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc)
SRV - [2012/08/31 10:03:00 | 000,014,336 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\OpenDNS\DNSCrypt\OpenDNSCryptService.exe -- (DNSCrypt)
SRV - [2012/08/23 13:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2012/07/27 16:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/05/23 14:52:58 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe -- (Sony SCSI Helper Service)
SRV - [2012/03/19 05:28:52 | 000,043,072 | ---- | M] (ArcSoft, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe -- (ADExchange)
SRV - [2012/03/13 12:52:20 | 001,429,976 | ---- | M] (SuperEasy Software) [On_Demand | Stopped] -- H:\Program Files (x86)\SuperEasy Software\Live Defrag\supereasydefragservice.exe -- (SuperEasy Software Defrag Service)
SRV - [2012/02/09 17:08:38 | 004,345,616 | ---- | M] (Paessler AG) [On_Demand | Stopped] -- C:\Program Files (x86)\PRTG Network Monitor\PRTG Server.exe -- (PRTGCoreService)
SRV - [2012/02/09 17:08:36 | 003,835,152 | ---- | M] (Paessler AG) [On_Demand | Stopped] -- C:\Program Files (x86)\PRTG Network Monitor\PRTG Probe.exe -- (PRTGProbeService)
SRV - [2012/01/28 11:16:44 | 000,020,549 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\SMTPing\Apache\bin\httpd.exe -- (Apache2.2)
SRV - [2012/01/23 19:34:32 | 000,284,512 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Iconix\IconixService.exe -- (IconixService)
SRV - [2011/12/06 17:00:14 | 000,214,896 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011/10/28 13:56:13 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/08/18 11:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [On_Demand | Stopped] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011/08/02 15:38:54 | 001,164,848 | ---- | M] (Acronis) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011/07/13 13:52:34 | 000,150,920 | ---- | M] (Dell Products, LP.) [On_Demand | Stopped] -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2011/04/01 12:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/03/28 12:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/10/01 12:27:22 | 000,632,792 | ---- | M] (PC Tools) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2010/09/30 12:52:42 | 000,045,056 | ---- | M] (Intuit) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2010/09/17 18:04:30 | 001,251,840 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe -- (QBVSS)
SRV - [2010/09/13 19:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/08/25 21:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/05/21 22:20:04 | 000,045,224 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe -- (dleaCATSCustConnectService)
SRV - [2009/12/09 15:35:58 | 000,593,920 | ---- | M] ( ) [On_Demand | Stopped] -- C:\Windows\SysWOW64\dleacoms.exe -- (dlea_device)
SRV - [2009/08/27 18:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009/08/24 21:16:12 | 000,544,768 | ---- | M] (mst software GmbH, Germany) [Auto | Running] -- H:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2013\DfSdkS64.exe -- (DfSdkS)
SRV - [2009/07/23 22:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/08/07 12:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2006/06/05 20:57:00 | 000,024,576 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\SMTPing\PyCron\pycron.exe -- (PyCron)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/10/08 11:01:02 | 000,049,240 | ---- | M] (Zemana Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AntiLog64.sys -- (AntiLog32)
DRV:64bit: - [2013/07/24 09:53:10 | 000,054,728 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Soluto.sys -- (Soluto)
DRV:64bit: - [2013/07/16 07:45:18 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
DRV:64bit: - [2013/06/26 19:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 19:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 19:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 19:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2013/06/06 02:37:04 | 000,204,032 | ---- | M] (WinISO.com) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\WinisoCDBus.sys -- (WinisoCDBus)
DRV:64bit: - [2013/04/27 08:51:27 | 000,035,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys -- (WPRO_41_2001)
DRV:64bit: - [2013/04/11 11:06:54 | 000,039,504 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gfiark.sys -- (gfiark)
DRV:64bit: - [2013/03/16 12:52:22 | 000,189,000 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EuFdDisk.sys -- (EUFDDISK)
DRV:64bit: - [2013/03/16 12:49:12 | 000,048,200 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EUBKMON.sys -- (EUBKMON)
DRV:64bit: - [2013/03/16 12:43:54 | 000,018,504 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\eudskacs.sys -- (EUDSKACS)
DRV:64bit: - [2013/03/16 12:40:42 | 000,058,952 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\eubakup.sys -- (EUBAKUP)
DRV:64bit: - [2013/03/07 13:37:54 | 000,019,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2013/03/07 13:37:32 | 000,009,584 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2013/02/26 11:48:08 | 000,039,248 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hotcore3.sys -- (hotcore3)
DRV:64bit: - [2013/02/25 01:27:45 | 000,194,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/02/05 19:34:43 | 000,047,240 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd)
DRV:64bit: - [2012/12/22 14:44:06 | 000,052,544 | ---- | M] (Toolwiz.com) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\KSafeDISK.sys -- (KSafeDISK)
DRV:64bit: - [2012/12/22 14:44:06 | 000,050,496 | ---- | M] (Toolwiz.com) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BTOWSVF.sys -- (BTOWSVF)
DRV:64bit: - [2012/12/22 14:44:06 | 000,032,576 | ---- | M] (Toolwiz.com) [File_System | System | Running] -- C:\Windows\SysNative\drivers\BTOWSFF.sys -- (BTOWSFF)
DRV:64bit: - [2012/12/21 14:53:58 | 000,017,480 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv)
DRV:64bit: - [2012/12/21 14:53:58 | 000,009,800 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv)
DRV:64bit: - [2012/12/09 05:51:20 | 000,126,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2012/09/04 14:40:40 | 000,433,976 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2012/07/19 23:21:13 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rrnetcap.sys -- (RRNetCapMP)
DRV:64bit: - [2012/07/19 23:21:13 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rrnetcap.sys -- (RRNetCap)
DRV:64bit: - [2012/03/08 19:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/01/19 22:13:46 | 000,970,336 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2012/01/19 22:13:37 | 000,277,088 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2012/01/06 09:43:14 | 000,276,256 | ---- | M] (Digiarty Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DigiartyVirtualCDBus.sys -- (DigiartyVirtualCDBus)
DRV:64bit: - [2011/12/26 15:27:24 | 000,015,288 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\ampa.sys -- (ampa)
DRV:64bit: - [2011/11/25 12:44:22 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2011/11/14 09:11:10 | 000,572,336 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Uim_IMx64.sys -- (Uim_IM)
DRV:64bit: - [2011/11/14 09:11:10 | 000,352,816 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uim_vimx64.sys -- (Uim_VIM)
DRV:64bit: - [2011/11/14 09:11:10 | 000,059,184 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uimx64.sys -- (UimBus)
DRV:64bit: - [2011/10/28 15:27:52 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/10/28 15:27:52 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/10/27 11:18:16 | 000,027,224 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\ggcfdrv.sys -- (ggcfdrv)
DRV:64bit: - [2011/10/26 14:23:36 | 000,057,976 | ---- | M] (GFI Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\sbredrv.sys -- (SBRE)
DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/07/01 14:16:40 | 000,031,232 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2011/04/04 15:55:54 | 000,021,504 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp)
DRV:64bit: - [2011/03/31 15:53:40 | 000,030,208 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2011/03/18 14:46:20 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2011/03/18 14:46:06 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/20 00:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/10/15 21:28:18 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/09/14 08:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/07/01 13:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2010/06/17 11:14:12 | 000,024,152 | R--- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FarMntIo.sys -- (FarMntIo)
DRV:64bit: - [2010/05/20 19:42:44 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/04/01 15:44:06 | 000,026,624 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Motousbnet.sys -- (Motousbnet)
DRV:64bit: - [2010/03/19 04:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/02/27 11:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009/02/12 15:11:26 | 000,026,024 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\rsdrvx64.sys -- (ElRawDisk)
DRV:64bit: - [2009/01/29 18:18:12 | 000,009,216 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl)
DRV:64bit: - [2009/01/29 18:11:38 | 000,006,144 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motfilt.sys -- (BTCFilterService)
DRV:64bit: - [2007/11/02 16:52:02 | 000,008,576 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motswch.sys -- (MotoSwitchService)
DRV:64bit: - [2006/11/01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2013/09/30 18:23:02 | 000,045,208 | ---- | M] (Emsisoft GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys -- (a2injectiondriver)
DRV - [2013/08/24 18:22:58 | 000,070,960 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys -- (a2acc)
DRV - [2013/08/19 18:22:58 | 000,057,024 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys -- (cleanhlp)
DRV - [2013/03/28 19:03:02 | 000,026,176 | ---- | M] (Emsisoft GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys -- (A2DDA)
DRV - [2013/03/28 19:03:02 | 000,017,384 | ---- | M] (Emsisoft GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys -- (a2util)
DRV - [2013/03/26 19:34:08 | 000,023,016 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- H:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\UrlFilter.sys -- (UrlFilter)
DRV - [2013/03/26 19:33:52 | 000,034,336 | ---- | M] (IObit.com) [Kernel | On_Demand | Running] -- H:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\RegFilter.sys -- (RegFilter)
DRV - [2013/03/23 15:48:46 | 000,023,048 | ---- | M] (IObit) [File_System | On_Demand | Running] -- H:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys -- (FileMonitor)
DRV - [2012/12/21 14:54:00 | 000,014,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv)
DRV - [2012/12/21 14:53:58 | 000,009,160 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2012/10/20 06:16:34 | 000,208,256 | ---- | M] (Pdisk Foundation) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\PDisk.sys -- (SUHDCrypt)
DRV - [2012/08/01 15:44:04 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- H:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2012/06/08 03:28:32 | 000,015,664 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2011/12/26 15:27:22 | 000,012,728 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\ampa.sys -- (ampa)
DRV - [2011/10/27 11:18:16 | 000,027,224 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysWOW64\drivers\ggcfdrv.sys -- (ggcfdrv)
DRV - [2011/08/29 13:19:52 | 000,022,096 | ---- | M] (Paragon Software GmbH) [Kernel | On_Demand | Stopped] -- H:\Program Files (x86)\Paragon_Software\Partition_Manager_11_Personal_Special_Edition\bluescrn\biont_bs.sys -- (BioNT_BS)
DRV - [2011/06/02 11:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes,DefaultScope = {006ee092-9658-4fd6-bd8e-a21a348e59f5}
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/...q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.thundercl...start/index.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKCU\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.6\iobitappsToolbarIE.dll (Spigot, Inc.)
IE - HKCU\..\SearchScopes,DefaultScope = {CF608B78-8D59-4B67-AF74-C6EBF1536F09}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snap.do/...q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://lavasoft.blek...q={searchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{977E617C-0D56-4C5E-A3E6-88C2C3A13C25}: "URL" = http://search.yahoo....p={searchTerms}
IE - HKCU\..\SearchScopes\{CF608B78-8D59-4B67-AF74-C6EBF1536F09}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;192.168.*.*

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "GoodSearch"
FF - prefs.js..browser.search.defaulturl: "http://securesearch....097851275ECBF7"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&ilc=12&type=902615"
FF - prefs.js..browser.search.selectedEngine: "GoodSearch"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://thundercloud....tart/index.htm"
FF - prefs.js..extensions.enabledAddons: %7B4c7097f7-08f2-4ef2-9b9f-f95fa4cbb064%7D:1.2
FF - prefs.js..extensions.enabledAddons: isreaditlater%40ideashower.com:3.0.4
FF - prefs.js..extensions.enabledAddons: foxmarks%40kei.com:4.2.3
FF - prefs.js..extensions.enabledAddons: %7Bbadea1ae-72ed-4f6a-8c37-4db9a4ac7bc9%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B31d88f70-c791-42d8-8187-faaf71d42f67%7D:1.0.1159
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.1
FF - prefs.js..extensions.enabledAddons: %7BF17C1572-C9EC-4e5c-A542-D05CBB5C5A08%7D:10.0.5.1
FF - prefs.js..extensions.enabledAddons: daplinkchecker%40speedbit.com:1.0.1.8
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0
FF - prefs.js..keyword.URL: "http://search.yahoo....type=902615&p="
FF - prefs.js..searchreset.backup.browser.search.defaultenginename: "MyStart Search"
FF - prefs.js..browser.startup.homepage: "http://thundercloud.net/start/#"
FF - prefs.js..searchreset.backup.keyword.URL: "http://feed.snap.do/...archtype=ds&q="


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: I:\Program Files (x86)\Google\Picasa3\npPicasa3.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@siber.com/RoboForm: C:\Program Files (x86)\Siber Systems\AI RoboForm\chrome\plugin\np-rf-plugin.dll (Siber Systems Inc.)
FF - HKLM\Software\MozillaPlugins\@sony.com/ReaderDesktop: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nds.com/PCShowPlugin: File not found
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Users\Otie\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)
FF - HKCU\Software\MozillaPlugins\@stickypassword.com/Sticky Password: C:\Program Files (x86)\Sticky Password\npspAutofill.dll (Lamantine Software a.s.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Otie\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Otie\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\en.pixelplan.pl/PIXELPLANWebViewer: C:\Users\Otie\AppData\Roaming\Pixelplan\Pixelplan O4C Viewer Web\1.2.7\npPIXELPLANWebViewer.dll (Pixelplan S.C.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Otie\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Users\Otie\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: H:\Program Files (x86)\DAP\daplinkchecker [2013/03/06 09:06:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2013/08/22 20:35:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/09/21 07:13:57 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/09/21 07:14:02 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013/04/04 07:49:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.5\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: H:\Program Files (x86)\DAP\DAPFireFox [2013/03/06 09:06:26 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: H:\Program Files (x86)\CaptureSaver\Firefox [2013/03/19 09:48:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{54affe52-8223-453b-be1e-2fe2e250045c}: C:\Users\Otie\AppData\Roaming\Lamantine\Sticky Password\spAutofill [2013/08/21 07:26:21 | 000,000,000 | ---D | M]

[2013/08/20 12:09:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Extensions
[2012/11/09 16:34:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Extensions\[email protected]
[2013/10/09 15:41:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\xul7dwdo.default\extensions
[2013/09/15 11:17:43 | 000,000,000 | ---D | M] ("ModPlugin") -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\xul7dwdo.default\extensions\{31d88f70-c791-42d8-8187-faaf71d42f67}
[2013/08/30 07:25:01 | 000,000,000 | ---D | M] (Address Bar Search) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\xul7dwdo.default\extensions\{badea1ae-72ed-4f6a-8c37-4db9a4ac7bc9}
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] ("Xmarks") -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\xul7dwdo.default\extensions\[email protected]
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] (Pocket) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\xul7dwdo.default\extensions\[email protected]
[2013/10/09 15:41:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\xul7dwdo.default\extensions\staged
[2013/09/15 11:17:43 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\xul7dwdo.default\extensions\{31d88f70-c791-42d8-8187-faaf71d42f67}\components\lib\classes\edu\mit\simile\javaFirefoxExtension
[2012/07/06 06:38:56 | 000,123,385 | ---- | M] () (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\xul7dwdo.default\extensions\[email protected]
[2012/10/27 08:24:22 | 000,060,290 | ---- | M] () (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\xul7dwdo.default\extensions\[email protected]
[2013/07/30 08:27:31 | 000,049,303 | ---- | M] () (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\xul7dwdo.default\extensions\{4c7097f7-08f2-4ef2-9b9f-f95fa4cbb064}.xpi
[2013/09/21 07:14:33 | 000,534,729 | ---- | M] () (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\xul7dwdo.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2013/10/09 15:41:46 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\xul7dwdo.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/10/09 15:41:44 | 000,534,789 | ---- | M] () (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\xul7dwdo.default\extensions\staged\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2012/08/20 09:14:10 | 000,010,316 | ---- | M] () -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\xul7dwdo.default\searchplugins\duckduckgo.xml
[2013/02/19 21:14:42 | 000,002,047 | ---- | M] () -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\xul7dwdo.default\searchplugins\goodsearch.xml
[2012/11/28 06:58:53 | 000,002,387 | ---- | M] () -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\xul7dwdo.default\searchplugins\Web Search.xml
[2013/08/22 14:27:04 | 000,000,904 | ---- | M] () -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\xul7dwdo.default\searchplugins\yahoo.xml
[2013/09/21 07:13:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/09/21 07:13:58 | 000,000,000 | ---D | M] (Iconix) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{852B9B5F-E8A7-49b4-B7C3-79A3E8A829F6}
[2013/09/21 07:13:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/09/21 07:13:59 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013/09/21 07:13:56 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/10/05 14:41:17 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/10/09 15:57:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions
[2013/10/09 15:57:45 | 000,000,000 | ---D | M] (Iconix) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{852B9B5F-E8A7-49b4-B7C3-79A3E8A829F6}
[2013/10/09 15:57:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/10/09 15:57:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013/10/09 15:57:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions
[2013/10/09 15:57:45 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\updated\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/03/06 09:06:26 | 000,000,000 | ---D | M] (Download Accelerator Plus (DAP) extension) -- H:\PROGRAM FILES (X86)\DAP\DAPFIREFOX
[2013/03/06 09:06:26 | 000,000,000 | ---D | M] (DAP Link Checker) -- H:\PROGRAM FILES (X86)\DAP\DAPLINKCHECKER
[2013/02/23 09:36:00 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll
[2012/03/20 16:58:32 | 000,196,448 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npIconixProxy110.dll
[2013/02/22 08:04:42 | 000,000,628 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\adawaretb.xml
[2012/11/11 10:26:05 | 000,123,159 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\testlog.txt
[2012/07/11 14:26:14 | 000,001,068 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahootc.xml

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage: http://search.yahoo....r=spigot-yhp-ch
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.26_0\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.26_0\.bak
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc\2.5_0\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodfdknjhecmadheclfjkhhiofeagdbh\1.0.1.9_0\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbmbfafhdccfgdgnbkgogehiklmemkoh\4.2.0_0\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cidjbmjjebfhfjodbphfklcmknafddmb\1.0.0.2_0\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cidjbmjjebfhfjodbphfklcmknafddmb\1.0.0.3_0\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnocophcbjfiimmnhlhleaooedeheifb\1.0.5_0\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\engepbdmoplfpledpbjkagliinaiahch\1.0.2_0\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\flhffmlebdljeojiioaifnbjdgimjidh\1.2.13.0_0\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp\29.0.1547.58_0\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.7_0\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.1_0\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdcnnmifdmlmjffdgeieikcokcogpbej\3.0_0\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kidhjpmgjfbkmcfpfakmdddddgfbhahj\4.6.9_0\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\kikglikieapkdofgcaifhkgmkclbamcm\3.7.0_0\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbnkklencjcmkepldaineciclcheaoef\1.1_1\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk\2.4_0\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\7.2.2_0\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\moddbcckaikhdnigidfcmaeelcobchpm\1.1_0\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nedjejdfkkjgebciefdfofjhmeogiaga\1.24_0\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_0\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole\0.9_0\
CHR - Extension: No name found = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2013/08/31 12:05:56 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (ExplorerWatcher Class) - {F8A6CAA2-533D-4AED-9E05-8EB19A4021AB} - H:\Program Files (x86)\Clover\TabHelper64.dll (EJIE Technology)
O2 - BHO: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.6\iobitappsToolbarIE.dll (Spigot, Inc.)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - Reg Error: Value error. File not found
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Sticky Password Toolbar) - {AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - C:\Program Files (x86)\Sticky Password\spIEBho.dll (Lamantine Software a.s.)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Advanced SystemCare 6\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SpeedBit Link Verification Helper) - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - H:\Program Files (x86)\DAP\LinkVerifier.dll (Speedbit Ltd.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DAPIELoader Class) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - H:\Program Files (x86)\DAP\dapieloader.dll (SpeedBit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - C:\Program Files (x86)\IObit Apps Toolbar\IE\7.6\iobitappsToolbarIE.dll (Spigot, Inc.)
O3 - HKLM\..\Toolbar: (CaptureSaver) - {5148AB7D-8868-4490-B6DA-F98368488582} - H:\Program Files (x86)\CaptureSaver\CaptureSaverIE.dll (www.capturesaver.com)
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Sticky Password Toolbar) - {AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - C:\Program Files (x86)\Sticky Password\spIEBho.dll (Lamantine Software a.s.)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4:64bit: - HKLM..\Run: [Zoolz Tray] C:\Program Files\Genie9\Zoolz2\ZoolzLauncher.exe (Genie9)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [AntiLogger] C:\Program Files (x86)\AntiLogger\AntiLogger.exe (Zemana Ltd.)
O4 - HKLM..\Run: [emsisoft anti-malware] c:\program files (x86)\emsisoft anti-malware\a2guard.exe (Emsisoft GmbH)
O4 - HKCU..\Run: [DownloadAccelerator] H:\Program Files (x86)\DAP\DAP.EXE (Speedbit Ltd.)
O4 - HKCU..\Run: [OpenDNS Updater] C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe ()
O4 - HKCU..\Run: [TaskmgrPro] C:\Program Files\TaskmgrPro\TaskmpStart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8:64bit: - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files (x86)\IncrediMail\Bin\resources\WebMenuImg.htm ()
O8:64bit: - Extra context menu item: &Clean Traces - E:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm File not found
O8:64bit: - Extra context menu item: &Download with &DAP - H:\Program Files (x86)\DAP\dapextie.htm ()
O8:64bit: - Extra context menu item: &Download with DAM - H:\Program Files (x86)\Tensons\Download Accelerator Manager\\addUrl.htm ()
O8:64bit: - Extra context menu item: &Verify with DAP - H:\Program Files (x86)\DAP\dapverify.htm ()
O8:64bit: - Extra context menu item: Add to CaptureSaver - H:\Program Files (x86)\CaptureSaver\\AddFromIE.htm ()
O8:64bit: - Extra context menu item: Add to Evernote 4.0 - res://E:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 File not found
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Block frame with Ad Muncher - http://www.admuncher...d=menu_ie_frame File not found
O8:64bit: - Extra context menu item: Block image with Ad Muncher - http://www.admuncher...d=menu_ie_image File not found
O8:64bit: - Extra context menu item: Block link with Ad Muncher - http://www.admuncher...id=menu_ie_link File not found
O8:64bit: - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8:64bit: - Extra context menu item: Don't filter page with Ad Muncher - http://www.admuncher...menu_ie_exclude File not found
O8:64bit: - Extra context menu item: Download &All with DAM - H:\Program Files (x86)\Tensons\Download Accelerator Manager\\addAllUrls.htm ()
O8:64bit: - Extra context menu item: Download &all with DAP - H:\Program Files (x86)\DAP\dapextie2.htm ()
O8:64bit: - Extra context menu item: Download with Mipony - H:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
O8:64bit: - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Otie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Otie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Report page to the Ad Muncher developers - http://www.admuncher...=menu_ie_report File not found
O8:64bit: - Extra context menu item: Run DAM Media&Grabber - H:\Program Files (x86)\Tensons\Download Accelerator Manager\\runMg.htm ()
O8:64bit: - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8:64bit: - Extra context menu item: Search Using Copernic Agent - res://C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll/INTEGRATION_MENU_SEARCHEXT File not found
O8:64bit: - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8:64bit: - Extra context menu item: Sticky Password - C:\Program Files (x86)\Sticky Password\spIEBho.dll (Lamantine Software a.s.)
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files (x86)\IncrediMail\Bin\resources\WebMenuImg.htm ()
O8 - Extra context menu item: &Clean Traces - E:\Program Files (x86)\DAP\Privacy Package\dapcleanerie.htm File not found
O8 - Extra context menu item: &Download with &DAP - H:\Program Files (x86)\DAP\dapextie.htm ()
O8 - Extra context menu item: &Download with DAM - H:\Program Files (x86)\Tensons\Download Accelerator Manager\\addUrl.htm ()
O8 - Extra context menu item: &Verify with DAP - H:\Program Files (x86)\DAP\dapverify.htm ()
O8 - Extra context menu item: Add to CaptureSaver - H:\Program Files (x86)\CaptureSaver\\AddFromIE.htm ()
O8 - Extra context menu item: Add to Evernote 4.0 - res://E:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Block frame with Ad Muncher - http://www.admuncher...d=menu_ie_frame File not found
O8 - Extra context menu item: Block image with Ad Muncher - http://www.admuncher...d=menu_ie_image File not found
O8 - Extra context menu item: Block link with Ad Muncher - http://www.admuncher...id=menu_ie_link File not found
O8 - Extra context menu item: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html ()
O8 - Extra context menu item: Don't filter page with Ad Muncher - http://www.admuncher...menu_ie_exclude File not found
O8 - Extra context menu item: Download &All with DAM - H:\Program Files (x86)\Tensons\Download Accelerator Manager\\addAllUrls.htm ()
O8 - Extra context menu item: Download &all with DAP - H:\Program Files (x86)\DAP\dapextie2.htm ()
O8 - Extra context menu item: Download with Mipony - H:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
O8 - Extra context menu item: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Otie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Otie\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Report page to the Ad Muncher developers - http://www.admuncher...=menu_ie_report File not found
O8 - Extra context menu item: Run DAM Media&Grabber - H:\Program Files (x86)\Tensons\Download Accelerator Manager\\runMg.htm ()
O8 - Extra context menu item: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html ()
O8 - Extra context menu item: Search Using Copernic Agent - res://C:\Program Files (x86)\Copernic Agent\CopernicAgentExt.dll/INTEGRATION_MENU_SEARCHEXT File not found
O8 - Extra context menu item: Show RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html ()
O8 - Extra context menu item: Sticky Password - C:\Program Files (x86)\Sticky Password\spIEBho.dll (Lamantine Software a.s.)
O9:64bit: - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - Reg Error: Value error. File not found
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: CaptureSaver - {3BD9DD3E-F9B6-45b9-9ED3-5E1980C2686F} - H:\Program Files (x86)\CaptureSaver\CaptureSaverIE.dll (www.capturesaver.com)
O9 - Extra 'Tools' menuitem : CaptureSaver - {3BD9DD3E-F9B6-45b9-9ED3-5E1980C2686F} - Reg Error: Value error. File not found
O9 - Extra Button: Dashlane Button - {40354A83-504E-4611-ACAE-3D137F6F595E} - Reg Error: Key error. File not found
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Web Entry - {B4E30F61-16D9-11D3-85D1-005004229569} - C:\lotus\org6\organize\bandobjs.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: intuit.com ([ttlc] https in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: magicjack.com ([my] * in Trusted sites)
O15 - HKCU\..Trusted Domains: talk4free.com ([reg] * in Trusted sites)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files%20(x86)/Jigsaw%20Puzzle%20Platinum%202/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell...r/SysProExe.CAB (WMI Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.25.2)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files%20(x86)/Jigsaw%20Puzzle%20Platinum%202/Images/armhelper.ocx (ArmHelper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B0FFB9F-5F89-4B27-B073-20EA5C236F4B}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B0FFB9F-5F89-4B27-B073-20EA5C236F4B}: NameServer = 127.0.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CE8307D0-C892-480B-BD3A-899D1DFCC9DA}: NameServer = 127.0.0.1
O18:64bit: - Protocol\Handler\belarc - No CLSID value found
O18:64bit: - Protocol\Handler\copernicagent - No CLSID value found
O18:64bit: - Protocol\Handler\copernicagentcache - No CLSID value found
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\intu-help-qb4 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\copernicagent {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - Reg Error: Value error. File not found
O18 - Protocol\Handler\copernicagentcache {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - Reg Error: Value error. File not found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - Reg Error: Value error. File not found
O18 - Protocol\Handler\intu-help-qb4 {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - Reg Error: Value error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\program files\soluto\soluto.exe /userinit) - c:\program files\soluto\soluto.exe (Soluto)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Value error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013/10/05 08:02:16 | 000,002,097 | ---- | M] () - C:\autoupdate.log -- [ NTFS ]
O33 - MountPoints2\{7b761033-5086-11e1-9466-180373df15a5}\Shell - "" = AutoRun
O33 - MountPoints2\{7b761033-5086-11e1-9466-180373df15a5}\Shell\AutoRun\command - "" = J:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/10/09 19:15:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Otie\Desktop\OTL.exe
[2013/10/08 22:40:04 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\Merscom
[2013/10/08 22:40:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Merscom
[2013/10/08 11:19:01 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\Fugazo
[2013/10/08 11:01:02 | 000,049,240 | ---- | C] (Zemana Ltd.) -- C:\Windows\SysNative\drivers\AntiLog64.sys
[2013/10/08 11:00:59 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Local\Zemana
[2013/10/08 11:00:57 | 000,000,000 | -H-D | C] -- C:\ProgramData\{1DC4ABA3-A524-4C5A-8172-E4C0D5E41B24}
[2013/10/08 11:00:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AntiLogger
[2013/10/08 11:00:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AntiLogger
[2013/10/08 11:00:02 | 021,585,688 | ---- | C] (Zemana Ltd. ) -- C:\Users\Otie\Desktop\Zemana_AntiLogger_1.9.3.505.exe
[2013/10/07 09:23:31 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Daihinia
[2013/10/07 08:47:32 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\Synei
[2013/10/06 13:33:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synei System Utilities
[2013/10/06 13:33:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Synei
[2013/10/06 10:29:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
[2013/10/06 10:29:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2013/10/06 10:29:41 | 000,000,000 | ---D | C] -- C:\Users\Otie\Documents\Anti-Malware
[2013/10/05 18:26:29 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\FamilyVacationCalifornia
[2013/10/05 08:43:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileStream FrameShop
[2013/10/04 03:03:47 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013/10/01 21:10:41 | 000,000,000 | ---D | C] -- C:\Users\Otie\Documents\spp
[2013/10/01 21:10:41 | 000,000,000 | ---D | C] -- C:\Users\Otie\Documents\apdf
[2013/10/01 21:10:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A-PDF Scan Paper
[2013/09/30 21:52:51 | 000,000,000 | ---D | C] -- C:\@RestoreQuarantine
[2013/09/30 15:34:50 | 000,000,000 | ---D | C] -- C:\ProgramData\RegRun
[2013/09/30 15:31:30 | 000,000,000 | ---D | C] -- C:\Users\Otie\Documents\RegRun2
[2013/09/30 15:31:29 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\regruninfo
[2013/09/30 15:31:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UnHackMe
[2013/09/29 13:57:55 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\TheFlyingDutchman
[2013/09/27 14:25:56 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\Fuzzy Bug Interactive
[2013/09/27 09:14:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CD Recovery Toolbox Free
[2013/09/27 09:14:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CD Recovery Toolbox Free
[2013/09/27 09:11:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virtual Magnifying Glass
[2013/09/27 09:11:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Virtual Magnifying Glass
[2013/09/26 15:31:21 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Local\Engelmann_Media
[2013/09/26 15:15:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImageMagick 6.8.6 Q16 (32-bit)
[2013/09/26 15:15:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ImageMagick-6.8.6-Q16
[2013/09/26 15:14:14 | 049,402,861 | ---- | C] (LAVA SoftWorks ) -- C:\Users\Otie\Desktop\icomancer-Full-Setup-September2013.exe
[2013/09/23 13:53:48 | 000,000,000 | ---D | C] -- C:\Users\Otie\Documents\EDocs
[2013/09/22 12:17:42 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\TaskmgrPro
[2013/09/22 12:17:37 | 000,000,000 | ---D | C] -- C:\Users\Otie\Documents\TaskmgrPro
[2013/09/22 12:17:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TaskmgrPro
[2013/09/22 12:17:36 | 000,000,000 | ---D | C] -- C:\Program Files\TaskmgrPro
[2013/09/22 11:54:46 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\OpenDNS Updater
[2013/09/22 11:54:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenDNS Updater
[2013/09/21 07:13:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013/09/17 20:55:20 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\ERS G-Studio
[2013/09/15 21:32:17 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BleachBit
[2013/09/15 21:32:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BleachBit
[2013/09/12 17:39:19 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\Hard Disk Sentinel
[2013/09/12 17:39:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Sentinel
[2013/09/12 17:38:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hard Disk Sentinel
[2013/09/11 07:06:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox.bak
[2013/09/10 08:25:53 | 000,000,000 | ---D | C] -- C:\ProgramData\HiSlider
[2013/09/10 08:25:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi Slider
[2013/09/10 07:46:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Belarc
[2011/11/25 12:44:22 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Otie\AppData\Roaming\pcouffin.sys
[2011/04/18 22:51:20 | 000,653,136 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\MSVCR90.dll
[2011/04/18 22:51:20 | 000,569,680 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\MSVCP90.dll
[2010/12/16 21:39:36 | 000,302,592 | ---- | C] (Google) -- C:\Program Files (x86)\Common Files\webmmux.dll
[2010/12/16 21:39:16 | 000,701,440 | ---- | C] (Google) -- C:\Program Files (x86)\Common Files\vp8encoder.dll
[2010/12/16 21:39:16 | 000,412,672 | ---- | C] (Google) -- C:\Program Files (x86)\Common Files\vp8decoder.dll
[2010/12/16 21:39:14 | 000,292,352 | ---- | C] (Google) -- C:\Program Files (x86)\Common Files\webmsplit.dll
[7 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[17 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/10/09 19:15:54 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Otie\Desktop\OTL.exe
[2013/10/09 19:00:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/10/09 18:49:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2573087068-2607692701-1072482724-1000UA.job
[2013/10/09 18:45:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/09 15:21:01 | 000,001,896 | ---- | M] () -- C:\Windows\tasks\Safe Saver-chromeinstaller.job
[2013/10/09 15:21:01 | 000,001,820 | ---- | M] () -- C:\Windows\tasks\Safe Saver-firefoxinstaller.job
[2013/10/09 15:21:00 | 000,001,190 | ---- | M] () -- C:\Windows\tasks\Safe Saver-codedownloader.job
[2013/10/09 15:21:00 | 000,001,186 | ---- | M] () -- C:\Windows\tasks\Safe Saver-updater.job
[2013/10/09 15:21:00 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\Safe Saver-enabler.job
[2013/10/09 06:49:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2573087068-2607692701-1072482724-1000Core.job
[2013/10/08 20:30:00 | 000,000,508 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 39c4d925-a8d1-4f3e-b1c2-2488c829fed5.job
[2013/10/08 15:48:36 | 000,787,512 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/10/08 15:48:36 | 000,665,778 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/10/08 15:48:36 | 000,123,328 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/10/08 11:18:14 | 000,000,820 | ---- | M] () -- C:\Users\Otie\Desktop\Worldmosaics7 - Shortcut.lnk
[2013/10/08 11:14:30 | 037,581,900 | ---- | M] () -- C:\Users\Otie\Desktop\WorldMosaics7.rar
[2013/10/08 11:01:02 | 000,049,240 | ---- | M] (Zemana Ltd.) -- C:\Windows\SysNative\drivers\AntiLog64.sys
[2013/10/08 11:00:56 | 000,000,919 | ---- | M] () -- C:\Users\Public\Desktop\AntiLogger.lnk
[2013/10/08 11:00:20 | 021,585,688 | ---- | M] (Zemana Ltd. ) -- C:\Users\Otie\Desktop\Zemana_AntiLogger_1.9.3.505.exe
[2013/10/06 13:33:06 | 000,001,215 | ---- | M] () -- C:\Users\Public\Desktop\Synei System Utilities.lnk
[2013/10/06 12:34:34 | 000,059,904 | ---- | M] () -- C:\Users\Otie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/10/06 10:29:59 | 000,001,133 | ---- | M] () -- C:\Users\Otie\Application Data\Microsoft\Internet Explorer\Quick Launch\Emsisoft Anti-Malware.lnk
[2013/10/06 10:29:59 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2013/10/06 10:24:16 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2013/10/05 18:25:51 | 000,000,999 | ---- | M] () -- C:\Users\Otie\Desktop\Family Vacation California.lnk
[2013/10/05 13:47:08 | 000,002,331 | ---- | M] () -- C:\Users\Otie\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2013/10/05 13:47:08 | 000,002,329 | ---- | M] () -- C:\Users\Otie\Desktop\Google Chrome.lnk
[2013/10/05 08:50:03 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\Audio Record Wizard.lnk
[2013/10/05 08:49:51 | 003,320,360 | ---- | M] () -- C:\Users\Otie\Desktop\arw6-September2013.exe
[2013/10/05 08:43:42 | 000,000,795 | ---- | M] () -- C:\Users\Public\Desktop\FrameShop.lnk
[2013/10/05 08:01:38 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2013/10/04 20:28:31 | 000,028,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/10/04 20:28:31 | 000,028,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/10/04 03:24:54 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/10/04 03:05:35 | 000,779,634 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/09/27 14:25:16 | 000,000,029 | ---- | M] () -- C:\Windows\popcinfo.dat
[2013/09/27 09:14:23 | 000,001,266 | ---- | M] () -- C:\Users\Otie\Desktop\CD Recovery Toolbox Free.lnk
[2013/09/27 09:11:51 | 000,001,146 | ---- | M] () -- C:\Users\Public\Desktop\Virtual Magnifying Glass.lnk
[2013/09/26 15:15:29 | 000,000,738 | ---- | M] () -- C:\Users\Public\Desktop\icomancer.lnk
[2013/09/26 15:14:53 | 049,402,861 | ---- | M] (LAVA SoftWorks ) -- C:\Users\Otie\Desktop\icomancer-Full-Setup-September2013.exe
[2013/09/23 13:04:46 | 000,001,013 | ---- | M] () -- C:\Users\Public\Desktop\SimplyGoodPictures2.lnk
[2013/09/23 13:04:46 | 000,001,013 | ---- | M] () -- C:\Users\Otie\Application Data\Microsoft\Internet Explorer\Quick Launch\SimplyGoodPictures2.lnk
[2013/09/22 21:32:55 | 000,000,000 | ---- | M] () -- C:\Windows\Game.INI
[2013/09/19 15:23:53 | 000,163,029 | ---- | M] () -- C:\Windows\DP Animation Maker Uninstaller.exe
[2013/09/19 15:23:53 | 000,000,882 | ---- | M] () -- C:\Users\Otie\Desktop\DP Animation Maker.lnk
[2013/09/15 21:32:17 | 000,001,025 | ---- | M] () -- C:\Users\Otie\Desktop\BleachBit.lnk
[2013/09/14 17:10:20 | 000,018,027 | ---- | M] () -- C:\Users\Otie\Documents\JEOPARDY REPORT TEMPLATE CASA 2013.dotx
[2013/09/14 08:09:40 | 000,000,508 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 7bf20141-dabc-4caa-9489-a9d4d6c4a0d6.job
[2013/09/13 18:18:09 | 000,001,279 | ---- | M] () -- C:\Users\Otie\Desktop\Flights of Fancy Two Doves Collectors.lnk
[2013/09/12 16:48:37 | 000,656,376 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/09/10 08:25:53 | 000,000,735 | ---- | M] () -- C:\Users\Otie\Desktop\Hi Slider.lnk
[2013/09/10 07:46:01 | 000,002,158 | ---- | M] () -- C:\Users\Otie\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2013/09/10 07:46:01 | 000,002,134 | ---- | M] () -- C:\Users\Public\Desktop\Belarc Advisor.lnk
[7 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[17 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/10/08 11:18:14 | 000,000,820 | ---- | C] () -- C:\Users\Otie\Desktop\Worldmosaics7 - Shortcut.lnk
[2013/10/08 11:14:08 | 037,581,900 | ---- | C] () -- C:\Users\Otie\Desktop\WorldMosaics7.rar
[2013/10/08 11:00:56 | 000,000,919 | ---- | C] () -- C:\Users\Public\Desktop\AntiLogger.lnk
[2013/10/06 13:33:06 | 000,001,215 | ---- | C] () -- C:\Users\Public\Desktop\Synei System Utilities.lnk
[2013/10/06 10:29:59 | 000,001,133 | ---- | C] () -- C:\Users\Otie\Application Data\Microsoft\Internet Explorer\Quick Launch\Emsisoft Anti-Malware.lnk
[2013/10/06 10:29:59 | 000,001,109 | ---- | C] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2013/10/05 18:25:02 | 000,000,999 | ---- | C] () -- C:\Users\Otie\Desktop\Family Vacation California.lnk
[2013/10/05 08:50:03 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\Audio Record Wizard.lnk
[2013/10/05 08:49:46 | 003,320,360 | ---- | C] () -- C:\Users\Otie\Desktop\arw6-September2013.exe
[2013/10/05 08:43:42 | 000,000,795 | ---- | C] () -- C:\Users\Public\Desktop\FrameShop.lnk
[2013/09/27 09:14:23 | 000,001,266 | ---- | C] () -- C:\Users\Otie\Desktop\CD Recovery Toolbox Free.lnk
[2013/09/27 09:11:51 | 000,001,146 | ---- | C] () -- C:\Users\Public\Desktop\Virtual Magnifying Glass.lnk
[2013/09/23 13:04:46 | 000,001,013 | ---- | C] () -- C:\Users\Public\Desktop\SimplyGoodPictures2.lnk
[2013/09/23 13:04:46 | 000,001,013 | ---- | C] () -- C:\Users\Otie\Application Data\Microsoft\Internet Explorer\Quick Launch\SimplyGoodPictures2.lnk
[2013/09/22 21:32:55 | 000,000,000 | ---- | C] () -- C:\Windows\Game.INI
[2013/09/22 11:54:51 | 000,002,038 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenDNS Updater.lnk
[2013/09/21 06:39:26 | 015,962,112 | ---- | C] () -- C:\Windows\SysWow64\Marine Life 3D Screensaver.scr
[2013/09/19 15:23:53 | 000,000,882 | ---- | C] () -- C:\Users\Otie\Desktop\DP Animation Maker.lnk
[2013/09/15 21:32:17 | 000,001,025 | ---- | C] () -- C:\Users\Otie\Desktop\BleachBit.lnk
[2013/09/14 17:10:20 | 000,018,027 | ---- | C] () -- C:\Users\Otie\Documents\JEOPARDY REPORT TEMPLATE CASA 2013.dotx
[2013/09/13 18:18:09 | 000,001,279 | ---- | C] () -- C:\Users\Otie\Desktop\Flights of Fancy Two Doves Collectors.lnk
[2013/09/10 08:25:53 | 000,000,735 | ---- | C] () -- C:\Users\Otie\Desktop\Hi Slider.lnk
[2013/09/10 07:46:01 | 000,002,158 | ---- | C] () -- C:\Users\Otie\Application Data\Microsoft\Internet Explorer\Quick Launch\Belarc Advisor.lnk
[2013/09/10 07:46:01 | 000,002,146 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
[2013/09/10 07:46:01 | 000,002,134 | ---- | C] () -- C:\Users\Public\Desktop\Belarc Advisor.lnk
[2013/08/14 07:42:28 | 000,000,037 | -HS- | C] () -- C:\Users\Otie\AppData\Local\70149b02515b3bb20dd492.47983420
[2013/08/12 06:06:47 | 000,012,728 | ---- | C] () -- C:\Windows\SysWow64\ampa.sys
[2013/08/12 06:06:46 | 001,647,544 | ---- | C] () -- C:\Windows\ampa.exe
[2013/08/10 07:21:35 | 000,000,011 | ---- | C] () -- C:\Windows\mahjongg.INI
[2013/07/24 20:19:28 | 000,503,509 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\log.sflog
[2013/07/14 07:17:01 | 000,000,703 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\pdfsound.dll
[2013/07/14 07:17:01 | 000,000,053 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\setting.ini
[2013/07/14 07:17:01 | 000,000,043 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\setup_pdfrotator.ini
[2013/07/14 07:17:01 | 000,000,043 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\setup_pdfcombine.ini
[2013/07/14 07:17:01 | 000,000,030 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\setup.ini
[2013/07/14 07:17:01 | 000,000,014 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\options.ini
[2013/07/14 07:17:01 | 000,000,003 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\options_pdfrotator.ini
[2013/07/14 07:17:01 | 000,000,003 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\options_pdfcombine.ini
[2013/07/09 07:48:48 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2013/06/04 06:15:45 | 000,000,007 | ---- | C] () -- C:\Program Files (x86)\SysResources Managersyok12.dat
[2013/06/04 06:15:36 | 000,015,620 | ---- | C] () -- C:\Windows\SysWow64\SystemRs122.f.SYS
[2013/06/02 04:48:01 | 000,000,007 | ---- | C] () -- C:\Windows\sysres14.dat
[2013/05/15 23:32:24 | 000,056,072 | ---- | C] () -- C:\Windows\AUDBootDefrag.exe
[2013/04/13 15:37:45 | 000,019,634 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\UserTile.png
[2013/03/08 02:39:40 | 000,024,036 | ---- | C] () -- C:\Users\Otie\SDActivate.lng
[2013/02/11 07:49:31 | 002,468,520 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2013/02/11 07:49:31 | 000,087,112 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2013/02/11 07:49:31 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2013/02/11 07:49:31 | 000,009,160 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2013/02/11 07:49:30 | 000,014,920 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2013/01/17 06:45:19 | 000,000,176 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\Earthquakes Meter_Settings.ini
[2013/01/13 16:34:26 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\FileOps.exe
[2012/12/15 14:39:10 | 006,955,008 | ---- | C] () -- C:\Windows\SysWow64\common_res.dll
[2012/12/05 11:07:10 | 000,315,392 | ---- | C] () -- C:\Windows\SysWow64\EMRegSys.dll
[2012/12/03 08:39:46 | 000,000,040 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\burnaware.ini
[2012/11/30 08:05:25 | 000,163,123 | ---- | C] () -- C:\Windows\Animated Screensaver Maker Uninstaller.exe
[2012/11/26 07:38:28 | 000,000,000 | ---- | C] () -- C:\Windows\BanPrc.dat
[2012/11/26 07:37:31 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.Shell32.dll
[2012/11/26 07:37:31 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[2012/09/03 07:21:26 | 000,163,029 | ---- | C] () -- C:\Windows\DP Animation Maker Uninstaller.exe
[2012/08/15 13:38:15 | 000,109,256 | ---- | C] () -- C:\Windows\SysWow64\EasyHook64.dll
[2012/08/15 13:38:15 | 000,090,824 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll
[2012/07/21 08:34:27 | 000,000,008 | ---- | C] () -- C:\Windows\SysWow64\CA4DCE6217.sys
[2012/07/13 06:38:28 | 000,000,128 | ---- | C] () -- C:\ProgramData\avalon2.2_WIPE2012.ini
[2012/07/13 06:38:22 | 000,340,992 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll
[2012/07/13 06:38:20 | 000,340,992 | ---- | C] () -- C:\Windows\sqlite36_engine.dll
[2012/05/20 06:04:34 | 000,580,096 | ---- | C] () -- C:\Windows\SysWow64\lame.exe
[2012/05/20 06:04:34 | 000,484,352 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2012/05/20 06:04:34 | 000,307,200 | ---- | C] () -- C:\Windows\SysWow64\Mp3Ctrl.dll
[2012/05/20 06:04:34 | 000,131,176 | ---- | C] () -- C:\Windows\SysWow64\mp3gain.exe
[2012/05/20 06:04:34 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\akrip32.dll
[2012/05/20 06:04:31 | 000,003,180 | ---- | C] () -- C:\Users\Otie\AppData\Local\ZortamMp3MediaStudio.iss
[2012/05/11 14:16:16 | 000,171,520 | ---- | C] () -- C:\Program Files (x86)\Common Files\dsfOggDemux2.dll
[2012/04/25 20:35:19 | 000,000,074 | ---- | C] () -- C:\Windows\PBUpdate.ini
[2012/04/25 14:12:33 | 000,000,323 | ---- | C] () -- C:\Windows\WININIT.INI
[2012/04/21 11:19:23 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2012/04/20 09:33:41 | 000,000,297 | ---- | C] () -- C:\Users\Otie\SecurityKISSTunnel.config
[2012/04/02 10:11:43 | 000,109,782 | ---- | C] () -- C:\Windows\CopernicAgentUninstall.exe
[2012/03/30 09:35:37 | 000,001,056 | ---- | C] () -- C:\Windows\SysWow64\KGyGaAvL.sys
[2012/03/29 16:42:18 | 000,007,629 | ---- | C] () -- C:\Users\Otie\AppData\Local\resmon.resmoncfg
[2012/03/29 16:35:05 | 000,000,000 | ---- | C] () -- C:\Windows\IconToolKit.dat
[2012/03/05 12:07:06 | 000,000,684 | ---- | C] () -- C:\Users\Otie\AppData\Local\mcset.cfg
[2012/02/08 18:54:11 | 000,118,784 | ---- | C] () -- C:\Windows\SysWow64\mp3dec.dll
[2012/02/05 07:16:29 | 000,358,996 | ---- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012/01/24 08:16:52 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\ZLIB.DLL
[2012/01/22 06:23:44 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\NTICDMK7.dll
[2012/01/22 06:19:17 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\NTIMPEG2.dll
[2012/01/22 06:19:17 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\NTIMP3.dll
[2012/01/22 06:19:17 | 000,001,024 | ---- | C] () -- C:\Windows\SysWow64\NTIFCD3.dll
[2012/01/03 07:50:13 | 000,110,602 | ---- | C] () -- C:\Windows\SysWow64\xcdsfx32.bin
[2011/12/26 09:24:20 | 000,000,193 | ---- | C] () -- C:\Windows\WebStudio.INI
[2011/12/02 07:01:03 | 000,097,664 | ---- | C] () -- C:\Windows\SysWow64\drivers\Shield.sys
[2011/12/02 07:01:03 | 000,032,128 | ---- | C] () -- C:\Windows\SysWow64\drivers\Shieldf.sys
[2011/12/02 07:01:03 | 000,027,392 | ---- | C] () -- C:\Windows\SysWow64\drivers\ShieldmNt.sys
[2011/12/02 07:01:03 | 000,018,304 | ---- | C] () -- C:\Windows\SysWow64\drivers\Shieldm.sys
[2011/12/02 07:01:03 | 000,012,672 | ---- | C] () -- C:\Windows\SysWow64\drivers\Shdbus.sys
[2011/11/28 09:55:24 | 000,015,620 | ---- | C] () -- C:\Windows\SysWow64\SystemRs11.sm.SYS
[2011/11/27 10:17:15 | 000,163,221 | ---- | C] () -- C:\Windows\Animated Wallpaper Maker Uninstaller.exe
[2011/11/27 07:10:48 | 000,845,123 | ---- | C] () -- C:\Users\Otie\AppData\Local\census.cache
[2011/11/27 07:10:40 | 000,144,324 | ---- | C] () -- C:\Users\Otie\AppData\Local\ars.cache
[2011/11/27 07:02:25 | 000,000,036 | ---- | C] () -- C:\Users\Otie\AppData\Local\housecall.guid.cache
[2011/11/25 12:45:14 | 000,001,173 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\vso_ts_preview.xml
[2011/11/25 12:44:22 | 000,099,384 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\inst.exe
[2011/11/25 12:44:22 | 000,007,859 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\pcouffin.cat
[2011/11/25 12:44:22 | 000,001,167 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\pcouffin.inf
[2011/11/25 09:47:59 | 000,000,038 | ---- | C] () -- C:\Windows\avisplitter.ini
[2011/11/25 09:47:57 | 000,205,824 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011/11/25 09:47:56 | 000,079,872 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2011/11/18 07:13:05 | 000,000,007 | ---- | C] () -- C:\Windows\sysres10.dat
[2011/11/12 06:45:29 | 000,001,862 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2011/11/09 20:55:29 | 000,000,029 | ---- | C] () -- C:\Windows\popcinfo.dat
[2011/11/09 10:40:41 | 000,000,091 | ---- | C] () -- C:\Windows\QBChanUtil_Trigger.ini
[2011/11/08 18:36:51 | 000,385,024 | ---- | C] () -- C:\Windows\SysWow64\DLEAinst.dll
[2011/11/08 18:36:51 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\dleainpa.dll
[2011/11/08 18:36:51 | 000,344,064 | ---- | C] () -- C:\Windows\SysWow64\dleacomx.dll
[2011/11/08 18:36:50 | 001,048,576 | ---- | C] ( ) -- C:\Windows\SysWow64\dleaserv.dll
[2011/11/08 18:36:50 | 000,847,872 | ---- | C] ( ) -- C:\Windows\SysWow64\dleausb1.dll
[2011/11/08 18:36:50 | 000,802,816 | ---- | C] ( ) -- C:\Windows\SysWow64\dleacomc.dll
[2011/11/08 18:36:50 | 000,688,128 | ---- | C] ( ) -- C:\Windows\SysWow64\dleahbn3.dll
[2011/11/08 18:36:50 | 000,643,072 | ---- | C] ( ) -- C:\Windows\SysWow64\dleapmui.dll
[2011/11/08 18:36:50 | 000,593,920 | ---- | C] ( ) -- C:\Windows\SysWow64\dleacoms.exe
[2011/11/08 18:36:50 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\dlealmpm.dll
[2011/11/08 18:36:50 | 000,372,736 | ---- | C] ( ) -- C:\Windows\SysWow64\dleacomm.dll
[2011/11/08 18:36:50 | 000,344,064 | ---- | C] ( ) -- C:\Windows\SysWow64\dleaiesc.dll
[2011/11/08 18:36:50 | 000,323,584 | ---- | C] () -- C:\Windows\SysWow64\dleains.dll
[2011/11/08 18:36:50 | 000,319,488 | ---- | C] ( ) -- C:\Windows\SysWow64\dleaih.exe
[2011/11/08 18:36:50 | 000,262,144 | ---- | C] () -- C:\Windows\SysWow64\dleainsb.dll
[2011/11/08 18:36:50 | 000,253,952 | ---- | C] () -- C:\Windows\SysWow64\dleacu.dll
[2011/11/08 18:36:50 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\dleainsr.dll
[2011/11/08 18:36:50 | 000,090,112 | ---- | C] () -- C:\Windows\SysWow64\dleacub.dll
[2011/11/08 18:36:50 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\dleajswr.dll
[2011/11/08 18:36:50 | 000,036,864 | ---- | C] () -- C:\Windows\SysWow64\dleacur.dll
[2011/11/08 18:36:49 | 000,368,640 | ---- | C] ( ) -- C:\Windows\SysWow64\dleacfg.exe
[2011/11/08 18:36:49 | 000,086,180 | ---- | C] () -- C:\Windows\SysWow64\DLEAcfg.dll
[2011/11/08 08:51:56 | 000,059,904 | ---- | C] () -- C:\Users\Otie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/28 13:56:35 | 000,177,664 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011/10/28 13:56:35 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011/10/28 13:56:35 | 000,001,264 | ---- | C] () -- C:\Windows\THXCfg_SP_APOIM.ini
[2011/10/28 13:56:35 | 000,001,247 | ---- | C] () -- C:\Windows\THXCfg_HP_APOIM.ini
[2011/10/28 13:56:35 | 000,001,247 | ---- | C] () -- C:\Windows\THXCfg_APOIM.ini
[2011/01/12 02:00:44 | 000,030,208 | ---- | C] () -- C:\Program Files (x86)\Common Files\wmpinfo.dll
[2011/01/12 02:00:42 | 000,240,128 | ---- | C] () -- C:\Program Files (x86)\Common Files\dsfVorbisDecoder.dll
[2011/01/12 02:00:42 | 000,146,944 | ---- | C] () -- C:\Program Files (x86)\Common Files\dsfFLACDecoder.dll
[2011/01/12 02:00:40 | 000,221,184 | ---- | C] () -- C:\Program Files (x86)\Common Files\dsfFLACEncoder.dll
[2011/01/12 02:00:40 | 000,204,800 | ---- | C] () -- C:\Program Files (x86)\Common Files\dsfNativeFLACSource.dll

========== ZeroAccess Check ==========

[2011/11/09 19:12:03 | 000,000,000 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\L.gif
[2011/11/09 19:53:48 | 000,008,571 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\l.jpg
[2011/11/09 19:12:03 | 000,000,000 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\N.gif
[2011/11/09 19:12:03 | 000,029,054 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\U.gif
[2011/11/10 07:50:49 | 000,028,617 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{03DBA44B-040F-4010-86D4-4D91906E9120}\L.gif
[2011/11/10 07:50:49 | 000,029,054 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{07FB3302-348B-4ACA-94C0-255189AD8B3E}\U.gif
[2011/11/10 07:50:49 | 000,029,161 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{167209A4-644A-4381-AFF4-D5E0656FE819}\N.gif
[2011/11/09 22:00:08 | 000,000,000 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{376D2853-44FC-4745-988E-6005F8691813}\N.gif
[2011/11/09 22:00:08 | 000,000,000 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{5B603533-0FF5-4A1D-A84C-FACDCE9E7407}\L.gif
[2011/11/09 22:00:08 | 000,029,054 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{62CA621A-FC64-4998-A5E2-70084FBD85D2}\U.gif
[2011/11/09 20:17:48 | 000,028,617 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{8C96B714-BCD2-4C6E-9FFD-8A67C3EC9125}\L.gif
[2011/11/09 20:17:48 | 000,029,054 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{DB748AAC-D4BC-4213-BDEC-824AED1ED426}\U.gif
[2011/11/09 20:17:48 | 000,029,161 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{E90D0C93-1032-4866-90AD-0224CB48AD9B}\N.gif
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 22:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/08/20 12:13:06 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\1-abc
[2013/06/19 17:18:05 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\10tons
[2013/07/12 21:24:06 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\2monkeys
[2013/08/20 12:09:03 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\4 Friends Games
[2011/11/09 07:27:18 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\A4DeskPro
[2013/08/24 20:20:30 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Absolutist
[2012/01/19 22:23:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Acronis
[2013/06/27 21:14:36 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Ad-Aware Antivirus
[2012/04/21 11:19:22 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Adore Games
[2012/04/05 10:21:52 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\AdultAdvantage
[2013/08/24 19:18:25 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\AlawarEntertainment
[2012/03/21 08:32:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\AlwaysNeat
[2013/08/20 12:09:03 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Angler
[2013/08/20 12:13:06 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\AnnVideo
[2013/08/26 07:36:47 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Anvate Games
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Anvsoft
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Apowersoft
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ArcticLine
[2012/08/11 13:11:06 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Arevan The Bitter Truth
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Art Mahjongg Egypt
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Artifact Quest
[2013/07/30 18:08:14 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Artifex Mundi
[2013/05/04 07:57:18 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Artogon
[2012/12/31 09:43:46 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Ashampoo
[2013/06/26 20:22:57 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Ashampoo Slideshow Studio 2013
[2013/05/19 07:22:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Asterisk Password Decryptor
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Astro Gemini Software
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Atomic Alarm Clock 6
[2013/08/20 12:13:28 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Audacity
[2013/08/18 11:43:00 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Auslogics
[2012/07/12 06:25:57 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\AV Burning Pro
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Aveyond 3
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Awem
[2013/07/23 12:52:17 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Awesomium
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\B
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\BackToTheBeach
[2012/09/08 12:37:47 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\BackupSF
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\bicyclestudios
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Big Fish Games
[2012/04/15 18:52:38 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\bigwig_media
[2013/07/10 08:24:16 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\BlamGames
[2011/11/07 07:43:06 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Blio
[2013/02/15 15:34:24 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Blue Tea Games
[2013/07/18 12:53:58 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\BlueMountain.D47BD63EE77CC0AC7AE23BFA386A3F1EDA7C080D.1
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\BlueSprig
[2013/07/05 17:38:01 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Bmd
[2013/09/08 19:10:30 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Boomzap
[2013/08/20 12:09:05 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Canneverbe Limited
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\CaptureSaver
[2013/07/23 17:06:10 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\casualArts
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Catalina Marketing Corp
[2013/04/14 16:49:15 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\cerasus.media
[2013/03/05 21:20:03 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\cerasus.media GmbH
[2013/06/20 19:23:13 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Chayowo Games
[2012/06/12 06:34:03 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ChemTable Software
[2013/08/20 12:13:07 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\CloneSpy
[2012/04/02 14:09:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\CoffeeCup Software
[2013/02/05 18:53:55 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Color Brush
[2013/04/26 05:41:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\com.koingosw.DataGuardian
[2013/05/26 11:54:48 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\com.leawo.imediago
[2013/08/20 12:13:07 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Copernic
[2012/10/09 06:32:16 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\DailyMagic
[2012/03/22 19:48:16 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Dark Blue Games
[2013/02/26 08:13:18 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Dashlane
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\DAZ 3D
[2013/08/20 12:09:06 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Deep Shadows
[2011/11/24 04:32:20 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Dexpot
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Digiarty
[2013/08/29 20:04:30 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\DikobrazGames
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\DK Finder
[2013/03/22 07:03:07 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\DMCache
[2013/08/20 12:13:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Downloaded Installations
[2013/08/20 12:09:17 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Dragonshorn Studios
[2013/08/20 12:09:18 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Dropbox
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\DVDVideoSoft
[2012/01/21 07:52:32 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\DVDVideoSoftIEHelpers
[2011/11/26 10:50:39 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\EA
[2013/06/24 09:59:59 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Earth Alerts
[2013/09/04 06:22:31 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Easy Query Builder
[2011/11/24 04:51:44 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Easy Watermark Studio
[2013/07/10 08:11:34 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\eDoc LLC
[2013/09/15 11:24:25 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Eipix
[2013/08/20 12:09:19 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\EleFun Games
[2013/08/20 12:09:19 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Elephant Games
[2013/08/20 12:13:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\EMCO
[2013/10/02 16:59:23 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\EnchantedCavern2
[2013/09/23 13:04:43 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Engelmann Media
[2013/08/07 15:13:47 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Enlightenus2_BFG
[2013/10/05 08:01:52 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\EQATEC Analytics
[2013/09/17 20:55:24 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ERS G-Studio
[2013/09/28 18:30:43 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ERS Game Studios
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\EurekaLog
[2013/10/05 18:26:29 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\FamilyVacationCalifornia
[2013/05/14 20:25:36 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\FarmMystery
[2012/11/06 15:54:51 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\FileOpen
[2011/11/03 13:22:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Fingertapps
[2013/03/02 20:53:05 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Floodlight Games
[2012/03/19 08:02:46 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Folder Scout Labs
[2013/08/20 12:13:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Foxit Software
[2013/01/16 14:36:48 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Free Download Manager
[2013/07/02 12:03:57 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Free Scan to PDF
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\FreeAudioPack
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\FreeBurner
[2013/08/20 12:09:20 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Friday's games
[2012/06/21 07:58:22 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Frieger
[2013/10/08 11:19:11 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Fugazo
[2013/08/20 12:13:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\funkitron
[2012/07/24 11:15:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Funlinker
[2013/09/27 14:25:56 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Fuzzy Bug Interactive
[2012/03/29 17:13:31 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GameHouse
[2013/01/01 09:34:35 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GameInvest
[2013/05/06 20:55:47 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GameMill Entertainment
[2013/08/20 12:09:20 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Genie-Soft
[2013/08/28 16:47:59 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Genie9
[2013/08/20 12:13:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GetRightToGo
[2013/01/29 16:28:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Ghost Ship Studios
[2012/09/16 14:23:43 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GhostFleet
[2012/11/03 06:24:40 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GirlsWithSecretsAdventure
[2013/08/20 12:09:20 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Gogii
[2013/08/24 11:17:39 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Gogii Games
[2013/01/29 05:35:11 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Gold Casual Games
[2012/01/15 08:40:15 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Good Keywords v2
[2012/03/18 08:08:44 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GoodSync
[2011/11/09 10:28:33 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GottCode
[2013/08/20 12:09:20 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GrassGames
[2012/09/29 18:21:38 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GuardiansOfMagic
[2013/04/26 15:44:44 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Gunnar Games
[2013/09/12 17:39:19 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Hard Disk Sentinel
[2012/08/20 21:40:58 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\HdO Adventure
[2012/04/28 13:56:32 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\HitPoint Studios
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\holdkey
[2013/09/04 21:43:39 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Hoyle Card Games Vol. 4
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Hoyle FaceCreator
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Hoyle Puzzle and Board Games 2012
[2013/08/20 12:09:20 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Hulubulu
[2011/11/08 07:40:46 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\IBKPRO
[2012/03/20 16:58:13 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Iconix
[2012/10/24 07:45:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\images
[2013/09/05 08:15:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Intermedia Software
[2013/08/22 14:27:46 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\IObit
[2013/02/06 22:33:13 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\iWin
[2011/11/23 15:52:44 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\jAlbum
[2011/11/27 07:13:29 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\JAM Software
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\jdast
[2012/11/27 08:23:32 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\KC Softwares
[2013/06/27 14:20:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Kingdom of Seven Seals
[2012/08/20 09:09:16 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\KLS Soft
[2013/05/05 07:10:34 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\KRyLack Archive Password Recovery
[2013/08/21 07:25:52 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Lamantine
[2013/06/07 16:40:15 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\LAVA SoftWorks
[2011/11/15 07:05:43 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Leadertech
[2013/07/12 15:29:54 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Leawo
[2013/01/23 06:19:09 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\LifeSniffer
[2012/11/21 07:35:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Light Developer
[2013/05/25 13:50:28 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\LimeWire Music
[2012/02/04 20:48:33 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\LogSys
[2013/08/20 12:09:21 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\M8 Software
[2013/08/20 12:09:21 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Mad Head Games
[2013/03/17 06:39:38 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Magic Landscape Filter
[2013/03/08 06:44:51 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Magic Skin Filter
[2013/08/20 12:09:21 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MagicIndie
[2013/08/20 12:13:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MAGIX
[2012/08/04 19:48:22 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MahJong Suite
[2013/06/05 05:33:23 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MarkdownPad 2
[2013/08/20 12:13:09 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MarkdownPad 2 2.1.18.37279
[2013/08/20 12:13:09 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Maxthon3
[2013/10/03 16:05:37 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MechCAD
[2013/07/01 20:32:31 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MediaArt
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MediaMonkey
[2013/04/02 20:20:56 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Meridian93
[2013/10/08 22:40:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Merscom
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MiniLyrics
[2013/10/06 13:34:15 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Mipony
[2013/08/29 08:20:22 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\mjusbsp
[2013/05/04 15:09:07 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Monotype
[2012/11/21 06:55:41 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Moonchild Productions
[2013/08/26 08:40:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MoonriseInteractive
[2013/08/20 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Motorola
[2013/08/20 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MP3 Quality Modifier
[2012/07/28 05:40:54 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MP3 Tag Express V6
[2012/10/14 03:50:30 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MumboJumbo
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MusicBee
[2013/08/20 12:09:39 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\My Games
[2013/08/20 12:09:39 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Mystery of Mortlake Mansion
[2013/03/11 19:54:20 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Natural Threat.Ominous Shores
[2012/02/04 00:59:11 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\NeoSoftTools
[2012/07/13 16:23:55 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Nevosoft-Breeze
[2012/11/06 15:54:51 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Nitro
[2013/05/27 08:35:19 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Nitro PDF
[2012/09/06 06:55:59 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\nspaces_bytesignals
[2013/08/16 09:48:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\onOne Software
[2013/09/22 11:54:46 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\OpenDNS Updater
[2013/08/20 12:09:39 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\OpenOffice.org
[2013/08/20 12:09:39 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Opera Software
[2013/03/17 13:50:49 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Orneon
[2013/07/04 19:29:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PassionFruit Games
[2012/11/18 06:53:40 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Pavtube
[2013/08/20 12:09:42 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PCDr
[2013/08/20 12:09:44 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PearlMountain
[2013/08/20 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PearlMountainSoft
[2013/04/13 15:37:44 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PeerNetworking
[2013/05/03 15:49:34 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PhantomFivePack03
[2012/01/22 06:09:38 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Photo DVD Slideshow
[2013/07/18 10:09:42 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Photodex
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PhotoScape
[2013/08/20 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PhoXo
[2013/04/02 05:49:21 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PicaJet.Com
[2013/08/20 12:09:44 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Pixelplan
[2013/04/04 17:02:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PlataGames
[2013/08/20 12:09:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PlayFavoriteGames
[2013/03/04 10:14:39 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Playrix Entertainment
[2013/03/23 08:38:36 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PoBros
[2013/08/20 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PopCap Games
[2013/08/20 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PopCapv1003
[2013/08/20 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PopCapv1006
[2013/08/20 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PowerISO
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ProcessLasso
[2012/03/05 09:15:09 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Proxima Software
[2012/09/29 06:39:28 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Purple Patch Games
[2013/06/05 18:43:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PuzzleLab
[2013/08/20 12:09:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\quickclick
[2011/12/30 07:44:19 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\QuickZip
[2013/02/19 14:28:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Rainbow
[2013/08/20 12:09:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ReelDealVampireAdventure
[2012/08/04 18:21:52 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ReelDealWildWestShootOut
[2012/07/10 19:25:46 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ReelTen
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\RetouchPilot
[2013/06/27 21:17:48 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\RoboForm
[2013/07/05 22:46:53 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Rumbic Studio
[2013/07/24 20:20:55 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\saves
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Scribus
[2013/05/26 16:28:03 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SecretIslandUSA
[2013/05/22 08:24:40 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ShamanGS
[2013/08/20 12:09:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Silverback Games
[2012/04/25 14:07:03 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Simple Star
[2013/07/31 09:14:25 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Smarty Uninstaller
[2012/06/27 17:55:00 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SMIGames
[2013/08/20 12:09:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SoftGrid Client
[2012/03/20 07:37:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Softland
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Solitaire Egypt
[2013/10/03 16:05:38 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Soluto
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Songbird2
[2013/08/20 12:09:46 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Spacejock Software
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SpeedMP3Downloader
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SpinTop
[2013/08/20 12:13:13 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SpinTop Games
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SpringPublisher
[2013/05/18 08:09:23 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Stardock
[2013/08/20 12:09:46 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\StartMenuX
[2013/08/20 12:13:25 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Stellarium
[2013/08/20 12:13:25 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\StepShot
[2012/03/22 10:10:34 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\streamWriter
[2013/01/01 20:16:32 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SulusGames
[2013/08/20 12:13:25 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SuperUtils.com
[2013/10/07 08:47:32 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Synei
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SystemRequirementsLab
[2013/06/29 20:40:18 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\T1 Games
[2013/07/20 20:36:15 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Tap It Games
[2012/11/03 06:11:42 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Tape_Worm
[2013/10/03 16:05:48 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TaskmgrPro
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TeraCopy
[2011/11/20 06:48:14 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TERMINAL Studio
[2013/09/29 13:57:58 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TheFlyingDutchman
[2013/07/20 20:27:02 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TheLastDays
[2013/05/14 07:59:36 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TheScruffs
[2013/08/20 12:12:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Thinstall
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Thunderbird
[2013/07/12 15:30:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\tiger-k
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TMInc
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Tonido
[2012/02/22 11:35:54 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TP
[2012/10/20 08:28:33 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Trellian
[2012/05/22 11:52:32 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TweakNow DriveShortcut
[2013/08/20 12:12:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\URSE Games
[2013/08/20 12:12:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\URSoft
[2013/08/20 12:12:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\V-Games
[2011/11/09 04:19:07 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\V310-V510 Series
[2012/07/02 19:35:42 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\V5 Play
[2013/07/14 19:45:19 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Vast Studios
[2011/11/25 12:30:46 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Video DVD Maker FREE
[2013/05/26 10:48:02 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Virtual Prophecy
[2011/11/16 20:23:50 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Vogat Interactive
[2012/11/17 20:06:31 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Vso
[2012/05/19 10:02:51 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\WallpaperDownloader.com
[2013/08/20 12:13:28 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Wandoujia2
[2012/04/14 07:03:16 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Watermark Express
[2012/07/03 08:22:52 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\WeatherPaper
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\WindSolutions
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\WinISO Computing
[2012/11/26 07:17:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\WinPatrol
[2012/07/13 06:38:28 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\WIPE2012
[2013/08/20 12:13:28 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Wise Auto Shutdown
[2013/08/20 12:13:28 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Wise Care 365
[2013/08/20 12:12:17 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Wondershare
[2012/07/11 15:40:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\World-LooM
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\XnView
[2013/08/20 12:13:28 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\XYplorer
[2012/09/16 06:57:48 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Youdagames
[2013/04/27 08:14:41 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\YoWindow
[2013/08/10 18:09:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Zoner

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2012/05/14 07:18:13 | 000,000,000 | ---D | M](C:\Windows\SysNative\3?) -- C:\Windows\SysNative\3쀀
[2012/05/14 07:18:13 | 000,000,000 | ---D | C](C:\Windows\SysNative\3?) -- C:\Windows\SysNative\3쀀

========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:6B50A605
@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:33DB8278
@Alternate Data Stream - 97 bytes -> C:\ProgramData\Temp:AA8AD2BF
@Alternate Data Stream - 94 bytes -> C:\ProgramData\Temp:101708D3
@Alternate Data Stream - 275 bytes -> C:\ProgramData\Temp:A9662AE0
@Alternate Data Stream - 235 bytes -> C:\ProgramData\Temp:9A870F8B
@Alternate Data Stream - 221 bytes -> C:\ProgramData\Temp:091193F8
@Alternate Data Stream - 180 bytes -> C:\ProgramData\Temp:12D21A9A
@Alternate Data Stream - 173 bytes -> C:\ProgramData\Temp:F8B88761
@Alternate Data Stream - 164 bytes -> C:\ProgramData\Temp:D1B5B4F1
@Alternate Data Stream - 162 bytes -> C:\ProgramData\Temp:1CE11B51
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:EAF3ADF5
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:5704AA2B
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:D3A82449
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:AA0017FD
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:CA400C1B
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:62EBE39C
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:7BE5BAAB
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:B06385AA
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:A7596EAE
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:4DDE401B
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:0785072C
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:DF3CC840
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:D6255023
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:D5CCCBAA
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:E0F0F1BE
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:56E2E879
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:517EFA90
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:26499772
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:9D06FB9C
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:5BC73C48
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:D3331ADB
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:0DACB2B7
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:03A039A3
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:93B1FB40
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:AD2DB2F9
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:2CEFEABF
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:834DD57E
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:B36361EE
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:B1CD2545
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:FA206A00
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:F89F2593
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:C83012A4
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:EB86F355
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:94B46CA2
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:84E7BFEB
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:370E4EFB
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:9812B773
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:070D9534
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:0441DB7A
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:5E9E3A14
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:7757A6D4
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:614F17D3
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:E40EED9B

< End of report >
  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP