Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Help! I'm invaded by: http://rvzr-a.akamaihd.net [Solved]

Started by otieatkins , Apr 13 2014 11:12 PM

  • This topic is locked This topic is locked

#1
otieatkins
Posted 13 April 2014 - 11:12 PM

otieatkins

    Member

  • Member
  • PipPipPip
  • 105 posts
A new page from this URL keeps popping up sporadically, but a lot. I have no idea where I got it, I'm usually very careful on where I go and what I open. Here is my OTR text:

OTL logfile created on: 4/13/2014 10:43:39 AM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Otie\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

11.98 Gb Total Physical Memory | 2.34 Gb Available Physical Memory | 19.52% Memory free
23.96 Gb Paging File | 15.30 Gb Available in Paging File | 63.84% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 800.53 Gb Total Space | 537.93 Gb Free Space | 67.20% Space Free | Partition Type: NTFS
Drive E: | 1049.20 Gb Total Space | 460.47 Gb Free Space | 43.89% Space Free | Partition Type: NTFS
Drive H: | 931.51 Gb Total Space | 277.50 Gb Free Space | 29.79% Space Free | Partition Type: NTFS
Drive P: | 473.63 Gb Total Space | 264.82 Gb Free Space | 55.91% Space Free | Partition Type: NTFS
Drive R: | 457.88 Gb Total Space | 389.52 Gb Free Space | 85.07% Space Free | Partition Type: NTFS
Drive S: | 341.80 Gb Total Space | 265.99 Gb Free Space | 77.82% Space Free | Partition Type: NTFS
Drive T: | 1055.46 Gb Total Space | 17.75 Gb Free Space | 1.68% Space Free | Partition Type: NTFS

Computer Name: OTIE-PC | User Name: Otie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/04/13 10:41:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Otie\Desktop\OTL.exe
PRC - [2014/04/10 15:42:47 | 000,109,784 | ---- | M] (Siber Systems) -- C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
PRC - [2014/04/02 19:19:32 | 000,350,496 | ---- | M] () -- C:\Program Files (x86)\BatBrowse\updateBatBrowse.exe
PRC - [2014/04/02 18:48:25 | 000,350,496 | ---- | M] () -- C:\Program Files (x86)\BatBrowse\bin\utilBatBrowse.exe
PRC - [2014/03/27 12:55:22 | 000,592,656 | ---- | M] (Greatis Software) -- C:\Program Files (x86)\GOTD\UnHackMe\hackmon.exe
PRC - [2014/03/15 04:40:21 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/02/27 15:33:22 | 000,481,632 | ---- | M] (Amigabit) -- H:\Program Files (x86)\Amigabit Powerbooster\Tray.exe
PRC - [2014/02/15 09:00:59 | 004,330,432 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
PRC - [2014/02/15 09:00:59 | 004,163,584 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
PRC - [2014/01/23 13:53:42 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe
PRC - [2013/12/23 21:26:20 | 000,042,680 | ---- | M] (Anvisoft) -- C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
PRC - [2013/12/21 02:04:26 | 001,423,224 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
PRC - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/19 12:32:46 | 004,520,744 | ---- | M] (Systweak) -- C:\Program Files (x86)\Advanced System Optimizer 3\SystemProtector.exe
PRC - [2013/12/12 15:56:14 | 003,145,536 | ---- | M] () -- C:\Users\Otie\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
PRC - [2013/12/09 22:22:32 | 002,279,712 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2013/12/09 22:21:14 | 001,494,304 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013/11/29 10:35:28 | 004,139,664 | ---- | M] (Speedbit Ltd.) -- H:\Program Files (x86)\DAP\DAP.exe
PRC - [2013/10/31 00:55:24 | 000,243,000 | ---- | M] (Maxthon International ltd.) -- C:\Program Files (x86)\Maxthon3\Bin\Maxthon.exe
PRC - [2013/10/25 13:07:38 | 001,120,032 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe
PRC - [2013/10/25 12:07:24 | 002,151,200 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
PRC - [2013/10/11 17:12:16 | 000,069,192 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
PRC - [2013/09/04 12:46:52 | 000,023,624 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
PRC - [2013/06/28 18:48:04 | 000,014,624 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2013/05/15 15:00:04 | 000,073,064 | ---- | M] () -- C:\Program Files (x86)\FarStone TotalRecovery\EFB\FBAgent.exe
PRC - [2013/02/21 08:17:01 | 000,367,016 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
PRC - [2013/02/21 08:17:01 | 000,264,616 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
PRC - [2012/12/22 14:44:03 | 007,664,960 | ---- | M] (Toolwiz.com) -- C:\Program Files (x86)\ToolwizCareFree\ToolwizTools.exe
PRC - [2012/11/14 18:07:42 | 000,071,024 | ---- | M] () -- C:\Program Files (x86)\FarStone TotalRecovery\EFB\DCNTranProc.exe
PRC - [2012/08/31 10:03:00 | 000,537,918 | ---- | M] () -- C:\Program Files (x86)\OpenDNS\DNSCrypt\dnscrypt-proxy.exe
PRC - [2012/08/31 10:03:00 | 000,014,336 | ---- | M] () -- C:\Program Files (x86)\OpenDNS\DNSCrypt\OpenDNSCryptService.exe
PRC - [2012/07/30 11:48:16 | 001,518,504 | ---- | M] () -- H:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe
PRC - [2010/09/13 19:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009/05/05 23:32:10 | 001,287,168 | ---- | M] (FSL - FreeSoftLand) -- H:\Program Files (x86)\FSL\FSL_Launcher\FSL_Launcher.exe


========== Modules (No Company Name) ==========

MOD - [2014/03/15 04:40:39 | 003,642,480 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/02/12 04:31:18 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\868ad9d8acc0bf80a973c0e4e9cae4fa\System.Core.ni.dll
MOD - [2014/02/12 04:30:56 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\d682d06abf8257c72ce11cefd1d74cf5\CustomMarshalers.ni.dll
MOD - [2014/02/12 04:30:54 | 002,347,008 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f177ea74036d5fdc6c6b9c967dc877cf\System.Runtime.Serialization.ni.dll
MOD - [2014/02/12 04:30:53 | 000,256,000 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\8a01cb6ca56adf4f33cdad0592538b58\SMDiagnostics.ni.dll
MOD - [2014/02/12 04:30:52 | 017,477,632 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\5cf4b104c2c79c9563d13e289e39c6ba\System.ServiceModel.ni.dll
MOD - [2014/02/12 04:30:26 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\4412bbbb473c356b5ea3e1ea13b25f52\System.Management.ni.dll
MOD - [2014/02/12 04:27:25 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\b34b348a9935338b1282fd0c9309eb1f\System.ServiceProcess.ni.dll
MOD - [2014/02/12 04:27:20 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\b0f9a4f138cc569a7526f97b93808d3e\System.Web.Services.ni.dll
MOD - [2014/02/12 04:27:19 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\4b1795df6372b251625f958595e08d3d\System.Web.ni.dll
MOD - [2014/02/12 04:27:15 | 000,628,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\faf3ae85f2470505e1b32d2154de60ef\System.EnterpriseServices.ni.dll
MOD - [2014/02/12 04:27:14 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\fe1942c05eda4f9744f80afb4ae76a2d\System.Data.ni.dll
MOD - [2014/02/12 04:27:14 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\cd3556d1162e8f7df77611c9c4253f7c\System.Transactions.ni.dll
MOD - [2014/02/12 04:26:59 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/02/12 04:26:54 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/02/12 04:26:53 | 000,025,600 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\4f5069e6497e5e6a381ab6aadf05d6a5\Accessibility.ni.dll
MOD - [2014/02/12 04:26:41 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/02/12 04:26:39 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014/02/12 04:26:38 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/02/12 04:26:30 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2014/01/20 14:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/01/20 14:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/01/17 09:49:54 | 000,010,752 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\zsharenet.dll
MOD - [2014/01/17 09:49:53 | 000,012,800 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\XSevenTo.dll
MOD - [2014/01/17 09:49:52 | 000,012,800 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\SpdFileCom.dll
MOD - [2014/01/17 09:49:51 | 000,010,240 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\MegaUploadCom.dll
MOD - [2014/01/17 09:49:50 | 000,011,776 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\189AE673-13C1-4133-A470-8C4DDD1ACB8C\1.0.1.3_0\fivegiganet.dll
MOD - [2014/01/11 15:08:16 | 000,159,744 | ---- | M] () -- H:\Program Files (x86)\Amigabit Powerbooster\mlutil.dll
MOD - [2013/12/12 15:56:14 | 003,145,536 | ---- | M] () -- C:\Users\Otie\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
MOD - [2013/11/29 10:38:06 | 000,009,216 | ---- | M] () -- C:\ProgramData\SpeedBit\DAP\Plugins\AddonsCondition.dll
MOD - [2013/10/27 20:16:14 | 003,527,416 | ---- | M] () -- C:\Program Files (x86)\Maxthon3\Core\Webkit\avcodec-54.dll
MOD - [2013/10/27 20:16:14 | 000,455,496 | ---- | M] () -- C:\Program Files (x86)\Maxthon3\Core\Webkit\avformat-54.dll
MOD - [2013/10/27 20:16:14 | 000,305,368 | ---- | M] () -- C:\Program Files (x86)\Maxthon3\Core\Webkit\avutil-51.dll
MOD - [2013/10/25 13:07:38 | 001,120,032 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe
MOD - [2013/10/14 01:45:36 | 000,755,000 | ---- | M] () -- C:\Program Files (x86)\Maxthon3\Core\Webkit\libGLESv2.dll
MOD - [2013/10/14 01:45:36 | 000,270,664 | ---- | M] () -- C:\Program Files (x86)\Maxthon3\Core\Webkit\libopus-0.dll
MOD - [2013/10/14 01:45:36 | 000,149,304 | ---- | M] () -- C:\Program Files (x86)\Maxthon3\Core\Webkit\libEGL.dll
MOD - [2013/10/14 01:45:32 | 014,586,736 | ---- | M] () -- C:\Program Files (x86)\Maxthon3\Core\Webkit\Npplugins\NPSWF32.dll
MOD - [2013/10/14 01:45:28 | 000,258,944 | ---- | M] () -- C:\Program Files (x86)\Maxthon3\Bin\Maxzlib.dll
MOD - [2013/10/14 01:45:26 | 000,232,760 | ---- | M] () -- C:\Program Files (x86)\Maxthon3\Addons\Mobile\MxMobile.dll
MOD - [2013/02/21 08:17:03 | 000,072,104 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\wlessfp1.dll
MOD - [2013/02/21 08:17:02 | 000,268,712 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\ImLookExU.dll
MOD - [2013/02/21 08:17:02 | 000,133,544 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\ImComUtlU.dll
MOD - [2013/02/21 08:17:02 | 000,033,128 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\IMHttpComm.dll
MOD - [2013/02/09 07:38:16 | 000,080,296 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\ImAppRU.dll
MOD - [2013/01/23 17:17:12 | 000,108,888 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\PMC.dll
MOD - [2013/01/15 19:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\madexcept_.bpl
MOD - [2013/01/15 19:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\maddisAsm_.bpl
MOD - [2013/01/15 19:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\madbasic_.bpl
MOD - [2012/09/23 21:43:36 | 000,313,992 | ---- | M] () -- C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
MOD - [2012/09/21 17:17:20 | 000,045,056 | ---- | M] () -- C:\Program Files (x86)\Advanced System Optimizer 3\SystemProtector.XmlSerializers.dll
MOD - [2012/06/27 14:03:10 | 000,168,448 | ---- | M] () -- C:\Program Files (x86)\Advanced System Optimizer 3\unrar.dll
MOD - [2012/04/26 14:14:40 | 000,166,992 | ---- | M] () -- H:\Program Files (x86)\Amigabit Powerbooster\NetReg.dll
MOD - [2012/04/26 14:14:04 | 000,101,456 | ---- | M] () -- H:\Program Files (x86)\Amigabit Powerbooster\SkinScrollBar.dll
MOD - [2012/04/26 14:14:04 | 000,080,976 | ---- | M] () -- H:\Program Files (x86)\Amigabit Powerbooster\VersionInfo.dll
MOD - [2012/01/20 15:55:04 | 000,427,520 | ---- | M] () -- H:\Program Files\TeraCopy\TeraCopyExt.dll
MOD - [2011/11/11 19:22:10 | 000,886,272 | ---- | M] () -- C:\Program Files (x86)\Advanced System Optimizer 3\System.Data.SQLite.dll
MOD - [2011/11/09 10:40:46 | 008,013,088 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2010/11/20 23:24:08 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/11/20 23:24:01 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2009/06/10 17:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll


========== Services (SafeList) ==========

SRV:64bit: - File not found [On_Demand | Stopped] -- c:\Program Files\Ocster Backup\bin\backupService-ox.exe -- (ocster_backup)
SRV:64bit: - File not found [Disabled | Stopped] -- C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe /service -- (GsServer)
SRV:64bit: - [2014/03/13 05:43:02 | 000,468,032 | ---- | M] (Genie9) [Auto | Running] -- C:\Program Files\Genie9\Zoolz2\ZoolzService.exe -- (Zoolz 2 Service)
SRV:64bit: - [2014/03/01 00:33:34 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/01/23 16:09:18 | 000,702,744 | ---- | M] () [Auto | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe -- (LavasoftAdAwareService11)
SRV:64bit: - [2014/01/21 00:26:32 | 000,367,984 | ---- | M] (Spotflux) [On_Demand | Stopped] -- C:\Program Files\Spotflux\Spotflux Lite\Spotflux Updates.exe -- (SpotfluxUpdate)
SRV:64bit: - [2014/01/15 20:42:12 | 000,289,256 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe -- (McComponentHostService)
SRV:64bit: - [2013/12/09 22:20:28 | 015,129,376 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013/11/28 11:04:40 | 000,024,672 | ---- | M] () [Auto | Running] -- c:\Program Files\SuperEasy Software\1-Click Backup Free\bin\backupService-sez1cb.exe -- (supereasy_1cbackup)
SRV:64bit: - [2013/10/08 17:26:06 | 000,026,600 | ---- | M] (CyberGhost S.R.L) [Auto | Running] -- C:\Program Files\CyberGhost 5\Service.exe -- (CGVPNCliService)
SRV:64bit: - [2013/09/09 17:35:38 | 006,258,480 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Program Files\OO Software\DiskImage\oodiag.exe -- (OO DiskImage)
SRV:64bit: - [2013/07/24 10:49:08 | 000,182,848 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoLauncherService.exe -- (SolutoLauncherService)
SRV:64bit: - [2013/07/24 10:49:06 | 000,798,784 | ---- | M] (Soluto) [Auto | Stopped] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)
SRV:64bit: - [2013/07/24 09:53:36 | 001,942,528 | ---- | M] (GlavSoft LLC.) [On_Demand | Stopped] -- C:\Program Files\Soluto\SolutoRemoteService.exe -- (SolutoRemoteService)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/03/26 18:13:08 | 000,230,416 | ---- | M] (Nitro PDF Software) [On_Demand | Stopped] -- C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe -- (NitroReaderDriverReadSpool3)
SRV:64bit: - [2012/10/22 06:45:27 | 000,479,480 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\FileMind\FileMind.Windows.Service.exe -- (Filemind.Windows.Service)
SRV:64bit: - [2012/09/25 14:56:38 | 000,301,760 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService.exe)
SRV:64bit: - [2012/09/07 22:49:59 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2012/08/13 17:27:44 | 000,292,736 | ---- | M] (Puran Software) [Disabled | Stopped] -- C:\Windows\SysNative\PuranDefragS.exe -- (PuranDefrag)
SRV:64bit: - [2012/02/03 16:18:04 | 006,378,128 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [On_Demand | Stopped] -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe -- (CarboniteService)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/05/21 22:20:04 | 000,045,224 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\dleaserv.exe -- (dleaCATSCustConnectService)
SRV:64bit: - [2009/12/09 16:24:07 | 001,047,552 | ---- | M] ( ) [On_Demand | Running] -- C:\Windows\SysNative\dleacoms.exe -- (dlea_device)
SRV - [2014/04/11 06:20:04 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/04/02 19:19:32 | 000,350,496 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\BatBrowse\updateBatBrowse.exe -- (Update BatBrowse)
SRV - [2014/04/02 18:48:25 | 000,350,496 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\BatBrowse\bin\utilBatBrowse.exe -- (Util BatBrowse)
SRV - [2014/03/11 19:00:04 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/03/10 10:39:48 | 000,011,776 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe -- (NewPlayerUpdaterService)
SRV - [2014/02/27 15:35:44 | 000,100,704 | ---- | M] () [Auto | Stopped] -- H:\Program Files (x86)\Amigabit Powerbooster\PowerBoosterServer32.exe -- (PowerBoosterServer)
SRV - [2014/02/15 09:00:59 | 004,163,584 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2014/01/23 13:53:42 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2013/12/23 21:26:20 | 000,042,680 | ---- | M] (Anvisoft) [Auto | Running] -- C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe -- (AnviCsbSvc)
SRV - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/19 12:32:44 | 000,264,488 | ---- | M] (Systweak Software, (www.systweak.com)) [Auto | Running] -- C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe -- (ASO3DiskOptimizer)
SRV - [2013/12/09 22:21:14 | 001,494,304 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013/11/01 13:37:14 | 000,173,272 | ---- | M] (Microsoft Corp.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2013/10/25 13:07:00 | 000,878,368 | ---- | M] (IObit) [On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe -- (AdvancedSystemCareService7)
SRV - [2013/10/25 12:07:24 | 002,151,200 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2013/10/11 17:12:16 | 000,069,192 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Auto | Running] -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe -- (EaseUS Agent)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/09/04 12:46:52 | 000,023,624 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Auto | Running] -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe -- (Guard Agent)
SRV - [2013/08/09 15:37:04 | 000,413,472 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/06/28 18:48:04 | 000,014,624 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013/06/06 04:48:26 | 000,102,400 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\DiskBoss\bin\diskbsa.exe -- (DiskBoss Service)
SRV - [2013/05/31 16:38:33 | 000,176,128 | ---- | M] (Covalent Storage Systems) [On_Demand | Stopped] -- C:\Program Files (x86)\DigitalLifeboat\Data Protection Service\DataProtectionUpdateService.exe -- (Digital Lifeboat Update Service)
SRV - [2013/05/31 16:38:33 | 000,010,240 | ---- | M] (Covalent Storage Systems) [On_Demand | Stopped] -- C:\Program Files (x86)\DigitalLifeboat\Data Protection Service\DataProtectionService.exe -- (Digital Lifeboat Backup Service)
SRV - [2013/05/28 14:36:16 | 000,580,232 | ---- | M] (WiseCleaner.com) [Auto | Stopped] -- H:\Program Files (x86)\GOTD\Wise\Wise Care 365\BootTime.exe -- (WiseBootAssistant)
SRV - [2013/05/15 15:00:04 | 000,073,064 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\FarStone TotalRecovery\EFB\FBAgent.exe -- (FBAgent)
SRV - [2013/03/10 09:38:22 | 000,484,304 | ---- | M] (AltrixSoft (http://www.altrixsoft.com/)) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe -- (HDDSvc)
SRV - [2012/11/14 18:07:42 | 000,071,024 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\FarStone TotalRecovery\EFB\DCNTranProc.exe -- (Tran_Process_Proc)
SRV - [2012/10/29 13:25:52 | 000,519,920 | ---- | M] (iWin Inc.) [On_Demand | Stopped] -- P:\Program Files (x86)\Pogo Games\PGMTrusted.exe -- (PGMTrusted)
SRV - [2012/08/31 10:03:00 | 000,014,336 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\OpenDNS\DNSCrypt\OpenDNSCryptService.exe -- (DNSCrypt)
SRV - [2012/07/30 11:48:16 | 001,518,504 | ---- | M] () [Auto | Running] -- H:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe -- (AHDDC2)
SRV - [2012/05/23 14:52:58 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe -- (Sony SCSI Helper Service)
SRV - [2012/03/19 05:28:52 | 000,043,072 | ---- | M] (ArcSoft, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe -- (ADExchange)
SRV - [2012/03/13 12:52:20 | 001,429,976 | ---- | M] (SuperEasy Software) [On_Demand | Stopped] -- H:\Program Files (x86)\SuperEasy Software\Live Defrag\supereasydefragservice.exe -- (SuperEasy Software Defrag Service)
SRV - [2012/02/09 17:08:38 | 004,345,616 | ---- | M] (Paessler AG) [On_Demand | Stopped] -- C:\Program Files (x86)\PRTG Network Monitor\PRTG Server.exe -- (PRTGCoreService)
SRV - [2012/02/09 17:08:36 | 003,835,152 | ---- | M] (Paessler AG) [On_Demand | Stopped] -- C:\Program Files (x86)\PRTG Network Monitor\PRTG Probe.exe -- (PRTGProbeService)
SRV - [2012/01/28 11:16:44 | 000,020,549 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\SMTPing\Apache\bin\httpd.exe -- (Apache2.2)
SRV - [2012/01/23 19:34:32 | 000,284,512 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Iconix\IconixService.exe -- (IconixService)
SRV - [2011/12/06 17:00:14 | 000,214,896 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011/10/28 13:56:13 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/08/18 11:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [On_Demand | Stopped] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011/08/02 15:38:54 | 001,164,848 | ---- | M] (Acronis) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011/07/13 13:52:34 | 000,150,920 | ---- | M] (Dell Products, LP.) [On_Demand | Stopped] -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2011/04/01 12:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/03/28 12:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/10/01 12:27:22 | 000,632,792 | ---- | M] (PC Tools) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2010/09/30 12:52:42 | 000,045,056 | ---- | M] (Intuit) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2010/09/17 18:04:30 | 001,251,840 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe -- (QBVSS)
SRV - [2010/09/13 19:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/08/25 21:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/05/21 22:20:04 | 000,045,224 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe -- (dleaCATSCustConnectService)
SRV - [2009/12/09 15:35:58 | 000,593,920 | ---- | M] ( ) [On_Demand | Running] -- C:\Windows\SysWOW64\dleacoms.exe -- (dlea_device)
SRV - [2009/08/27 18:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009/08/24 23:16:12 | 000,544,768 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- H:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfSdkS64.exe -- (DfSdkS)
SRV - [2009/07/23 22:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/08/07 12:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2006/06/05 20:57:00 | 000,024,576 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\SMTPing\PyCron\pycron.exe -- (PyCron)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/02/08 09:07:40 | 000,099,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2014/01/23 03:22:44 | 000,204,032 | ---- | M] (WinISO.com) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\WinisoCDBus.sys -- (WinisoCDBus)
DRV:64bit: - [2013/12/23 00:01:32 | 000,017,088 | ---- | M] (Glarysoft Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BootDefragDriver.sys -- (BootDefragDriver)
DRV:64bit: - [2013/12/13 13:37:32 | 000,276,256 | ---- | M] (Digiarty Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DigiartyVirtualCDBus.sys -- (DigiartyVirtualCDBus)
DRV:64bit: - [2013/12/05 04:42:30 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/11/29 17:23:43 | 000,141,920 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsflt53.sys -- (vidsflt53)
DRV:64bit: - [2013/11/29 14:02:46 | 000,971,360 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2013/11/29 14:02:40 | 000,210,016 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vididr.sys -- (vididr)
DRV:64bit: - [2013/11/29 14:02:37 | 000,275,552 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2013/11/29 11:31:28 | 000,017,008 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\ampa.sys -- (ampa)
DRV:64bit: - [2013/11/28 11:23:08 | 000,458,960 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2013/11/28 09:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/10/28 14:13:22 | 000,449,496 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2013/10/25 18:36:26 | 000,034,544 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2013/10/01 22:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/09/15 16:50:00 | 000,030,752 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\rsdrvx64.sys -- (ElRawDisk)
DRV:64bit: - [2013/09/09 17:36:32 | 000,255,688 | ---- | M] (O&O Software GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\oodivd.sys -- (oodivd)
DRV:64bit: - [2013/09/09 17:36:32 | 000,044,744 | ---- | M] (O&O Software GmbH) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\oodivdh.sys -- (oodivdh)
DRV:64bit: - [2013/09/09 17:36:30 | 000,116,936 | ---- | M] (O&O Software GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\oodisr.sys -- (oodisr)
DRV:64bit: - [2013/09/09 17:36:30 | 000,041,160 | ---- | M] (O&O Software GmbH) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\oodisrh.sys -- (oodisrh)
DRV:64bit: - [2013/09/04 12:24:10 | 000,189,000 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EuFdDisk.sys -- (EUFDDISK)
DRV:64bit: - [2013/09/04 12:24:10 | 000,061,000 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\eubakup.sys -- (EUBAKUP)
DRV:64bit: - [2013/09/04 12:24:10 | 000,048,200 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EUBKMON.sys -- (EUBKMON)
DRV:64bit: - [2013/09/04 12:24:10 | 000,018,504 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\eudskacs.sys -- (EUDSKACS)
DRV:64bit: - [2013/08/22 08:40:24 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2013/07/24 09:53:10 | 000,054,728 | ---- | M] (Soluto LTD.) [File_System | Boot | Stopped] -- C:\Windows\SysNative\drivers\Soluto.sys -- (Soluto)
DRV:64bit: - [2013/07/17 17:10:52 | 000,329,800 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Trufos.sys -- (Trufos)
DRV:64bit: - [2013/07/16 07:45:18 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
DRV:64bit: - [2013/06/26 19:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 19:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 19:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 19:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2013/05/21 16:38:50 | 000,036,096 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2013/04/27 08:51:27 | 000,035,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys -- (WPRO_41_2001)
DRV:64bit: - [2013/04/11 11:06:54 | 000,039,504 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gfiark.sys -- (gfiark)
DRV:64bit: - [2013/03/07 13:37:54 | 000,019,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2013/03/07 13:37:32 | 000,009,584 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2013/03/07 10:49:18 | 000,017,480 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv)
DRV:64bit: - [2013/03/07 10:49:18 | 000,009,800 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv)
DRV:64bit: - [2013/02/26 11:48:08 | 000,039,248 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hotcore3.sys -- (hotcore3)
DRV:64bit: - [2013/02/25 05:10:02 | 000,021,208 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\MDA_NTDRV.sys -- (MDA_NTDRV)
DRV:64bit: - [2013/02/05 19:34:43 | 000,047,240 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd)
DRV:64bit: - [2012/12/22 14:44:06 | 000,052,544 | ---- | M] (Toolwiz.com) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\KSafeDISK.sys -- (KSafeDISK)
DRV:64bit: - [2012/12/22 14:44:06 | 000,050,496 | ---- | M] (Toolwiz.com) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BTOWSVF.sys -- (BTOWSVF)
DRV:64bit: - [2012/12/22 14:44:06 | 000,032,576 | ---- | M] (Toolwiz.com) [File_System | System | Running] -- C:\Windows\SysNative\drivers\BTOWSFF.sys -- (BTOWSFF)
DRV:64bit: - [2012/12/13 15:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/12/09 05:51:20 | 000,126,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/19 23:21:13 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rrnetcap.sys -- (RRNetCapMP)
DRV:64bit: - [2012/07/19 23:21:13 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rrnetcap.sys -- (RRNetCap)
DRV:64bit: - [2012/03/08 19:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/25 12:44:22 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2011/11/14 09:11:10 | 000,572,336 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Uim_IMx64.sys -- (Uim_IM)
DRV:64bit: - [2011/11/14 09:11:10 | 000,352,816 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uim_vimx64.sys -- (Uim_VIM)
DRV:64bit: - [2011/11/14 09:11:10 | 000,059,184 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uimx64.sys -- (UimBus)
DRV:64bit: - [2011/10/28 15:27:52 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/10/28 15:27:52 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/10/27 11:18:16 | 000,027,224 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\ggcfdrv.sys -- (ggcfdrv)
DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/04/04 15:55:54 | 000,021,504 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp)
DRV:64bit: - [2011/03/31 15:53:40 | 000,030,208 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2011/03/18 14:46:20 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2011/03/18 14:46:06 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/09/14 08:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/08/18 01:28:32 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2010/07/01 13:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2010/06/17 11:14:12 | 000,024,152 | R--- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FarMntIo.sys -- (FARMNTIO)
DRV:64bit: - [2010/05/20 19:42:44 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/04/01 15:44:06 | 000,026,624 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Motousbnet.sys -- (Motousbnet)
DRV:64bit: - [2010/03/19 04:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/02/27 11:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/01/29 18:18:12 | 000,009,216 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl)
DRV:64bit: - [2009/01/29 18:11:38 | 000,006,144 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motfilt.sys -- (BTCFilterService)
DRV:64bit: - [2007/11/02 16:52:02 | 000,008,576 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motswch.sys -- (MotoSwitchService)
DRV:64bit: - [2006/11/01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2014/03/31 11:21:31 | 000,035,816 | ---- | M] (Greatis Software) [Kernel | Boot | Unknown] -- C:\Windows\SysWOW64\drivers\Partizan.sys -- (Partizan)
DRV - [2014/03/26 11:13:30 | 000,071,472 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys -- (a2acc)
DRV - [2013/12/04 11:01:32 | 000,057,024 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys -- (cleanhlp)
DRV - [2013/11/29 11:31:28 | 000,017,008 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\ampa.sys -- (ampa)
DRV - [2013/09/30 18:23:02 | 000,045,208 | ---- | M] (Emsisoft GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys -- (a2injectiondriver)
DRV - [2013/03/28 19:03:02 | 000,026,176 | ---- | M] (Emsisoft GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys -- (A2DDA)
DRV - [2013/03/28 19:03:02 | 000,017,384 | ---- | M] (Emsisoft GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys -- (a2util)
DRV - [2013/03/07 10:49:20 | 000,014,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv)
DRV - [2013/03/07 10:49:20 | 000,009,160 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2012/10/20 06:16:34 | 000,208,256 | ---- | M] (Pdisk Foundation) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\PDisk.sys -- (SUHDCrypt)
DRV - [2012/08/01 15:44:04 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- H:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2012/06/08 03:28:32 | 000,015,664 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2011/10/27 11:18:16 | 000,027,224 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysWOW64\drivers\ggcfdrv.sys -- (ggcfdrv)
DRV - [2011/08/29 13:19:52 | 000,022,096 | ---- | M] (Paragon Software GmbH) [Kernel | On_Demand | Stopped] -- H:\Program Files (x86)\Paragon_Software\Partition_Manager_11_Personal_Special_Edition\bluescrn\biont_bs.sys -- (BioNT_BS)
DRV - [2011/06/02 11:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...64bit:</strong> - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/...rchBox<br /> IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...IE8SRC<br /> IE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/...earchBox<br />
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.thundercl...start/index.htm [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.thundercl...ex.htm<br /> IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKCU\..\URLSearchHook: {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - SOFTWARE\Classes\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}\InprocServer32 File not found
IE - HKCU\..\SearchScopes,DefaultScope = {CF608B78-8D59-4B67-AF74-C6EBF1536F09}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...IE11SR<br /> IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...IE11SR<br /> IE - HKCU\..\SearchScopes\{977E617C-0D56-4C5E-A3E6-88C2C3A13C25}: "URL" = http://search.yahoo....Terms}<br /> IE - HKCU\..\SearchScopes\{CF608B78-8D59-4B67-AF74-C6EBF1536F09}: "URL" = http://www.google.co...ding?}<br /> IE - HKCU\..\SearchScopes\{EFC8261A-27C7-438E-AD54-A6BB4B8F614D}: "URL" = http://www.bing.com/...rchBox<br /> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;192.168.*.*

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "GoodSearch"
FF - prefs.js..browser.search.openintab: true
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.selectedEngine: "GoodSearch"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://thundercloud.net/start/index.htm"
FF - prefs.js..extensions.enabledAddons: %7B3d7eb24f-2740-49df-8937-200b1cc08f8a%7D:1.5.17
FF - prefs.js..extensions.enabledAddons: notreal.ccoptions%40environmentalchemistry.com:25.0
FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.9.1
FF - prefs.js..extensions.enabledAddons: %7B4c7097f7-08f2-4ef2-9b9f-f95fa4cbb064%7D:1.2
FF - prefs.js..extensions.enabledAddons: ascsurfingprotection%40iobit.com:1.0
FF - prefs.js..extensions.enabledAddons: notrace%40unisa.it:2.3.1
FF - prefs.js..extensions.enabledAddons: %7BF17C1572-C9EC-4e5c-A542-D05CBB5C5A08%7D:10.0.5.1
FF - prefs.js..extensions.enabledAddons: daplinkchecker%40speedbit.com:1.0.1.8
FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.8.19
FF - prefs.js..extensions.enabledAddons: 0c822a17-a68f-4066-9257-d229458d21ca%409c178d17-dc61-4aaf-b2da-1425ac7300ac.com:0.94.82
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:28.0
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=902615&p="
FF - prefs.js..keyword.url: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=902615&p="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: I:\Program Files (x86)\Google\Picasa3\npPicasa3.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@siber.com/RoboForm: C:\Program Files (x86)\Siber Systems\AI RoboForm\chrome\plugin\np-rf-plugin.dll (Siber Systems Inc.)
FF - HKLM\Software\MozillaPlugins\@sony.com/ReaderDesktop: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nds.com/PCShowPlugin: File not found
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Users\Otie\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)
FF - HKCU\Software\MozillaPlugins\@stickypassword.com/Sticky Password: C:\Program Files (x86)\Sticky Password\npspAutofill.dll (Lamantine Software a.s.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Otie\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Otie\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\en.pixelplan.pl/PIXELPLANWebViewer: C:\Users\Otie\AppData\Roaming\Pixelplan\Pixelplan O4C Viewer Web\1.2.7\npPIXELPLANWebViewer.dll (Pixelplan S.C.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Otie\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Users\Otie\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 30.0a2\extensions\\Components: C:\Program Files (x86)\Aurora\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 30.0a2\extensions\\Plugins: C:\Program Files (x86)\Aurora\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: H:\Program Files (x86)\DAP\daplinkchecker [2013/11/29 10:35:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2014/04/10 15:46:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/03/12 08:28:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/03/12 08:28:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: H:\Program Files (x86)\DAP\DAPFireFox [2013/11/29 10:35:57 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: H:\Program Files (x86)\CaptureSaver\Firefox [2013/03/19 09:48:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{54affe52-8223-453b-be1e-2fe2e250045c}: C:\Users\Otie\AppData\Roaming\Lamantine\Sticky Password\spAutofill [2013/08/21 07:26:21 | 000,000,000 | ---D | M]

[2013/08/20 12:09:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Extensions
[2012/11/09 16:34:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Extensions\[email protected]
[2014/04/12 13:38:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\extensions
[2014/01/01 21:03:15 | 000,000,000 | ---D | M] (Flashblock) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
[2014/03/17 08:09:53 | 000,000,000 | ---D | M] ("MediaPlayerEnhance") -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\extensions\0c822a17-a68f-4066-9257-d229458d21ca@9c178d17-dc61-4aaf-b2da-1425ac7300ac.com
[2014/01/06 09:24:24 | 000,000,000 | ---D | M] (Advanced SystemCare Surfing Protection) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\extensions\[email protected]
[2014/04/07 15:12:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\extensions\0c822a17-a68f-4066-9257-d229458d21ca@9c178d17-dc61-4aaf-b2da-1425ac7300ac.com\extensionData
[2014/04/07 15:12:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\extensions\0c822a17-a68f-4066-9257-d229458d21ca@9c178d17-dc61-4aaf-b2da-1425ac7300ac.com\extensionData\plugins
[2014/04/07 15:12:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\extensions\0c822a17-a68f-4066-9257-d229458d21ca@9c178d17-dc61-4aaf-b2da-1425ac7300ac.com\extensionData\userCode
[2014/01/01 21:03:15 | 000,128,676 | ---- | M] () (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\extensions\[email protected]
[2014/04/11 05:52:49 | 000,373,305 | ---- | M] () (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\extensions\[email protected]
[2014/02/10 06:44:07 | 000,390,318 | ---- | M] () (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\extensions\[email protected]
[2014/01/01 20:22:26 | 000,159,912 | R--- | M] () (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\extensions\[email protected]
[2014/01/03 09:30:33 | 000,049,303 | ---- | M] () (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\extensions\{4c7097f7-08f2-4ef2-9b9f-f95fa4cbb064}.xpi
[2014/03/26 09:31:29 | 000,537,316 | ---- | M] () (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2014/03/03 08:49:36 | 000,957,290 | ---- | M] () (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/01/01 20:22:26 | 001,379,656 | R--- | M] () (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\extensions\{D46E8522-6E86-44b1-A622-58C0668AD78E}.xpi
[2014/03/18 08:57:26 | 000,002,273 | ---- | M] () -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\searchplugins\bingp.xml
[2014/04/13 10:11:21 | 000,001,874 | ---- | M] () -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\searchplugins\duckduckgo.xml
[2014/04/13 10:11:50 | 000,002,047 | ---- | M] () -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\searchplugins\goodsearch.xml
[2013/10/24 19:02:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/10/24 19:02:36 | 000,000,000 | ---D | M] (Iconix) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{852B9B5F-E8A7-49b4-B7C3-79A3E8A829F6}
[2013/10/24 19:02:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/10/24 19:02:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2014/04/12 13:30:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/04/12 13:30:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/11/29 10:35:57 | 000,000,000 | ---D | M] (Download Accelerator Plus (DAP) extension) -- H:\PROGRAM FILES (X86)\DAP\DAPFIREFOX
[2013/11/29 10:35:58 | 000,000,000 | ---D | M] (DAP Link Checker) -- H:\PROGRAM FILES (X86)\DAP\DAPLINKCHECKER
[2013/02/23 09:36:00 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll
[2012/03/20 16:58:32 | 000,196,448 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npIconixProxy110.dll
[2013/02/22 08:04:42 | 000,000,628 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\adawaretb.xml
[2012/11/11 10:26:05 | 000,123,159 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\testlog.txt
[2012/07/11 14:26:14 | 000,001,068 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahootc.xml

========== Chrome ==========

CHR - default_search_provider: GoodSearch (Enabled)
CHR - default_search_provider: search_url = http://www.goodsearc...erms}<br /> CHR - default_search_provider: suggest_url = \u0000,
CHR - homepage: http://www.bing.com/?pc=U161
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Otie\AppData\Local\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Otie\AppData\Local\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Otie\AppData\Local\Google\Chrome\Application\34.0.1847.116\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: eMail ID (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npIconixProxy110.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Nitro PDF plugin for Firefox and Chrome (Enabled) = C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll
CHR - plugin: Windows LiveÃ⢠Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: PCShow Player Plugin (Enabled) = C:\Users\Otie\AppData\Local\DIRECTV Player\npPlayerPlugin.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Otie\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll
CHR - plugin: Pixelplan Web Viewer (Enabled) = C:\Users\Otie\AppData\Roaming\Pixelplan\Pixelplan O4C Viewer Web\1.2.7\npPIXELPLANWebViewer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Xmarks Bookmark Sync = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.28_0\
CHR - Extension: Theme Creator = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc\2.5_0\
CHR - Extension: TechSmith Snagit (Extension) = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\annopcfmbiofommjmcmcfmhklhgbhkce\1.2.2.32_0\
CHR - Extension: TechSmith Snagit (Extension) = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\annopcfmbiofommjmcmcfmhklhgbhkce\1.2.3.33_0\
CHR - Extension: Google Docs = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Spider Solitaire = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcopgabdbdohekgeabpbfhledmdahkpe\1.0.2_0\
CHR - Extension: YouTube = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Switchmark = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnocffbiglfjjcgmifcampfmcbkfbhgc\1.2_0\
CHR - Extension: Freecell Solitaire = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabpjbpfakfhcfidnjahmdophhihafkh\1.0.0.3_0\
CHR - Extension: Adblock Plus = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\
CHR - Extension: Google Santa Tracker 2012 Theme = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgmkeoaheilhpfachlmmonhnapbjaijf\1.2_0\
CHR - Extension: OneFeed = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cidjbmjjebfhfjodbphfklcmknafddmb\1.2.0.0_0\
CHR - Extension: Weebly - Website Builder = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnocophcbjfiimmnhlhleaooedeheifb\1.0.5_0\
CHR - Extension: Christmas Mahjong = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coconnhpdpfcoglmhjniaoipnmklkmhf\1.0.0.4_0\
CHR - Extension: Google Search = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Winter Mahjong = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddmhicnhpjfpgmcebbidppnammjebnkp\1.0.0.7_0\
CHR - Extension: Christmas Solitiare = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhcbjomfajlnldboplncbdhmdaagcpln\1.0.0.2_0\
CHR - Extension: Word Search = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnjkggjhcbohgnikmegjkodmakmimlkj\1.0.0.1_0\
CHR - Extension: Word Search = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnjkggjhcbohgnikmegjkodmakmimlkj\1.0.0.1_0\~
CHR - Extension: Spotflux Lite = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcakbkpmlidimpglgiaclbpgbedlmpfl\0.9_0\
CHR - Extension: Download Accelerator Plus (DAP) = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\2.1.0.1_0\
CHR - Extension: AdBlock = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\
CHR - Extension: media enhance = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.77_0\crossrider
CHR - Extension: media enhance = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo\1.26.77_0\
CHR - Extension: FastestFox for Chrome = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\8.0.9_0\
CHR - Extension: Onlive Clock = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\moddbcckaikhdnigidfcmaeelcobchpm\1.1_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_1\
CHR - Extension: Pocket (formerly Read It Later) = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj\1.7.0_0\
CHR - Extension: Pocket (formerly Read It Later) = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj\1.7.1_0\
CHR - Extension: Google Wallet = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: RoboForm = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob\7.9.4.4_0\

O1 HOSTS File: ([2013/08/31 12:05:56 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Shareaza Web Download Hook) - {0EEDB912-C5FA-486F-8334-57288578C627} - E:\Program Files\Shareaza\RazaWebHook64.dll (Shareaza Development Team)
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
O2:64bit: - BHO: (media enhance) - {11111111-1111-1111-1111-110411411150} - C:\Program Files (x86)\media enhance\media enhance-bho64.dll (freeven)
O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:64bit: - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (ClassicIEBHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
O2 - BHO: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - Reg Error: Value error. File not found
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Sticky Password Toolbar) - {AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - C:\Program Files (x86)\Sticky Password\spIEBho.dll (Lamantine Software a.s.)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SpeedBit Link Verification Helper) - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - H:\Program Files (x86)\DAP\LinkVerifier.dll (Speedbit Ltd.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DAPIELoader Class) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - H:\Program Files (x86)\DAP\dapieloader.dll (SpeedBit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O3:64bit: - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (CaptureSaver) - {5148AB7D-8868-4490-B6DA-F98368488582} - H:\Program Files (x86)\CaptureSaver\CaptureSaverIE.dll (www.capturesaver.com)
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Sticky Password Toolbar) - {AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - C:\Program Files (x86)\Sticky Password\spIEBho.dll (Lamantine Software a.s.)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4:64bit: - HKLM..\Run: [] File not found
O4:64bit: - HKLM..\Run: [AdAwareTray] C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe ()
O4:64bit: - HKLM..\Run: [Ashampoo HDD-Control 2 Guard] H:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe (Ashampoo Development GmbH & Co. KG)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [emsisoft anti-malware] c:\program files (x86)\emsisoft anti-malware\a2guard.exe (Emsisoft GmbH)
O4 - HKCU..\Run: [Amigabit Powerbooster Tray] H:\Program Files (x86)\Amigabit Powerbooster\Tray.exe (Amigabit)
O4 - HKCU..\Run: [DownloadAccelerator] H:\Program Files (x86)\DAP\DAP.EXE (Speedbit Ltd.)
O4 - HKCU..\Run: [EarthAlerts] C:\Program Files (x86)\Earth Alerts\EarthAlerts.exe (South Wind Technologies)
O4 - HKCU..\Run: [RoboForm] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe (Siber Systems)
O4 - HKCU..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_77_Plugin.exe (Adobe Systems Incorporated)
O4 - Startup: C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FSL Launcher.lnk = H:\Program Files (x86)\FSL\FSL_Launcher\FSL_Launcher.exe (FSL - FreeSoftLand)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8:64bit: - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files (x86)\IncrediMail\Bin\resources\WebMenuImg.htm ()
O8:64bit: - Extra context menu item: &Clean Traces - Reg Error: Value error. File not found
O8:64bit: - Extra context menu item: &Download with &DAP - H:\Program Files (x86)\DAP\dapextie.htm ()
O8:64bit: - Extra context menu item: &Download with DAM - H:\Program Files (x86)\Tensons\Download Accelerator Manager\\addUrl.htm ()
O8:64bit: - Extra context menu item: &Verify with DAP - H:\Program Files (x86)\DAP\dapverify.htm ()
O8:64bit: - Extra context menu item: Add to CaptureSaver - H:\Program Files (x86)\CaptureSaver\\AddFromIE.htm ()
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Block frame with Ad Muncher - http://www.admuncher...d=menu_ie_frame File not found
O8:64bit: - Extra context menu item: Block image with Ad Muncher - http://www.admuncher...d=menu_ie_image File not found
O8:64bit: - Extra context menu item: Block link with Ad Muncher - http://www.admuncher...id=menu_ie_link File not found
O8:64bit: - Extra context menu item: Customize Menu - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html File not found
O8:64bit: - Extra context menu item: Don't filter page with Ad Muncher - http://www.admuncher...menu_ie_exclude File not found
O8:64bit: - Extra context menu item: Download &All with DAM - H:\Program Files (x86)\Tensons\Download Accelerator Manager\\addAllUrls.htm ()
O8:64bit: - Extra context menu item: Download &all with DAP - H:\Program Files (x86)\DAP\dapextie2.htm ()
O8:64bit: - Extra context menu item: Download with &Shareaza - E:\Program Files\Shareaza\RazaWebHook64.dll (Shareaza Development Team)
O8:64bit: - Extra context menu item: Download with Mipony - H:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
O8:64bit: - Extra context menu item: Fill Forms - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html File not found
O8:64bit: - Extra context menu item: Free YouTube Download - Reg Error: Value error. File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - Reg Error: Value error. File not found
O8:64bit: - Extra context menu item: Report page to the Ad Muncher developers - http://www.admuncher...=menu_ie_report File not found
O8:64bit: - Extra context menu item: Run DAM Media&Grabber - H:\Program Files (x86)\Tensons\Download Accelerator Manager\\runMg.htm ()
O8:64bit: - Extra context menu item: Save Forms - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html File not found
O8:64bit: - Extra context menu item: Search Using Copernic Agent - Reg Error: Value error. File not found
O8:64bit: - Extra context menu item: Show RoboForm Toolbar - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html File not found
O8:64bit: - Extra context menu item: Sticky Password - C:\Program Files (x86)\Sticky Password\spIEBho.dll (Lamantine Software a.s.)
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files (x86)\IncrediMail\Bin\resources\WebMenuImg.htm ()
O8 - Extra context menu item: &Clean Traces - Reg Error: Value error. File not found
O8 - Extra context menu item: &Download with &DAP - H:\Program Files (x86)\DAP\dapextie.htm ()
O8 - Extra context menu item: &Download with DAM - H:\Program Files (x86)\Tensons\Download Accelerator Manager\\addUrl.htm ()
O8 - Extra context menu item: &Verify with DAP - H:\Program Files (x86)\DAP\dapverify.htm ()
O8 - Extra context menu item: Add to CaptureSaver - H:\Program Files (x86)\CaptureSaver\\AddFromIE.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Block frame with Ad Muncher - http://www.admuncher...d=menu_ie_frame File not found
O8 - Extra context menu item: Block image with Ad Muncher - http://www.admuncher...d=menu_ie_image File not found
O8 - Extra context menu item: Block link with Ad Muncher - http://www.admuncher...id=menu_ie_link File not found
O8 - Extra context menu item: Customize Menu - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html File not found
O8 - Extra context menu item: Don't filter page with Ad Muncher - http://www.admuncher...menu_ie_exclude File not found
O8 - Extra context menu item: Download &All with DAM - H:\Program Files (x86)\Tensons\Download Accelerator Manager\\addAllUrls.htm ()
O8 - Extra context menu item: Download &all with DAP - H:\Program Files (x86)\DAP\dapextie2.htm ()
O8 - Extra context menu item: Download with &Shareaza - E:\Program Files\Shareaza\RazaWebHook64.dll (Shareaza Development Team)
O8 - Extra context menu item: Download with Mipony - H:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
O8 - Extra context menu item: Fill Forms - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html File not found
O8 - Extra context menu item: Free YouTube Download - Reg Error: Value error. File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - Reg Error: Value error. File not found
O8 - Extra context menu item: Report page to the Ad Muncher developers - http://www.admuncher...=menu_ie_report File not found
O8 - Extra context menu item: Run DAM Media&Grabber - H:\Program Files (x86)\Tensons\Download Accelerator Manager\\runMg.htm ()
O8 - Extra context menu item: Save Forms - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html File not found
O8 - Extra context menu item: Search Using Copernic Agent - Reg Error: Value error. File not found
O8 - Extra context menu item: Show RoboForm Toolbar - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html File not found
O8 - Extra context menu item: Sticky Password - C:\Program Files (x86)\Sticky Password\spIEBho.dll (Lamantine Software a.s.)
O9:64bit: - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O9:64bit: - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - Reg Error: Value error. File not found
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: CaptureSaver - {3BD9DD3E-F9B6-45b9-9ED3-5E1980C2686F} - H:\Program Files (x86)\CaptureSaver\CaptureSaverIE.dll (www.capturesaver.com)
O9 - Extra 'Tools' menuitem : CaptureSaver - {3BD9DD3E-F9B6-45b9-9ED3-5E1980C2686F} - Reg Error: Value error. File not found
O9 - Extra Button: Dashlane Button - {40354A83-504E-4611-ACAE-3D137F6F595E} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
O15 - HKCU\..Trusted Domains: magicjack.com ([my] * in Trusted sites)
O15 - HKCU\..Trusted Domains: talk4free.com ([reg] * in Trusted sites)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} Reg Error: Value error. (SpinTop DRM Control)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell...r/SysProExe.CAB (WMI Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} Reg Error: Value error. (ArmHelper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B0FFB9F-5F89-4B27-B073-20EA5C236F4B}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CE8307D0-C892-480B-BD3A-899D1DFCC9DA}: NameServer = 127.0.0.1
O18:64bit: - Protocol\Handler\belarc - No CLSID value found
O18:64bit: - Protocol\Handler\copernicagent - No CLSID value found
O18:64bit: - Protocol\Handler\copernicagentcache - No CLSID value found
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\intu-help-qb4 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\copernicagent {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - Reg Error: Value error. File not found
O18 - Protocol\Handler\copernicagentcache {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - Reg Error: Value error. File not found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - Reg Error: Value error. File not found
O18 - Protocol\Handler\intu-help-qb4 {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - Reg Error: Value error. File not found
O20 - AppInit_DLLs: (C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll) - File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (c:\program files\soluto\soluto.exe /userinit) - c:\program files\soluto\soluto.exe (Soluto)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Value error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/04/10 06:54:54 | 000,010,035 | ---- | M] () - C:\autoupdate.log -- [ NTFS ]
O33 - MountPoints2\{7b761033-5086-11e1-9466-180373df15a5}\Shell - "" = AutoRun
O33 - MountPoints2\{7b761033-5086-11e1-9466-180373df15a5}\Shell\AutoRun\command - "" = J:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (Partizan)
O34 - HKLM BootExecute: (otExecute settings...)
O34 - HKLM BootExecute: (ountPo)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/04/13 10:42:11 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Otie\Desktop\OTL.exe
[2014/04/11 06:20:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aurora
[2014/04/10 07:23:00 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jane Angel 2 - Fallen Heaven Premium Edition
[2014/04/10 07:22:13 | 000,000,000 | ---D | C] -- C:\Windows\Jane Angel 2 - Fallen Heaven Premium Edition
[2014/04/06 12:35:37 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\HomeMakeover
[2014/04/06 06:46:19 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\Alawar Entertainment
[2014/04/05 18:45:22 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hidden Object - Home Makeover
[2014/04/05 18:34:43 | 000,000,000 | ---D | C] -- C:\Windows\Hidden Object - Home Makeover
[2014/04/05 11:53:14 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\Systweak
[2014/04/05 11:53:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Systweak
[2014/04/03 07:58:02 | 002,101,848 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2014/04/03 07:58:00 | 002,770,976 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2014/04/03 07:58:00 | 002,037,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2014/04/03 07:58:00 | 001,033,304 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2014/04/02 00:16:08 | 000,000,000 | ---D | C] -- C:\FRST
[2014/04/01 19:40:42 | 000,000,000 | ---D | C] -- C:\EEK
[2014/04/01 19:36:50 | 002,157,056 | ---- | C] (Farbar) -- C:\Users\Otie\Desktop\FRST64.exe
[2014/04/01 19:35:50 | 000,000,000 | ---D | C] -- C:\New folder
[2014/03/31 11:49:33 | 000,040,720 | ---- | C] (Greatis Software) -- C:\Windows\SysNative\Partizan.exe
[2014/03/31 11:21:31 | 000,035,816 | ---- | C] (Greatis Software) -- C:\Windows\SysWow64\drivers\Partizan.sys
[2014/03/31 10:48:37 | 000,012,800 | ---- | C] (Greatis Software, LLC.) -- C:\Windows\SysWow64\drivers\UnHackMeDrv.sys
[2014/03/31 10:48:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
[2014/03/31 09:38:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/03/31 09:33:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/03/31 09:33:34 | 000,088,280 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/03/31 09:33:34 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/03/31 09:33:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/03/31 09:21:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2014/03/31 09:21:24 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2014/03/31 09:10:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lavasoft
[2014/03/30 09:08:30 | 000,070,768 | ---- | C] (Nalpeiron Ltd.) -- C:\Windows\SysWow64\nlssrv32.exe
[2014/03/30 09:08:30 | 000,070,768 | ---- | C] (Nalpeiron Ltd.) -- C:\Windows\SysNative\nlssrv32.exe
[2014/03/30 09:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\onOne Software
[2014/03/29 16:09:59 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bridge to Another World - Burnt Dreams Collectors Edition
[2014/03/29 16:03:20 | 000,000,000 | ---D | C] -- C:\Windows\Bridge to Another World - Burnt Dreams Collectors Edition
[2014/03/28 19:19:20 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Emberwing - Lost Legacy Collectors Edition
[2014/03/28 19:17:46 | 000,000,000 | ---D | C] -- C:\Windows\Emberwing - Lost Legacy Collectors Edition
[2014/03/28 19:02:41 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vacation Adventures - Park Ranger 2
[2014/03/28 19:02:24 | 000,000,000 | ---D | C] -- C:\Windows\Vacation Adventures - Park Ranger 2
[2014/03/25 17:56:32 | 000,000,000 | ---D | C] -- C:\Users\Otie\Documents\Amazing Slideshow Maker
[2014/03/22 08:41:13 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\CodeFluent.View
[2014/03/22 08:40:55 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\CodeFluent.Modeler.Portable
[2014/03/22 08:39:04 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Local\SoftFluent
[2014/03/19 17:24:35 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2014/03/19 17:24:09 | 000,034,544 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys
[2014/03/18 12:42:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoolz
[2014/03/18 09:03:38 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/03/18 08:57:27 | 000,000,000 | ---D | C] -- C:\history
[2014/03/18 08:56:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing Desktop
[2014/03/17 09:05:29 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\FamilyTreeMaker
[2014/03/17 08:21:59 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Local\Sanwhole
[2014/03/17 08:11:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftOrbits Icon Maker
[2014/03/16 07:39:31 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Local\Tuguu_SL
[2014/03/16 07:39:04 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Local\newplayer
[2014/03/16 07:39:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer
[2014/03/16 07:38:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NewPlayer
[2014/03/16 07:38:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\media enhance
[2014/03/15 08:28:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amigabit Powerbooster
[2011/11/25 12:44:22 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Otie\AppData\Roaming\pcouffin.sys
[2011/04/18 22:51:20 | 000,653,136 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\MSVCR90.dll
[2011/04/18 22:51:20 | 000,569,680 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\MSVCP90.dll
[2010/12/16 21:39:36 | 000,302,592 | ---- | C] (Google) -- C:\Program Files (x86)\Common Files\webmmux.dll
[2010/12/16 21:39:16 | 000,701,440 | ---- | C] (Google) -- C:\Program Files (x86)\Common Files\vp8encoder.dll
[2010/12/16 21:39:16 | 000,412,672 | ---- | C] (Google) -- C:\Program Files (x86)\Common Files\vp8decoder.dll
[2010/12/16 21:39:14 | 000,292,352 | ---- | C] (Google) -- C:\Program Files (x86)\Common Files\webmsplit.dll
[7 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[17 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/04/13 10:41:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Otie\Desktop\OTL.exe
[2014/04/13 10:07:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/13 10:06:51 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2573087068-2607692701-1072482724-1000UA.job
[2014/04/13 10:00:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/04/13 09:50:00 | 000,000,302 | ---- | M] () -- C:\Windows\tasks\DigitalSite.job
[2014/04/13 09:21:00 | 000,001,896 | ---- | M] () -- C:\Windows\tasks\Safe Saver-chromeinstaller.job
[2014/04/13 09:21:00 | 000,001,820 | ---- | M] () -- C:\Windows\tasks\Safe Saver-firefoxinstaller.job
[2014/04/13 09:21:00 | 000,001,190 | ---- | M] () -- C:\Windows\tasks\Safe Saver-codedownloader.job
[2014/04/13 09:21:00 | 000,001,186 | ---- | M] () -- C:\Windows\tasks\Safe Saver-updater.job
[2014/04/13 09:21:00 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\Safe Saver-enabler.job
[2014/04/13 07:39:00 | 000,001,536 | ---- | M] () -- C:\Windows\tasks\media enhance-updater.job
[2014/04/13 07:38:03 | 000,003,098 | ---- | M] () -- C:\Windows\tasks\media enhance-chromeinstaller.job
[2014/04/13 07:38:00 | 000,002,318 | ---- | M] () -- C:\Windows\tasks\media enhance-firefoxinstaller.job
[2014/04/13 07:38:00 | 000,001,490 | ---- | M] () -- C:\Windows\tasks\media enhance-codedownloader.job
[2014/04/13 07:38:00 | 000,001,390 | ---- | M] () -- C:\Windows\tasks\media enhance-enabler.job
[2014/04/12 23:06:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2573087068-2607692701-1072482724-1000Core.job
[2014/04/12 20:30:00 | 000,000,508 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 39c4d925-a8d1-4f3e-b1c2-2488c829fed5.job
[2014/04/12 14:18:00 | 000,000,290 | ---- | M] () -- C:\Windows\tasks\DLL-Files.Com Fixer_Updates.job
[2014/04/12 14:14:24 | 000,000,029 | ---- | M] () -- C:\Windows\popcinfo.dat
[2014/04/12 13:45:00 | 000,000,360 | -H-- | M] () -- C:\Windows\tasks\spotfluxupdater.job
[2014/04/12 13:30:17 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/04/12 10:03:51 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\GlaryUpdate 4.job
[2014/04/11 00:00:35 | 000,028,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/11 00:00:35 | 000,028,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/10 07:23:00 | 000,001,132 | ---- | M] () -- C:\Users\Otie\Desktop\Jane Angel 2 - Fallen Heaven Premium Edition.lnk
[2014/04/10 06:58:36 | 000,787,576 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/04/10 06:58:36 | 000,665,778 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/04/10 06:58:36 | 000,123,328 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/04/10 06:55:49 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize 4.job
[2014/04/10 06:54:45 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\ResourceMonitor.job
[2014/04/10 06:54:45 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2014/04/09 21:13:16 | 000,011,118 | RH-- | M] () -- C:\farstone_pe.letter
[2014/04/09 21:11:24 | 000,681,888 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/04/09 21:10:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/09 19:08:16 | 000,002,331 | ---- | M] () -- C:\Users\Otie\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/04/09 19:08:16 | 000,002,329 | ---- | M] () -- C:\Users\Otie\Desktop\Google Chrome.lnk
[2014/04/08 07:18:02 | 000,000,458 | ---- | M] () -- C:\Windows\tasks\ASO-AutoCheckUpdate7Days.job
[2014/04/06 06:43:14 | 000,000,665 | ---- | M] () -- C:\Users\Otie\Desktop\StickyLinky - Shortcut.lnk
[2014/04/05 18:45:22 | 000,001,016 | ---- | M] () -- C:\Users\Otie\Desktop\Hidden Object - Home Makeover.lnk
[2014/04/03 07:58:02 | 002,101,848 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2014/04/03 07:58:01 | 000,757,301 | ---- | M] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2014/04/03 07:58:00 | 002,770,976 | ---- | M] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2014/04/03 07:58:00 | 002,037,336 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2014/04/03 07:58:00 | 001,033,304 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2014/04/02 18:22:58 | 000,000,428 | ---- | M] () -- C:\Windows\tasks\ASO-OneClickCare.job
[2014/04/02 14:18:00 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\DLL-Files.Com Fixer_MONTHLY.job
[2014/04/01 19:40:48 | 000,000,548 | ---- | M] () -- C:\Users\Otie\Desktop\Emsisoft Emergency Kit.lnk
[2014/04/01 19:37:16 | 225,112,864 | ---- | M] () -- C:\Users\Otie\Desktop\EmsisoftEmergencyKit.exe
[2014/04/01 19:36:59 | 002,157,056 | ---- | M] (Farbar) -- C:\Users\Otie\Desktop\FRST64.exe
[2014/03/31 11:49:33 | 000,040,720 | ---- | M] (Greatis Software) -- C:\Windows\SysNative\Partizan.exe
[2014/03/31 11:21:33 | 000,000,002 | RHS- | M] () -- C:\Windows\winstart.bat
[2014/03/31 11:21:33 | 000,000,002 | RHS- | M] () -- C:\Windows\SysWow64\CONFIG.NT
[2014/03/31 11:21:33 | 000,000,002 | RHS- | M] () -- C:\Windows\SysWow64\AUTOEXEC.NT
[2014/03/31 11:21:31 | 000,035,816 | ---- | M] (Greatis Software) -- C:\Windows\SysWow64\drivers\Partizan.sys
[2014/03/31 10:50:01 | 000,000,163 | ---- | M] () -- C:\Users\Otie\AppData\Roaming\WB.CFG
[2014/03/31 10:48:37 | 000,001,112 | ---- | M] () -- C:\Users\Otie\Desktop\UnHackMe.lnk
[2014/03/31 09:38:56 | 000,001,072 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/03/31 09:33:37 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/03/31 09:30:55 | 000,001,317 | ---- | M] () -- C:\Users\Public\Desktop\Media Player Classic.lnk
[2014/03/31 09:21:42 | 000,001,355 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014/03/31 09:15:19 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/30 09:09:49 | 000,001,949 | ---- | M] () -- C:\Users\Public\Desktop\Perfect Effects 8.lnk
[2014/03/27 12:55:26 | 000,012,800 | ---- | M] (Greatis Software, LLC.) -- C:\Windows\SysWow64\drivers\UnHackMeDrv.sys
[2014/03/26 19:10:49 | 000,221,384 | ---- | M] () -- C:\Users\Otie\Documents\Family+Fun+Pool+Schedule+3.3.14.pdf
[2014/03/26 19:02:15 | 000,001,165 | ---- | M] () -- C:\Users\Otie\Desktop\MiniLyrics - Shortcut.lnk
[2014/03/26 19:01:02 | 000,001,327 | ---- | M] () -- C:\Users\Otie\Desktop\ASMaker - Shortcut.lnk
[2014/03/26 18:45:49 | 000,001,184 | ---- | M] () -- C:\Users\Public\Desktop\Driver Booster.lnk
[2014/03/25 17:59:14 | 000,000,153 | ---- | M] () -- C:\Users\Otie\Desktop\Glarysoft Giveaway.url
[2014/03/24 12:00:47 | 000,338,385 | ---- | M] () -- C:\Users\Otie\Through Feb 2014.amk
[2014/03/24 08:49:04 | 000,000,000 | ---- | M] () -- C:\END
[2014/03/24 08:14:40 | 000,000,214 | ---- | M] () -- C:\Users\Public\Desktop\Your Software Deals.url
[2014/03/22 08:40:33 | 000,001,830 | ---- | M] () -- C:\Users\Otie\Desktop\CodeFluent.View - Shortcut.lnk
[2014/03/22 08:40:21 | 000,001,950 | ---- | M] () -- C:\Users\Otie\Desktop\CodeFluent.Modeler.Portable - Shortcut.lnk
[2014/03/22 08:38:55 | 000,001,841 | ---- | M] () -- C:\Users\Otie\Desktop\CodeFluent.Build - Shortcut.lnk
[2014/03/20 09:21:00 | 000,779,698 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/03/19 20:25:41 | 000,001,572 | ---- | M] () -- C:\Windows\HRMY98.MIF
[2014/03/19 17:39:08 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/03/19 17:35:15 | 000,002,260 | ---- | M] () -- C:\Windows\SysNative\ASOROSet.bin
[2014/03/19 17:25:00 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ICCWDT_01009.Wdf
[2014/03/19 17:24:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
[2014/03/18 12:42:44 | 000,000,954 | ---- | M] () -- C:\Users\Otie\Desktop\Zoolz.lnk
[2014/03/18 08:59:25 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/03/18 08:59:24 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/03/17 08:11:32 | 000,000,720 | ---- | M] () -- C:\Users\Otie\Desktop\SoftOrbits Icon Maker.lnk
[2014/03/16 07:39:00 | 000,001,119 | ---- | M] () -- C:\Users\Public\Desktop\NewPlayer.lnk
[2014/03/15 12:28:01 | 000,000,635 | ---- | M] () -- C:\Users\Otie\Desktop\My DAP Downloads.lnk
[2014/03/15 08:28:39 | 000,000,823 | ---- | M] () -- C:\Users\Public\Desktop\Amigabit Powerbooster.lnk
[7 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]
[17 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\*.tmp files -> C:\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/04/12 13:30:17 | 000,001,171 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/04/10 07:23:00 | 000,001,132 | ---- | C] () -- C:\Users\Otie\Desktop\Jane Angel 2 - Fallen Heaven Premium Edition.lnk
[2014/04/09 21:13:12 | 000,011,118 | RH-- | C] () -- C:\farstone_pe.letter
[2014/04/06 06:43:14 | 000,000,665 | ---- | C] () -- C:\Users\Otie\Desktop\StickyLinky - Shortcut.lnk
[2014/04/05 18:45:22 | 000,001,016 | ---- | C] () -- C:\Users\Otie\Desktop\Hidden Object - Home Makeover.lnk
[2014/04/03 07:58:01 | 000,757,301 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2014/04/01 19:40:48 | 000,000,548 | ---- | C] () -- C:\Users\Otie\Desktop\Emsisoft Emergency Kit.lnk
[2014/04/01 19:35:06 | 225,112,864 | ---- | C] () -- C:\Users\Otie\Desktop\EmsisoftEmergencyKit.exe
[2014/03/31 11:21:33 | 000,000,002 | RHS- | C] () -- C:\Windows\winstart.bat
[2014/03/31 11:21:33 | 000,000,002 | RHS- | C] () -- C:\Windows\SysWow64\CONFIG.NT
[2014/03/31 11:21:33 | 000,000,002 | RHS- | C] () -- C:\Windows\SysWow64\AUTOEXEC.NT
[2014/03/31 10:48:37 | 000,001,112 | ---- | C] () -- C:\Users\Otie\Desktop\UnHackMe.lnk
[2014/03/31 09:38:56 | 000,001,072 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/03/31 09:31:00 | 000,001,317 | ---- | C] () -- C:\Users\Public\Desktop\Media Player Classic.lnk
[2014/03/31 09:21:42 | 000,001,355 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014/03/30 09:09:49 | 000,001,949 | ---- | C] () -- C:\Users\Public\Desktop\Perfect Effects 8.lnk
[2014/03/26 19:10:49 | 000,221,384 | ---- | C] () -- C:\Users\Otie\Documents\Family+Fun+Pool+Schedule+3.3.14.pdf
[2014/03/26 19:02:15 | 000,001,165 | ---- | C] () -- C:\Users\Otie\Desktop\MiniLyrics - Shortcut.lnk
[2014/03/26 19:01:02 | 000,001,327 | ---- | C] () -- C:\Users\Otie\Desktop\ASMaker - Shortcut.lnk
[2014/03/24 12:00:47 | 000,338,385 | ---- | C] () -- C:\Users\Otie\Through Feb 2014.amk
[2014/03/22 08:40:33 | 000,001,830 | ---- | C] () -- C:\Users\Otie\Desktop\CodeFluent.View - Shortcut.lnk
[2014/03/22 08:40:21 | 000,001,950 | ---- | C] () -- C:\Users\Otie\Desktop\CodeFluent.Modeler.Portable - Shortcut.lnk
[2014/03/22 08:38:55 | 000,001,841 | ---- | C] () -- C:\Users\Otie\Desktop\CodeFluent.Build - Shortcut.lnk
[2014/03/19 17:28:41 | 000,002,260 | ---- | C] () -- C:\Windows\SysNative\ASOROSet.bin
[2014/03/19 17:25:00 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ICCWDT_01009.Wdf
[2014/03/19 17:24:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
[2014/03/18 08:59:25 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/03/18 08:59:24 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2014/03/17 08:11:32 | 000,000,720 | ---- | C] () -- C:\Users\Otie\Desktop\SoftOrbits Icon Maker.lnk
[2014/03/16 07:39:01 | 000,001,536 | ---- | C] () -- C:\Windows\tasks\media enhance-updater.job
[2014/03/16 07:39:00 | 000,001,119 | ---- | C] () -- C:\Users\Public\Desktop\NewPlayer.lnk
[2014/03/16 07:38:58 | 000,001,390 | ---- | C] () -- C:\Windows\tasks\media enhance-enabler.job
[2014/03/16 07:38:56 | 000,001,490 | ---- | C] () -- C:\Windows\tasks\media enhance-codedownloader.job
[2014/03/16 07:38:53 | 000,002,318 | ---- | C] () -- C:\Windows\tasks\media enhance-firefoxinstaller.job
[2014/03/16 07:38:50 | 000,003,098 | ---- | C] () -- C:\Windows\tasks\media enhance-chromeinstaller.job
[2014/03/16 07:37:45 | 000,000,000 | ---- | C] () -- C:\END
[2014/03/15 08:28:39 | 000,000,823 | ---- | C] () -- C:\Users\Public\Desktop\Amigabit Powerbooster.lnk
[2014/02/07 07:34:19 | 000,000,023 | ---- | C] () -- C:\Windows\SysWow64\AmigabitPowerboosterTrial.dll
[2014/02/05 09:52:07 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/02/03 08:20:00 | 000,000,044 | ---- | C] () -- C:\ProgramData\{3D55D1F4-1059-11DC-B281-197056D89593}
[2014/01/04 08:48:35 | 000,000,010 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\pdfdrawcodec.dll
[2014/01/03 08:39:54 | 002,499,656 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2014/01/03 08:39:54 | 000,087,112 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2014/01/03 08:39:54 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2014/01/03 08:39:54 | 000,014,920 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2014/01/03 08:39:54 | 000,009,160 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2013/12/28 08:01:31 | 000,001,156 | ---- | C] () -- C:\Users\Otie\AppData\Local\Tenorshare Music Cleanup.dat
[2013/12/24 09:01:33 | 001,806,960 | ---- | C] () -- C:\Windows\ampa.exe
[2013/12/24 09:01:33 | 000,017,008 | ---- | C] () -- C:\Windows\SysWow64\ampa.sys
[2013/11/13 07:33:13 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dat
[2013/11/07 08:50:01 | 000,000,163 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\WB.CFG
[2013/09/22 21:32:55 | 000,000,000 | ---- | C] () -- C:\Windows\Game.INI
[2013/08/14 07:42:28 | 000,000,037 | -HS- | C] () -- C:\Users\Otie\AppData\Local\70149b02515b3bb20dd492.47983420
[2013/08/10 07:21:35 | 000,000,011 | ---- | C] () -- C:\Windows\mahjongg.INI
[2013/07/24 20:19:28 | 000,503,509 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\log.sflog
[2013/07/14 07:17:01 | 000,000,703 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\pdfsound.dll
[2013/07/14 07:17:01 | 000,000,053 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\setting.ini
[2013/07/14 07:17:01 | 000,000,043 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\setup_pdfrotator.ini
[2013/07/14 07:17:01 | 000,000,043 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\setup_pdfcombine.ini
[2013/07/14 07:17:01 | 000,000,030 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\setup.ini
[2013/07/14 07:17:01 | 000,000,014 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\options.ini
[2013/07/14 07:17:01 | 000,000,003 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\options_pdfrotator.ini
[2013/07/14 07:17:01 | 000,000,003 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\options_pdfcombine.ini
[2013/07/09 07:48:48 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2013/06/04 06:15:45 | 000,000,007 | ---- | C] () -- C:\Program Files (x86)\SysResources Managersyok12.dat
[2013/06/04 06:15:36 | 000,015,620 | ---- | C] () -- C:\Windows\SysWow64\SystemRs122.f.SYS
[2013/06/02 04:48:01 | 000,000,007 | ---- | C] () -- C:\Windows\sysres14.dat
[2013/05/15 23:32:24 | 000,056,072 | ---- | C] () -- C:\Windows\AUDBootDefrag.exe
[2013/04/13 15:37:45 | 000,019,634 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\UserTile.png
[2013/04/01 02:13:30 | 000,074,752 | ---- | C] () -- C:\Windows\vssMgr.exe
[2013/03/08 02:39:40 | 000,024,036 | ---- | C] () -- C:\Users\Otie\SDActivate.lng
[2013/01/17 06:45:19 | 000,000,176 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\Earthquakes Meter_Settings.ini
[2013/01/13 16:34:26 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\FileOps.exe
[2012/12/15 14:39:10 | 006,955,008 | ---- | C] () -- C:\Windows\SysWow64\common_res.dll
[2012/12/05 11:07:10 | 000,315,392 | ---- | C] () -- C:\Windows\SysWow64\EMRegSys.dll
[2012/12/03 08:39:46 | 000,000,567 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\burnaware.ini
[2012/11/30 08:05:25 | 000,163,123 | ---- | C] () -- C:\Windows\Animated Screensaver Maker Uninstaller.exe
[2012/11/26 07:38:28 | 000,000,000 | ---- | C] () -- C:\Windows\BanPrc.dat
[2012/11/26 07:37:31 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.Shell32.dll
[2012/11/26 07:37:31 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[2012/09/03 07:21:26 | 000,163,029 | ---- | C] () -- C:\Windows\DP Animation Maker Uninstaller.exe
[2012/08/15 13:38:15 | 000,109,256 | ---- | C] () -- C:\Windows\SysWow64\EasyHook64.dll
[2012/08/15 13:38:15 | 000,090,824 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll
[2012/07/21 08:34:27 | 000,000,008 | ---- | C] () -- C:\Windows\SysWow64\CA4DCE6217.sys
[2012/07/13 06:38:28 | 000,000,128 | ---- | C] () -- C:\ProgramData\avalon2.2_WIPE2012.ini
[2012/07/13 06:38:22 | 000,340,992 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll
[2012/07/13 06:38:20 | 000,340,992 | ---- | C] () -- C:\Windows\sqlite36_engine.dll
[2012/05/20 06:04:34 | 000,580,096 | ---- | C] () -- C:\Windows\SysWow64\lame.exe
[2012/05/20 06:04:34 | 000,484,352 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2012/05/20 06:04:34 | 000,307,200 | ---- | C] () -- C:\Windows\SysWow64\Mp3Ctrl.dll
[2012/05/20 06:04:34 | 000,131,176 | ---- | C] () -- C:\Windows\SysWow64\mp3gain.exe
[2012/05/20 06:04:34 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\akrip32.dll
[2012/05/20 06:04:31 | 000,003,180 | ---- | C] () -- C:\Users\Otie\AppData\Local\ZortamMp3MediaStudio.iss
[2012/05/11 14:16:16 | 000,171,520 | ---- | C] () -- C:\Program Files (x86)\Common Files\dsfOggDemux2.dll
[2012/04/25 20:35:19 | 000,000,074 | ---- | C] () -- C:\Windows\PBUpdate.ini
[2012/04/25 14:12:33 | 000,000,323 | ---- | C] () -- C:\Windows\WININIT.INI
[2012/04/21 11:19:23 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2012/04/20 09:33:41 | 000,000,297 | ---- | C] () -- C:\Users\Otie\SecurityKISSTunnel.config
[2012/03/29 16:42:18 | 000,007,633 | ---- | C] () -- C:\Users\Otie\AppData\Local\resmon.resmoncfg
[2012/03/05 12:07:06 | 000,000,684 | ---- | C] () -- C:\Users\Otie\AppData\Local\mcset.cfg
[2011/11/27 07:10:48 | 000,845,123 | ---- | C] () -- C:\Users\Otie\AppData\Local\census.cache
[2011/11/27 07:10:40 | 000,144,324 | ---- | C] () -- C:\Users\Otie\AppData\Local\ars.cache
[2011/11/27 07:02:25 | 000,000,036 | ---- | C] () -- C:\Users\Otie\AppData\Local\housecall.guid.cache
[2011/11/25 12:45:14 | 000,001,173 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\vso_ts_preview.xml
[2011/11/25 12:44:22 | 000,099,384 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\inst.exe
[2011/11/25 12:44:22 | 000,007,859 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\pcouffin.cat
[2011/11/25 12:44:22 | 000,001,167 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\pcouffin.inf
[2011/11/12 06:45:29 | 000,002,348 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2011/11/08 08:51:56 | 000,061,440 | ---- | C] () -- C:\Users\Otie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/12 02:00:44 | 000,030,208 | ---- | C] () -- C:\Program Files (x86)\Common Files\wmpinfo.dll
[2011/01/12 02:00:42 | 000,240,128 | ---- | C] () -- C:\Program Files (x86)\Common Files\dsfVorbisDecoder.dll
[2011/01/12 02:00:42 | 000,146,944 | ---- | C] () -- C:\Program Files (x86)\Common Files\dsfFLACDecoder.dll
[2011/01/12 02:00:40 | 000,221,184 | ---- | C] () -- C:\Program Files (x86)\Common Files\dsfFLACEncoder.dll
[2011/01/12 02:00:40 | 000,204,800 | ---- | C] () -- C:\Program Files (x86)\Common Files\dsfNativeFLACSource.dll

========== ZeroAccess Check ==========

[2011/11/09 19:12:03 | 000,000,000 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\L.gif
[2011/11/09 19:53:48 | 000,008,571 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\l.jpg
[2011/11/09 19:12:03 | 000,000,000 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\N.gif
[2011/11/09 19:12:03 | 000,029,054 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\U.gif
[2011/11/10 07:50:49 | 000,028,617 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{03DBA44B-040F-4010-86D4-4D91906E9120}\L.gif
[2011/11/10 07:50:49 | 000,029,054 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{07FB3302-348B-4ACA-94C0-255189AD8B3E}\U.gif
[2011/11/10 07:50:49 | 000,029,161 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{167209A4-644A-4381-AFF4-D5E0656FE819}\N.gif
[2011/11/09 22:00:08 | 000,000,000 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{376D2853-44FC-4745-988E-6005F8691813}\N.gif
[2011/11/09 22:00:08 | 000,000,000 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{5B603533-0FF5-4A1D-A84C-FACDCE9E7407}\L.gif
[2011/11/09 22:00:08 | 000,029,054 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{62CA621A-FC64-4998-A5E2-70084FBD85D2}\U.gif
[2011/11/09 20:17:48 | 000,028,617 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{8C96B714-BCD2-4C6E-9FFD-8A67C3EC9125}\L.gif
[2011/11/09 20:17:48 | 000,029,054 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{DB748AAC-D4BC-4213-BDEC-824AED1ED426}\U.gif
[2011/11/09 20:17:48 | 000,029,161 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{E90D0C93-1032-4866-90AD-0224CB48AD9B}\N.gif
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 22:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/11/07 07:50:10 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\0D0S1L2Z1P1B
[2013/12/13 13:26:05 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\1-abc
[2013/06/19 17:18:05 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\10tons
[2013/07/12 21:24:06 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\2monkeys
[2013/08/20 12:09:03 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\4 Friends Games
[2014/01/30 12:32:03 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\8floor
[2011/11/09 07:27:18 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\A4DeskPro
[2013/08/24 20:20:30 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Absolutist
[2012/01/19 22:23:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Acronis
[2012/04/21 11:19:22 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Adore Games
[2012/04/05 10:21:52 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\AdultAdvantage
[2014/02/03 08:21:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\AJ SQUARE INC
[2014/04/06 06:46:19 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Alawar Entertainment
[2013/08/24 19:18:25 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\AlawarEntertainment
[2012/03/21 08:32:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\AlwaysNeat
[2013/08/20 12:09:03 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Angler
[2013/08/20 12:13:06 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\AnnVideo
[2013/08/26 07:36:47 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Anvate Games
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Anvsoft
[2013/12/16 09:10:25 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Anyplace Control 4
[2013/10/20 10:16:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Apowersoft
[2013/11/20 17:47:38 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Applied Systems Ltd
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ArcticLine
[2012/08/11 13:11:06 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Arevan The Bitter Truth
[2013/12/12 17:06:14 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Argali
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Art Mahjongg Egypt
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Artifact Quest
[2013/07/30 18:08:14 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Artifex Mundi
[2013/05/04 07:57:18 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Artogon
[2014/01/25 07:56:05 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Ashampoo
[2013/06/26 20:22:57 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Ashampoo Slideshow Studio 2013
[2013/05/19 07:22:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Asterisk Password Decryptor
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Astro Gemini Software
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Atomic Alarm Clock 6
[2013/08/20 12:13:28 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Audacity
[2013/08/18 11:43:00 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Auslogics
[2012/07/12 06:25:57 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\AV Burning Pro
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Aveyond 3
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Awem
[2013/07/23 12:52:17 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Awesomium
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\B
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\BackToTheBeach
[2012/09/08 12:37:47 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\BackupSF
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\bicyclestudios
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Big Fish Games
[2012/04/15 18:52:38 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\bigwig_media
[2014/02/16 11:37:31 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\BlamGames
[2011/11/07 07:43:06 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Blio
[2013/02/15 15:34:24 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Blue Tea Games
[2013/07/18 12:53:58 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\BlueMountain.D47BD63EE77CC0AC7AE23BFA386A3F1EDA7C080D.1
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\BlueSprig
[2013/07/05 17:38:01 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Bmd
[2014/04/04 19:56:29 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Boomzap
[2013/11/02 10:12:36 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Brabl
[2014/01/22 11:38:23 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Brave Giant
[2013/12/11 16:51:42 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\BrightnessGuide
[2014/02/16 11:15:35 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\calibre
[2013/08/20 12:09:05 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Canneverbe Limited
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\CaptureSaver
[2013/11/24 12:58:06 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Casual Arts
[2013/12/25 12:13:42 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\casualArts
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Catalina Marketing Corp
[2013/04/14 16:49:15 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\cerasus.media
[2013/03/05 21:20:03 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\cerasus.media GmbH
[2013/06/20 19:23:13 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Chayowo Games
[2012/06/12 06:34:03 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ChemTable Software
[2013/10/30 19:32:31 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ClassicShell
[2013/08/20 12:13:07 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\CloneSpy
[2014/03/22 08:40:55 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\CodeFluent.Modeler.Portable
[2014/03/22 08:41:13 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\CodeFluent.View
[2012/04/02 14:09:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\CoffeeCup Software
[2013/02/05 18:53:55 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Color Brush
[2013/04/26 05:41:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\com.koingosw.DataGuardian
[2014/01/27 07:29:48 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\com.leawo.imediago
[2014/02/06 07:10:36 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\CommonDataMSI
[2013/08/20 12:13:07 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Copernic
[2012/10/09 06:32:16 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\DailyMagic
[2012/03/22 19:48:16 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Dark Blue Games
[2013/02/26 08:13:18 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Dashlane
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\DAZ 3D
[2014/01/21 08:54:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Deep Shadows
[2011/11/24 04:32:20 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Dexpot
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Digiarty
[2014/03/31 11:49:55 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\DIGITALSITES.del
[2013/08/29 20:04:30 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\DikobrazGames
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\DK Finder
[2013/03/22 07:03:07 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\DMCache
[2014/01/26 12:44:41 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\DominiGames
[2013/08/20 12:13:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Downloaded Installations
[2013/08/20 12:09:17 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Dragonshorn Studios
[2014/01/11 09:05:37 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Driver Magician
[2013/08/20 12:09:18 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Dropbox
[2014/02/01 15:26:24 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\DVDFab9
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\DVDVideoSoft
[2011/11/26 10:50:39 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\EA
[2014/04/13 10:51:14 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Earth Alerts
[2013/09/04 06:22:31 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Easy Query Builder
[2011/11/24 04:51:44 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Easy Watermark Studio
[2013/12/05 19:31:35 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\eDoc LLC
[2013/11/25 18:25:29 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\eGames
[2013/12/19 22:49:48 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Eipix
[2013/08/20 12:09:19 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\EleFun Games
[2014/01/01 20:50:44 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Elephant Games
[2013/08/20 12:13:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\EMCO
[2013/11/18 09:26:39 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\EnchantedCavern2
[2013/11/11 07:30:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Engelmann Media
[2013/08/07 15:13:47 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Enlightenus2_BFG
[2013/11/28 11:52:53 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\EQATEC Analytics
[2013/09/17 20:55:24 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ERS G-Studio
[2014/01/16 15:24:48 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ERS Game Studios
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\EurekaLog
[2013/11/15 07:30:37 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Eusing
[2014/01/22 20:55:17 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Eyeblaster
[2014/03/17 09:06:50 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\FamilyTreeMaker
[2013/10/05 18:26:29 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\FamilyVacationCalifornia
[2014/02/13 20:28:31 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Fanda Games
[2013/05/14 20:25:36 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\FarmMystery
[2013/12/08 21:41:52 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\FGS
[2012/11/06 15:54:51 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\FileOpen
[2011/11/03 13:22:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Fingertapps
[2013/03/02 20:53:05 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Floodlight Games
[2012/03/19 08:02:46 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Folder Scout Labs
[2013/11/15 15:05:53 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Foxit Software
[2013/01/16 14:36:48 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Free Download Manager
[2013/07/02 12:03:57 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Free Scan to PDF
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\FreeAudioPack
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\FreeBurner
[2014/02/20 08:06:05 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\FreeCDRipper
[2013/08/20 12:09:20 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Friday's games
[2012/06/21 07:58:22 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Frieger
[2013/10/08 11:19:11 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Fugazo
[2013/08/20 12:13:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\funkitron
[2013/11/26 10:05:19 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Funlinker
[2013/09/27 14:25:56 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Fuzzy Bug Interactive
[2013/12/12 16:50:41 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GameCards
[2014/01/09 17:41:46 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GameCartel
[2012/03/29 17:13:31 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GameHouse
[2013/01/01 09:34:35 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GameInvest
[2013/05/06 20:55:47 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GameMill Entertainment
[2013/08/20 12:09:20 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Genie-Soft
[2013/08/28 16:47:59 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Genie9
[2013/11/27 10:22:36 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Genimo
[2013/01/29 16:28:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Ghost Ship Studios
[2013/10/13 20:40:13 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GhostElisaCameron
[2012/09/16 14:23:43 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GhostFleet
[2012/11/03 06:24:40 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GirlsWithSecretsAdventure
[2013/12/25 08:30:09 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GlarySoft
[2014/03/26 11:08:49 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Glarysoft Giveaway
[2013/08/20 12:09:20 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Gogii
[2014/01/08 14:05:11 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Gogii Games
[2013/01/29 05:35:11 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Gold Casual Games
[2012/01/15 08:40:15 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Good Keywords v2
[2012/03/18 08:08:44 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GoodSync
[2011/11/09 10:28:33 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GottCode
[2013/08/20 12:09:20 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GrassGames
[2012/09/29 18:21:38 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GuardiansOfMagic
[2013/04/26 15:44:44 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Gunnar Games
[2013/09/12 17:39:19 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Hard Disk Sentinel
[2012/08/20 21:40:58 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\HdO Adventure
[2012/04/28 13:56:32 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\HitPoint Studios
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\holdkey
[2014/04/06 12:35:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\HomeMakeover
[2014/01/09 19:05:02 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Hoyle Card Games Vol. 4
[2014/02/17 09:58:30 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Hoyle FaceCreator
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Hoyle Puzzle and Board Games 2012
[2014/02/17 10:07:00 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Hoyle Slots volume 2
[2013/08/20 12:09:20 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Hulubulu
[2011/11/08 07:40:46 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\IBKPRO
[2014/02/06 07:09:52 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Iconico
[2012/03/20 16:58:13 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Iconix
[2012/10/24 07:45:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\images
[2014/02/20 08:40:37 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ImgBurn
[2013/09/05 08:15:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Intermedia Software
[2013/11/02 07:23:06 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\IObit
[2013/11/13 07:32:17 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\iolo
[2011/11/23 15:52:44 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\jAlbum
[2011/11/27 07:13:29 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\JAM Software
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\jdast
[2014/01/10 20:36:47 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\JetFun
[2012/11/27 08:23:32 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\KC Softwares
[2013/06/27 14:20:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Kingdom of Seven Seals
[2012/08/20 09:09:16 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\KLS Soft
[2013/05/05 07:10:34 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\KRyLack Archive Password Recovery
[2013/08/21 07:25:52 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Lamantine
[2013/06/07 16:40:15 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\LAVA SoftWorks
[2014/03/12 13:57:24 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Lazy Turtle Games
[2011/11/15 07:05:43 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Leadertech
[2013/12/23 07:45:35 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Leawo
[2013/11/24 10:11:40 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\LeeGT-Games
[2013/11/13 15:54:23 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Legacy Games
[2013/01/23 06:19:09 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\LifeSniffer
[2012/11/21 07:35:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Light Developer
[2013/05/25 13:50:28 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\LimeWire Music
[2013/11/24 08:56:14 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\LockHunter
[2012/02/04 20:48:33 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\LogSys
[2013/08/20 12:09:21 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\M8 Software
[2013/08/20 12:09:21 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Mad Head Games
[2013/03/17 06:39:38 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Magic Landscape Filter
[2013/03/08 06:44:51 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Magic Skin Filter
[2013/08/20 12:09:21 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MagicIndie
[2013/08/20 12:13:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MAGIX
[2014/03/18 12:47:21 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MahJong Suite
[2014/01/31 10:09:06 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Mariaglorum
[2013/06/05 05:33:23 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MarkdownPad 2
[2013/08/20 12:13:09 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MarkdownPad 2 2.1.18.37279
[2013/11/06 08:43:28 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Maxthon3
[2013/10/03 16:05:37 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MechCAD
[2013/07/01 20:32:31 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MediaArt
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MediaMonkey
[2013/04/02 20:20:56 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Meridian93
[2013/10/08 22:40:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Merscom
[2014/01/05 09:33:25 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MiniLyrics
[2014/02/16 10:34:43 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Mipony
[2013/08/29 08:20:22 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\mjusbsp
[2013/11/19 17:05:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Moncarwit
[2013/05/04 15:09:07 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Monotype
[2012/11/21 06:55:41 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Moonchild Productions
[2013/08/26 08:40:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MoonriseInteractive
[2013/08/20 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Motorola
[2014/02/18 21:24:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MP3 Quality Modifier
[2012/07/28 05:40:54 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MP3 Tag Express V6
[2012/10/14 03:50:30 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MumboJumbo
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MusicBee
[2013/08/20 12:09:39 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\My Games
[2013/08/20 12:09:39 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Mystery of Mortlake Mansion
[2014/01/03 22:03:31 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MysteryTag
[2013/03/11 19:54:20 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Natural Threat.Ominous Shores
[2012/02/04 00:59:11 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\NeoSoftTools
[2012/07/13 16:23:55 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Nevosoft-Breeze
[2012/11/06 15:54:51 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Nitro
[2014/04/02 06:35:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Nitro PDF
[2012/09/06 06:55:59 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\nspaces_bytesignals
[2014/03/30 09:09:41 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\onOne Software
[2013/09/22 11:54:46 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\OpenDNS Updater
[2013/12/15 18:44:14 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\OpenOffice
[2013/08/20 12:09:39 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\OpenOffice.org
[2013/08/20 12:09:39 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Opera Software
[2014/01/14 21:06:07 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Organic 2 Digital
[2013/03/17 13:50:49 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Orneon
[2013/07/04 19:29:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PassionFruit Games
[2012/11/18 06:53:40 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Pavtube
[2014/03/26 11:08:34 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PCDr
[2013/11/18 07:01:24 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PearlMountain
[2013/08/20 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PearlMountainSoft
[2013/04/13 15:37:44 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PeerNetworking
[2013/05/03 15:49:34 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PhantomFivePack03
[2012/01/22 06:09:38 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Photo DVD Slideshow
[2013/07/18 10:09:42 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Photodex
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PhotoScape
[2013/08/20 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PhoXo
[2013/04/02 05:49:21 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PicaJet.Com
[2013/12/20 09:39:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PictureCutoutGuide
[2013/08/20 12:09:44 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Pixelplan
[2013/04/04 17:02:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PlataGames
[2013/08/20 12:09:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PlayFavoriteGames
[2014/01/22 15:38:30 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Playrix Entertainment
[2013/03/23 08:38:36 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PoBros
[2013/08/20 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PopCap Games
[2013/08/20 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PopCapv1003
[2013/08/20 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PopCapv1006
[2013/08/20 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PowerISO
[2014/01/02 08:46:21 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ProcessLasso
[2012/03/05 09:15:09 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Proxima Software
[2012/09/29 06:39:28 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Purple Patch Games
[2013/06/05 18:43:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PuzzleLab
[2013/08/20 12:09:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\quickclick
[2011/12/30 07:44:19 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\QuickZip
[2013/02/19 14:28:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Rainbow
[2013/08/20 12:09:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ReelDealVampireAdventure
[2013/11/18 07:59:49 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ReelDealWildWestShootOut
[2012/07/10 19:25:46 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ReelTen
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\RetouchPilot
[2013/06/27 21:17:48 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\RoboForm
[2013/11/25 07:35:09 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\rokapublish
[2013/07/05 22:46:53 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Rumbic Studio
[2013/07/24 20:20:55 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\saves
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Scribus
[2013/05/26 16:28:03 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SecretIslandUSA
[2013/12/14 16:03:56 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ShamanGS
[2013/12/04 08:19:59 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Shareaza
[2013/08/20 12:09:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Silverback Games
[2012/04/25 14:07:03 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Simple Star
[2013/11/25 09:12:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Smarty Uninstaller
[2012/06/27 17:55:00 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SMIGames
[2013/08/20 12:09:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SoftGrid Client
[2012/03/20 07:37:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Softland
[2014/01/25 08:11:14 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SoftMaker
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Solitaire Egypt
[2013/10/03 16:05:38 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Soluto
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Songbird2
[2013/08/20 12:09:46 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Spacejock Software
[2013/11/29 10:35:59 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SpeedBit
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SpeedMP3Downloader
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SpinTop
[2013/08/20 12:13:13 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SpinTop Games
[2014/02/05 09:51:30 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Spotflux
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SpringPublisher
[2013/05/18 08:09:23 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Stardock
[2013/08/20 12:09:46 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\StartMenuX
[2013/08/20 12:13:25 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Stellarium
[2013/08/20 12:13:25 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\StepShot
[2012/03/22 10:10:34 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\streamWriter
[2013/10/26 08:36:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SulusGames
[2013/08/20 12:13:25 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SuperUtils.com
[2013/10/11 03:32:57 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Synei
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SystemRequirementsLab
[2014/04/08 07:18:01 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Systweak
[2013/11/10 20:54:44 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\T1 Games
[2013/07/20 20:36:15 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Tap It Games
[2012/11/03 06:11:42 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Tape_Worm
[2013/10/03 16:05:48 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TaskmgrPro
[2014/03/26 11:08:49 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TeraCopy
[2011/11/20 06:48:14 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TERMINAL Studio
[2013/09/29 13:57:58 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TheFlyingDutchman
[2013/07/20 20:27:02 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TheLastDays
[2013/05/14 07:59:36 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TheScruffs
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Thunderbird
[2013/07/12 15:30:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\tiger-k
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TMInc
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Tonido
[2012/02/22 11:35:54 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TP
[2012/10/20 08:28:33 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Trellian
[2012/05/22 11:52:32 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TweakNow DriveShortcut
[2014/01/30 12:51:37 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Twilight Games
[2013/08/20 12:12:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\URSE Games
[2013/08/20 12:12:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\URSoft
[2013/08/20 12:12:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\V-Games
[2011/11/09 04:19:07 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\V310-V510 Series
[2012/07/02 19:35:42 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\V5 Play
[2013/07/14 19:45:19 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Vast Studios
[2011/11/25 12:30:46 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Video DVD Maker FREE
[2013/05/26 10:48:02 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Virtual Prophecy
[2014/02/18 07:33:11 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\VitySoft
[2011/11/16 20:23:50 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Vogat Interactive
[2012/11/17 20:06:31 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Vso
[2012/05/19 10:02:51 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\WallpaperDownloader.com
[2013/08/20 12:13:28 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Wandoujia2
[2012/04/14 07:03:16 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Watermark Express
[2012/07/03 08:22:52 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\WeatherPaper
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\WindSolutions
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\WinISO Computing
[2012/11/26 07:17:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\WinPatrol
[2012/07/13 06:38:28 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\WIPE2012
[2013/08/20 12:13:28 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Wise Auto Shutdown
[2014/04/10 06:55:29 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Wise Care 365
[2013/08/20 12:12:17 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Wondershare
[2012/07/11 15:40:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\World-LooM
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\XnView
[2013/08/20 12:13:28 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\XYplorer
[2012/09/16 06:57:48 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Youdagames
[2013/04/27 08:14:41 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\YoWindow
[2013/08/10 18:09:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Zoner

========== Purity Check ==========



========== Files - Unicode (All) ==========
[2012/05/14 07:18:13 | 000,000,000 | ---D | M](C:\Windows\SysNative\3?) -- C:\Windows\SysNative\3쀀
[2012/05/14 07:18:13 | 000,000,000 | ---D | C](C:\Windows\SysNative\3?) -- C:\Windows\SysNative\3쀀

========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:6B50A605
@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:33DB8278
@Alternate Data Stream - 97 bytes -> C:\ProgramData\Temp:AA8AD2BF
@Alternate Data Stream - 97 bytes -> C:\ProgramData\Temp:60A4BB64
@Alternate Data Stream - 94 bytes -> C:\ProgramData\Temp:101708D3
@Alternate Data Stream - 5 bytes -> C:\ProgramData\Nalpeiron:user.ns4
@Alternate Data Stream - 5 bytes -> C:\ProgramData\Nalpeiron:user.ns3
@Alternate Data Stream - 5 bytes -> C:\ProgramData\Nalpeiron:user.ns2
@Alternate Data Stream - 5 bytes -> C:\ProgramData\Nalpeiron:user.ns1
@Alternate Data Stream - 294 bytes -> C:\ProgramData\Temp:56E2E879
@Alternate Data Stream - 275 bytes -> C:\ProgramData\Temp:A9662AE0
@Alternate Data Stream - 258 bytes -> C:\ProgramData\Temp:93F3E4C9
@Alternate Data Stream - 239 bytes -> C:\ProgramData\Temp:80F63EC3
@Alternate Data Stream - 236 bytes -> C:\ProgramData\Temp:918B7566
@Alternate Data Stream - 235 bytes -> C:\ProgramData\Temp:9A870F8B
@Alternate Data Stream - 232 bytes -> C:\ProgramData\Temp:A3B8F70C
@Alternate Data Stream - 223 bytes -> C:\ProgramData\Temp:F5E90ED3
@Alternate Data Stream - 221 bytes -> C:\ProgramData\Temp:2BC498A4
@Alternate Data Stream - 221 bytes -> C:\ProgramData\Temp:091193F8
@Alternate Data Stream - 216 bytes -> C:\ProgramData\Temp:C22674B6
@Alternate Data Stream - 216 bytes -> C:\ProgramData\Temp:090FB735
@Alternate Data Stream - 213 bytes -> C:\ProgramData\Temp:B42826C8
@Alternate Data Stream - 213 bytes -> C:\ProgramData\Temp:7C412B92
@Alternate Data Stream - 212 bytes -> C:\ProgramData\Temp:0DACB2B7
@Alternate Data Stream - 206 bytes -> C:\ProgramData\Temp:EC0A74A1
@Alternate Data Stream - 204 bytes -> C:\ProgramData\Temp:E51234A9
@Alternate Data Stream - 203 bytes -> C:\ProgramData\Temp:9B285B76
@Alternate Data Stream - 203 bytes -> C:\ProgramData\Temp:1B927722
@Alternate Data Stream - 202 bytes -> C:\ProgramData\Temp:98DFF516
@Alternate Data Stream - 201 bytes -> C:\ProgramData\Temp:561B1D2B
@Alternate Data Stream - 199 bytes -> C:\ProgramData\Temp:3C282BEA
@Alternate Data Stream - 199 bytes -> C:\ProgramData\Temp:0AC32449
@Alternate Data Stream - 198 bytes -> C:\ProgramData\Temp:260575F1
@Alternate Data Stream - 195 bytes -> C:\ProgramData\Temp:84D15556
@Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences
@Alternate Data Stream - 180 bytes -> C:\ProgramData\Temp:12D21A9A
@Alternate Data Stream - 173 bytes -> C:\ProgramData\Temp:F8B88761
@Alternate Data Stream - 164 bytes -> C:\ProgramData\Temp:D1B5B4F1
@Alternate Data Stream - 162 bytes -> C:\ProgramData\Temp:1CE11B51
@Alternate Data Stream - 16 bytes -> C:\Users\Otie\Downloads:Shareaza.GUID
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:EAF3ADF5
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:5704AA2B
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:D3A82449
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:AA0017FD
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:2B9B6BC0
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:2CB9631F
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:CA400C1B
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:62EBE39C
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:7BE5BAAB
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:B06385AA
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:A7596EAE
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:4DDE401B
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:0785072C
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:DF3CC840
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:D6255023
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:D5CCCBAA
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:373E1720
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:E0F0F1BE
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:517EFA90
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:26499772
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:A07E3E9D
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:9D06FB9C
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:5BC73C48
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:D3331ADB
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:03A039A3
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:93B1FB40
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:AD2DB2F9
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:2CEFEABF
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:834DD57E
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:B36361EE
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:B1CD2545
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:FA206A00
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:F89F2593
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:C83012A4
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:EB86F355
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:94B46CA2
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:84E7BFEB
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:0B352B60
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:370E4EFB
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:9812B773
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:070D9534
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:0441DB7A
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:5E9E3A14
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:7757A6D4
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:614F17D3
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:E40EED9B

< End of report >

  • 0

Advertisements

#2
Essexboy
Posted 14 April 2014 - 08:24 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi there, you do appear to have a lot of junk

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    OTL_Fix.GIF
:Commands
[CREATERESTOREPOINT]

:OTL
SRV - [2014/04/02 19:19:32 | 000,350,496 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\BatBrowse\updateBatBrowse.exe -- (Update BatBrowse)
SRV - [2014/04/02 18:48:25 | 000,350,496 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\BatBrowse\bin\utilBatBrowse.exe -- (Util BatBrowse)
SRV - [2014/03/10 10:39:48 | 000,011,776 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe -- (NewPlayerUpdaterService)
[2014/03/17 08:09:53 | 000,000,000 | ---D | M] ("MediaPlayerEnhance") -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\extensions\0c822a17-a68f-4066-9257-d229458d21ca@9c178d17-dc61-4aaf-b2da-1425ac7300ac.com
O2:64bit: - BHO: (media enhance) - {11111111-1111-1111-1111-110411411150} - C:\Program Files (x86)\media enhance\media enhance-bho64.dll (freeven)
O2 - BHO: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - Reg Error: Value error. File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (IObit Apps Toolbar) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - Reg Error: Value error. File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
[2014/04/05 11:53:14 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\Systweak
[2014/04/05 11:53:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Systweak
[2014/04/13 09:50:00 | 000,000,302 | ---- | M] () -- C:\Windows\tasks\DigitalSite.job
[2014/04/13 09:21:00 | 000,001,896 | ---- | M] () -- C:\Windows\tasks\Safe Saver-chromeinstaller.job
[2014/04/13 09:21:00 | 000,001,820 | ---- | M] () -- C:\Windows\tasks\Safe Saver-firefoxinstaller.job
[2014/04/13 09:21:00 | 000,001,190 | ---- | M] () -- C:\Windows\tasks\Safe Saver-codedownloader.job
[2014/04/13 09:21:00 | 000,001,186 | ---- | M] () -- C:\Windows\tasks\Safe Saver-updater.job
[2014/04/13 09:21:00 | 000,001,090 | ---- | M] () -- C:\Windows\tasks\Safe Saver-enabler.job
[2014/04/13 07:39:00 | 000,001,536 | ---- | M] () -- C:\Windows\tasks\media enhance-updater.job
[2014/04/13 07:38:03 | 000,003,098 | ---- | M] () -- C:\Windows\tasks\media enhance-chromeinstaller.job
[2014/04/13 07:38:00 | 000,002,318 | ---- | M] () -- C:\Windows\tasks\media enhance-firefoxinstaller.job
[2014/04/13 07:38:00 | 000,001,490 | ---- | M] () -- C:\Windows\tasks\media enhance-codedownloader.job
[2014/04/13 07:38:00 | 000,001,390 | ---- | M] () -- C:\Windows\tasks\media enhance-enabler.job
[2014/04/08 07:18:02 | 000,000,458 | ---- | M] () -- C:\Windows\tasks\ASO-AutoCheckUpdate7Days.job
[2014/04/02 18:22:58 | 000,000,428 | ---- | M] () -- C:\Windows\tasks\ASO-OneClickCare.job
[2014/03/16 07:37:45 | 000,000,000 | ---- | C] () -- C:\END
[2013/11/07 07:50:10 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\0D0S1L2Z1P1B

:Files
C:\Program Files (x86)\BatBrowse

:Commands
[resethosts]
[emptytemp]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
FINALLY
  • Run OTL.

    OTL_Main_Tutorial.gif
  • Select All Users
  • Select LOP and Purity
  • Under the Custom Scan box paste this in

    netsvcs
    BASESERVICES
    %SYSTEMDRIVE%\*.exe
    c:\program files (x86)\Google\Desktop
    c:\program files\Google\Desktop
    dir "%systemdrive%\*" /S /A:L /C
    /md5start
    rpcss.dll
    /md5stop
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
    • When the scan completes, it will open one notepad window.
    • Post all logs

  • 0

#3
otieatkins
Posted 16 April 2014 - 01:52 PM

otieatkins

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 105 posts
Hello and thank you for helping me. Here are my logs:
AdwCleaner:
# AdwCleaner v3.023 - Report created 15/04/2014 at 21:04:19
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Otie - OTIE-PC
# Running from : C:\Temp\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Systweak
Folder Deleted : C:\ProgramData\Alawar Stargaze
Folder Deleted : C:\ProgramData\AlawarWrapper
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Around the world in 80 days
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\registry mechanic
Folder Deleted : C:\Program Files (x86)\BatBrowse
Folder Deleted : C:\Program Files (x86)\media enhance
Folder Deleted : C:\Program Files (x86)\NewPlayer
Folder Deleted : C:\Program Files (x86)\Toolbar Cleaner
Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Folder Deleted : C:\Windows\SysWOW64\AI_RecycleBin
Folder Deleted : C:\Users\Otie\AppData\Local\CrashRpt
Folder Deleted : C:\Users\Otie\AppData\Local\NewPlayer
Folder Deleted : C:\Users\Otie\AppData\Local\PackageAware
Folder Deleted : C:\Users\Otie\AppData\Local\toolbarcleaner
Folder Deleted : C:\Users\Otie\AppData\Local\Tuguu_SL
Folder Deleted : C:\Users\Otie\AppData\LocalLow\adawaretb
Folder Deleted : C:\Users\Otie\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Otie\AppData\LocalLow\facemoods.com
Folder Deleted : C:\Users\Otie\AppData\LocalLow\incredibar.com
Folder Deleted : C:\Users\Otie\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Otie\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Otie\AppData\Roaming\quickclick
Folder Deleted : C:\Users\Otie\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Otie\Documents\Optimizer Pro
Folder Deleted : C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\Extensions\0c822a17-a68f-4066-9257-d229458d21ca@9c178d17-dc61-4aaf-b2da-1425ac7300ac.com
Folder Deleted : C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\Extensions\[email protected]
Folder Deleted : C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\Extensions\{3d7eb24f-2740-49df-8937-200b1cc08f8a}
Folder Deleted : C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo
[!] Folder Deleted : C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo
File Deleted : C:\Users\Public\Desktop\NewPlayer.lnk
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\adawaretb.xml
File Deleted : C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\searchplugins\bingp.xml
File Deleted : C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.iminent.com_0.localstorage
File Deleted : C:\Windows\System32\Tasks\digitalsite
File Deleted : C:\Windows\System32\Tasks\Driver Booster Update
File Deleted : C:\Windows\System32\Tasks\LaunchApp
File Deleted : C:\Windows\Tasks\media enhance-chromeinstaller.job
File Deleted : C:\Windows\System32\Tasks\media enhance-chromeinstaller
File Deleted : C:\Windows\System32\Tasks\media enhance-codedownloader
File Deleted : C:\Windows\System32\Tasks\media enhance-enabler
File Deleted : C:\Windows\System32\Tasks\media enhance-firefoxinstaller
File Deleted : C:\Windows\System32\Tasks\media enhance-updater

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\adawarebp_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskPIP_FF__RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_install_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateBatBrowse_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateBatBrowse_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0044150.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0044150.BHO.1
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0044150.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0044150.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_ashampoo-photo-commander-8_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_ashampoo-photo-commander-8_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_mosaic_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_mosaic_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0EEDB912-C5FA-486F-8334-57288578C627}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5B99E41-E157-4209-8AAC-DB003A816079}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AD20D01C-C939-4DD2-8C55-56935A48987E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E95EAD3F-18C6-4304-9DC6-BD6FD8E11D37}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411411150}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322322254}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422412250}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{88CCA982-C030-4B27-8FBC-201189970FDE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03F38765-173F-4344-B4D6-78500A46CACE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0EEDB912-C5FA-486F-8334-57288578C627}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110411411150}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0EEDB912-C5FA-486F-8334-57288578C627}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFDF9EF3-3C3A-4F05-9A6E-5D3B778EC567}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70b3bc5b-5f41-4c27-9019-0a83d25ef2c8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b205035b-75c4-4557-86ac-2f58f2db0e00}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{0EEDB912-C5FA-486F-8334-57288578C627}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220422412250}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{88CCA982-C030-4B27-8FBC-201189970FDE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ACA608DB-A210-4253-B799-3FD24E9A7BF5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EEDB912-C5FA-486F-8334-57288578C627}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70b3bc5b-5f41-4c27-9019-0a83d25ef2c8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b205035b-75c4-4557-86ac-2f58f2db0e00}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\BatBrowse
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\Uniblue
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\media enhance
Key Deleted : HKLM\Software\BatBrowse
Key Deleted : HKLM\Software\ImInstaller
Key Deleted : HKLM\Software\installedbrowserextensions
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Toolbar Cleaner
Key Deleted : HKLM\Software\media enhance
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\media enhance
Key Deleted : [x64] HKLM\SOFTWARE\IB Updater
Key Deleted : [x64] HKLM\SOFTWARE\installedbrowserextensions
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BatBrowse
Key Deleted : HKLM\Software\Classes\Installer\Features\2B1E51D87B2D71A44BB42DDD5E894160
Key Deleted : HKLM\Software\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]

-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\prefs.js ]

Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.InstallationThankYouPage", true);
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.InstallationTime", 1394969925);
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150_dbWasSet", true);
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150_dbWasSet_FF25_FIX", true[...]
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.active", true);
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.addressbar", "NA");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.addressbarenhanced", "");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.asyncdb.was_copied", "true");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.asyncdb_dbWasSet", true);
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.asyncdb_dbWasSet_FF25_FIX", true);
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.asyncinternaldb.was_copied", "true");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.asyncinternaldb_dbWasSet", true);
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.asyncinternaldb_dbWasSet_FF25_FIX", true);
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.backgroundver", 1);
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.certdomaininstaller", "");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.changeprevious", false);
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight Time)");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.cookie.InstallationTime.value", "%221394969925%22");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight Time)");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22000555%22%2C%22sub_id%22%3A%22verticals-%2[...]
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight Time)");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.cookie._GPL_aoi.value", "%221394970014%22");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight Time)"[...]
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.cookie._GPL_parent_zoneid.value", "%22518233%22");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.cookie.jw_token.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight Time)");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.cookie.jw_token.value", "%22fad3f4f5-c7c5-4534-4482-2e078664ca90%22");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.description", "MediaPlayerEnhance Extension");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.domain", "");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.enablesearch", false);
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.homepage", "");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.iframe", false);
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight [...]
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%22BC8D8427730841ECA5AAB34DF129C[...]
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight Time)[...]
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22000555%22%2C%22sub_id%22%3A%22vertical[...]
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight [...]
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22000555%22%2C%22sub_id%22%3A%22ver[...]
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern [...]
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%22BC8D8427730841ECA5AA[...]
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight Time[...]
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.Resources_appVer.value", "85");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight[...]
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.Resources_lastVersion.value", "2");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight Time)"[...]
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.Resources_meta.value", "%7B%7D");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.Resources_nextCheck.expiration", "Wed Apr 16 2014 00:41:34 GMT-0400 (Eastern Standard T[...]
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.Resources_nextCheck.value", "true");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight Time)[...]
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.Resources_queue.value", "%7B%7D");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Day[...]
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight T[...]
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.__defualt_browser__.value", "%22ff%22");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eastern Daylight Time)");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%22BC8D8427[...]
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.monetization_plugin_bundledUrls.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Easter[...]
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.monetization_plugin_bundledWithHash.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Ea[...]
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.monetization_plugin_bundledWithHash.value", "null");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.monetization_plugin_last_executable_request.expiration", "Wed Apr 16 2014 06:42:10 GMT-[...]
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.monetization_plugin_last_executable_request.value", "%22hxxp%3A//download.bleepingcompu[...]
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.monetization_plugin_notBundledArr_.expiration", "Fri Feb 01 2030 00:00:00 GMT-0500 (Eas[...]
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.internaldb.monetization_plugin_notBundledArr_.value", "%5B%5D");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.lastDailyReport", "1397601694021");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.lastUpdate", "1397601694402");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.manifesturl", "");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.name", "MediaPlayerEnhance");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.newtab", "");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.opensearch", "");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.pluginsurl", "hxxp://js.clientdemocloud.com/plugin/apps/44150/plugins/094/ff/plugins.json");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.pluginsversion", 78);
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.publisher", "Freeven");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.searchstatus", 0);
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.setnewtab", false);
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.thankyou", "");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.updateinterval", 360);
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.44150.ver", 85);
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.FilesValidatorDueTime", "1397601752519");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.apps", "44150");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.bic", "144cab092d61791e7e601ed6713f5c7c");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.cid", 44150);
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.firstrun", false);
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.hadappinstalled", true);
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.installationdate", 1394969973);
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.modetype", "production");
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.reportInstall", true);
Line Deleted : user_pref("extensions.a0c822a17a68f40669257d229458d21ca9c178d17dc614aafb2da1425ac7300accom44150.statsDailyCounter", 33);
Line Deleted : user_pref("extensions.crossrider.bic", "144cab092d61791e7e601ed6713f5c7c");
Line Deleted : user_pref("extensions.enabledAddons", "%7B3d7eb24f-2740-49df-8937-200b1cc08f8a%7D:1.5.17,notreal.ccoptions%40environmentalchemistry.com:25.0,adblockpopups%40jessehakanen.net:0.9.1,%7B4c7097f7-08f2-4ef[...]

-\\ Google Chrome v

[ File : C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [36430 octets] - [15/04/2014 20:09:19]
AdwCleaner[S0].txt - [34322 octets] - [15/04/2014 21:04:19]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [34383 octets] ##########


New OTL:
OTL logfile created on: 4/16/2014 7:16:52 AM - Run 3
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Otie\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

11.98 Gb Total Physical Memory | 8.73 Gb Available Physical Memory | 72.82% Memory free
23.96 Gb Paging File | 20.27 Gb Available in Paging File | 84.57% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 800.53 Gb Total Space | 555.76 Gb Free Space | 69.42% Space Free | Partition Type: NTFS
Drive E: | 1049.20 Gb Total Space | 460.55 Gb Free Space | 43.90% Space Free | Partition Type: NTFS
Drive H: | 931.51 Gb Total Space | 477.45 Gb Free Space | 51.25% Space Free | Partition Type: NTFS
Drive P: | 473.63 Gb Total Space | 264.92 Gb Free Space | 55.93% Space Free | Partition Type: NTFS
Drive R: | 457.88 Gb Total Space | 389.90 Gb Free Space | 85.15% Space Free | Partition Type: NTFS
Drive S: | 341.80 Gb Total Space | 69.54 Gb Free Space | 20.35% Space Free | Partition Type: NTFS
Drive T: | 1055.46 Gb Total Space | 8.92 Gb Free Space | 0.84% Space Free | Partition Type: NTFS

Computer Name: OTIE-PC | User Name: Otie | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/04/13 10:41:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Otie\Desktop\OTL.exe
PRC - [2014/03/27 12:55:22 | 000,592,656 | ---- | M] (Greatis Software) -- C:\Program Files (x86)\GOTD\UnHackMe\hackmon.exe
PRC - [2014/02/15 09:00:59 | 004,330,432 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
PRC - [2014/02/15 09:00:59 | 004,163,584 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
PRC - [2014/01/23 13:53:42 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) -- C:\Windows\SysWOW64\nlssrv32.exe
PRC - [2013/12/24 04:37:34 | 000,777,504 | ---- | M] (Glarysoft Ltd) -- C:\Program Files (x86)\Glary Utilities 4\Integrator.exe
PRC - [2013/12/23 21:26:20 | 000,042,680 | ---- | M] (Anvisoft) -- C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe
PRC - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/19 12:32:46 | 004,520,744 | ---- | M] (Systweak) -- C:\Program Files (x86)\Advanced System Optimizer 3\SystemProtector.exe
PRC - [2013/12/12 15:56:14 | 003,145,536 | ---- | M] () -- C:\Users\Otie\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
PRC - [2013/12/09 22:22:32 | 002,279,712 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2013/12/09 22:21:14 | 001,494,304 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013/10/25 13:07:38 | 001,120,032 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe
PRC - [2013/10/25 12:07:24 | 002,151,200 | ---- | M] (IObit) -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
PRC - [2013/10/11 17:12:16 | 000,069,192 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
PRC - [2013/09/04 12:46:52 | 000,023,624 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe
PRC - [2013/06/28 18:48:04 | 000,014,624 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2013/05/15 15:00:04 | 000,073,064 | ---- | M] () -- C:\Program Files (x86)\FarStone TotalRecovery\EFB\FBAgent.exe
PRC - [2013/02/21 08:17:01 | 000,367,016 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
PRC - [2013/02/21 08:17:01 | 000,264,616 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
PRC - [2012/12/22 14:44:03 | 007,664,960 | ---- | M] (Toolwiz.com) -- C:\Program Files (x86)\ToolwizCareFree\ToolwizTools.exe
PRC - [2012/11/14 18:07:42 | 000,071,024 | ---- | M] () -- C:\Program Files (x86)\FarStone TotalRecovery\EFB\DCNTranProc.exe
PRC - [2012/08/31 10:03:00 | 000,537,918 | ---- | M] () -- C:\Program Files (x86)\OpenDNS\DNSCrypt\dnscrypt-proxy.exe
PRC - [2012/08/31 10:03:00 | 000,014,336 | ---- | M] () -- C:\Program Files (x86)\OpenDNS\DNSCrypt\OpenDNSCryptService.exe
PRC - [2010/09/13 19:32:32 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe


========== Modules (No Company Name) ==========

MOD - [2014/02/12 04:31:18 | 002,297,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\868ad9d8acc0bf80a973c0e4e9cae4fa\System.Core.ni.dll
MOD - [2014/02/12 04:30:56 | 000,220,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\d682d06abf8257c72ce11cefd1d74cf5\CustomMarshalers.ni.dll
MOD - [2014/02/12 04:30:26 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\4412bbbb473c356b5ea3e1ea13b25f52\System.Management.ni.dll
MOD - [2014/02/12 04:27:25 | 000,212,992 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\b34b348a9935338b1282fd0c9309eb1f\System.ServiceProcess.ni.dll
MOD - [2014/02/12 04:27:20 | 001,840,640 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\b0f9a4f138cc569a7526f97b93808d3e\System.Web.Services.ni.dll
MOD - [2014/02/12 04:27:15 | 000,628,224 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\faf3ae85f2470505e1b32d2154de60ef\System.EnterpriseServices.ni.dll
MOD - [2014/02/12 04:27:14 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\fe1942c05eda4f9744f80afb4ae76a2d\System.Data.ni.dll
MOD - [2014/02/12 04:27:14 | 000,627,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\cd3556d1162e8f7df77611c9c4253f7c\System.Transactions.ni.dll
MOD - [2014/02/12 04:26:59 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/02/12 04:26:54 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/02/12 04:26:41 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/02/12 04:26:39 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014/02/12 04:26:38 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/02/12 04:26:30 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2014/01/20 14:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/01/20 14:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/12/23 22:05:44 | 000,080,160 | ---- | M] () -- C:\Program Files (x86)\Glary Utilities 4\zlib1.dll
MOD - [2013/12/12 15:56:14 | 003,145,536 | ---- | M] () -- C:\Users\Otie\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
MOD - [2013/10/25 13:07:38 | 001,120,032 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\RealTimeProtector.exe
MOD - [2013/02/21 08:17:03 | 000,072,104 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\wlessfp1.dll
MOD - [2013/02/21 08:17:02 | 000,268,712 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\ImLookExU.dll
MOD - [2013/02/21 08:17:02 | 000,133,544 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\ImComUtlU.dll
MOD - [2013/02/21 08:17:02 | 000,033,128 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\IMHttpComm.dll
MOD - [2013/02/09 07:38:16 | 000,080,296 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\ImAppRU.dll
MOD - [2013/01/23 17:17:12 | 000,108,888 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\PMC.dll
MOD - [2013/01/15 19:48:26 | 000,348,992 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\madexcept_.bpl
MOD - [2013/01/15 19:48:26 | 000,051,008 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\maddisAsm_.bpl
MOD - [2013/01/15 19:48:24 | 000,183,616 | ---- | M] () -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\madbasic_.bpl
MOD - [2012/06/27 14:03:10 | 000,168,448 | ---- | M] () -- C:\Program Files (x86)\Advanced System Optimizer 3\unrar.dll
MOD - [2011/11/11 19:22:10 | 000,886,272 | ---- | M] () -- C:\Program Files (x86)\Advanced System Optimizer 3\System.Data.SQLite.dll
MOD - [2011/11/09 10:40:46 | 008,013,088 | ---- | M] () -- C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll
MOD - [2010/11/20 23:24:08 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/11/20 23:24:01 | 000,069,120 | ---- | M] () -- C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
MOD - [2009/06/10 17:23:19 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll


========== Services (SafeList) ==========

SRV:64bit: - File not found [On_Demand | Stopped] -- c:\Program Files\Ocster Backup\bin\backupService-ox.exe -- (ocster_backup)
SRV:64bit: - File not found [Disabled | Stopped] -- C:\Program Files\Siber Systems\GoodSync\Gs-Server.exe /service -- (GsServer)
SRV:64bit: - [2014/03/13 05:43:02 | 000,468,032 | ---- | M] (Genie9) [Auto | Running] -- C:\Program Files\Genie9\Zoolz2\ZoolzService.exe -- (Zoolz 2 Service)
SRV:64bit: - [2014/03/01 00:33:34 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/01/23 16:09:18 | 000,702,744 | ---- | M] () [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe -- (LavasoftAdAwareService11)
SRV:64bit: - [2014/01/21 00:26:32 | 000,367,984 | ---- | M] (Spotflux) [On_Demand | Stopped] -- C:\Program Files\Spotflux\Spotflux Lite\Spotflux Updates.exe -- (SpotfluxUpdate)
SRV:64bit: - [2014/01/15 20:42:12 | 000,289,256 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe -- (McComponentHostService)
SRV:64bit: - [2013/12/09 22:20:28 | 015,129,376 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2013/11/28 11:04:40 | 000,024,672 | ---- | M] () [Auto | Running] -- c:\Program Files\SuperEasy Software\1-Click Backup Free\bin\backupService-sez1cb.exe -- (supereasy_1cbackup)
SRV:64bit: - [2013/10/08 17:26:06 | 000,026,600 | ---- | M] (CyberGhost S.R.L) [Auto | Running] -- C:\Program Files\CyberGhost 5\Service.exe -- (CGVPNCliService)
SRV:64bit: - [2013/09/09 17:35:38 | 006,258,480 | ---- | M] (O&O Software GmbH) [Auto | Running] -- C:\Program Files\OO Software\DiskImage\oodiag.exe -- (OO DiskImage)
SRV:64bit: - [2013/07/24 10:49:08 | 000,182,848 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoLauncherService.exe -- (SolutoLauncherService)
SRV:64bit: - [2013/07/24 10:49:06 | 000,798,784 | ---- | M] (Soluto) [Auto | Running] -- C:\Program Files\Soluto\SolutoService.exe -- (SolutoService)
SRV:64bit: - [2013/07/24 09:53:36 | 001,942,528 | ---- | M] (GlavSoft LLC.) [On_Demand | Stopped] -- C:\Program Files\Soluto\SolutoRemoteService.exe -- (SolutoRemoteService)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/03/26 18:13:08 | 000,230,416 | ---- | M] (Nitro PDF Software) [On_Demand | Stopped] -- C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe -- (NitroReaderDriverReadSpool3)
SRV:64bit: - [2012/10/22 06:45:27 | 000,479,480 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\FileMind\FileMind.Windows.Service.exe -- (Filemind.Windows.Service)
SRV:64bit: - [2012/09/25 14:56:38 | 000,301,760 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Macrium\Reflect\ReflectService.exe -- (ReflectService.exe)
SRV:64bit: - [2012/09/07 22:49:59 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE -- (!SASCORE)
SRV:64bit: - [2012/08/13 17:27:44 | 000,292,736 | ---- | M] (Puran Software) [Disabled | Stopped] -- C:\Windows\SysNative\PuranDefragS.exe -- (PuranDefrag)
SRV:64bit: - [2012/02/03 16:18:04 | 006,378,128 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [On_Demand | Stopped] -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe -- (CarboniteService)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/05/21 22:20:04 | 000,045,224 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\dleaserv.exe -- (dleaCATSCustConnectService)
SRV:64bit: - [2009/12/09 16:24:07 | 001,047,552 | ---- | M] ( ) [On_Demand | Stopped] -- C:\Windows\SysNative\dleacoms.exe -- (dlea_device)
SRV - [2014/04/15 19:24:07 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/04/11 06:20:04 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/02/27 15:35:44 | 000,100,704 | ---- | M] () [Auto | Stopped] -- H:\Program Files (x86)\Amigabit Powerbooster\PowerBoosterServer32.exe -- (PowerBoosterServer)
SRV - [2014/02/15 09:00:59 | 004,163,584 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2014/01/23 13:53:42 | 000,070,768 | ---- | M] (Nalpeiron Ltd.) [Auto | Running] -- C:\Windows\SysWOW64\nlssrv32.exe -- (nlsX86cc)
SRV - [2013/12/23 21:26:20 | 000,042,680 | ---- | M] (Anvisoft) [Auto | Running] -- C:\Program Files (x86)\Anvisoft\Cloud System Booster\CSBSvc.exe -- (AnviCsbSvc)
SRV - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/19 12:32:44 | 000,264,488 | ---- | M] (Systweak Software, (www.systweak.com)) [Auto | Running] -- C:\Program Files (x86)\Advanced System Optimizer 3\ASO3DefragSrv64.exe -- (ASO3DiskOptimizer)
SRV - [2013/12/09 22:21:14 | 001,494,304 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013/11/01 13:37:14 | 000,173,272 | ---- | M] (Microsoft Corp.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe -- (BingDesktopUpdate)
SRV - [2013/10/25 13:07:00 | 000,878,368 | ---- | M] (IObit) [On_Demand | Stopped] -- C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe -- (AdvancedSystemCareService7)
SRV - [2013/10/25 12:07:24 | 002,151,200 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe -- (LiveUpdateSvc)
SRV - [2013/10/11 17:12:16 | 000,069,192 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Auto | Running] -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe -- (EaseUS Agent)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/09/04 12:46:52 | 000,023,624 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Auto | Running] -- C:\Program Files (x86)\EaseUS\Todo Backup\bin\GuardAgent.exe -- (Guard Agent)
SRV - [2013/08/09 15:37:04 | 000,413,472 | ---- | M] (NVIDIA Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013/06/28 18:48:04 | 000,014,624 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2013/06/06 04:48:26 | 000,102,400 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\DiskBoss\bin\diskbsa.exe -- (DiskBoss Service)
SRV - [2013/05/31 16:38:33 | 000,176,128 | ---- | M] (Covalent Storage Systems) [On_Demand | Stopped] -- C:\Program Files (x86)\DigitalLifeboat\Data Protection Service\DataProtectionUpdateService.exe -- (Digital Lifeboat Update Service)
SRV - [2013/05/31 16:38:33 | 000,010,240 | ---- | M] (Covalent Storage Systems) [On_Demand | Stopped] -- C:\Program Files (x86)\DigitalLifeboat\Data Protection Service\DataProtectionService.exe -- (Digital Lifeboat Backup Service)
SRV - [2013/05/28 14:36:16 | 000,580,232 | ---- | M] (WiseCleaner.com) [Auto | Stopped] -- H:\Program Files (x86)\GOTD\Wise\Wise Care 365\BootTime.exe -- (WiseBootAssistant)
SRV - [2013/05/15 15:00:04 | 000,073,064 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\FarStone TotalRecovery\EFB\FBAgent.exe -- (FBAgent)
SRV - [2013/03/10 09:38:22 | 000,484,304 | ---- | M] (AltrixSoft (http://www.altrixsoft.com/)) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe -- (HDDSvc)
SRV - [2012/11/14 18:07:42 | 000,071,024 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\FarStone TotalRecovery\EFB\DCNTranProc.exe -- (Tran_Process_Proc)
SRV - [2012/10/29 13:25:52 | 000,519,920 | ---- | M] (iWin Inc.) [On_Demand | Stopped] -- P:\Program Files (x86)\Pogo Games\PGMTrusted.exe -- (PGMTrusted)
SRV - [2012/08/31 10:03:00 | 000,014,336 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\OpenDNS\DNSCrypt\OpenDNSCryptService.exe -- (DNSCrypt)
SRV - [2012/07/30 11:48:16 | 001,518,504 | ---- | M] () [Auto | Stopped] -- H:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Service.exe -- (AHDDC2)
SRV - [2012/05/23 14:52:58 | 000,073,728 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe -- (Sony SCSI Helper Service)
SRV - [2012/03/19 05:28:52 | 000,043,072 | ---- | M] (ArcSoft, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe -- (ADExchange)
SRV - [2012/03/13 12:52:20 | 001,429,976 | ---- | M] (SuperEasy Software) [On_Demand | Stopped] -- H:\Program Files (x86)\SuperEasy Software\Live Defrag\supereasydefragservice.exe -- (SuperEasy Software Defrag Service)
SRV - [2012/02/09 17:08:38 | 004,345,616 | ---- | M] (Paessler AG) [On_Demand | Stopped] -- C:\Program Files (x86)\PRTG Network Monitor\PRTG Server.exe -- (PRTGCoreService)
SRV - [2012/02/09 17:08:36 | 003,835,152 | ---- | M] (Paessler AG) [On_Demand | Stopped] -- C:\Program Files (x86)\PRTG Network Monitor\PRTG Probe.exe -- (PRTGProbeService)
SRV - [2012/01/28 11:16:44 | 000,020,549 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\SMTPing\Apache\bin\httpd.exe -- (Apache2.2)
SRV - [2012/01/23 19:34:32 | 000,284,512 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Iconix\IconixService.exe -- (IconixService)
SRV - [2011/12/06 17:00:14 | 000,214,896 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011/10/28 13:56:13 | 001,045,256 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/08/18 11:05:46 | 001,692,480 | ---- | M] (SoftThinks SAS) [On_Demand | Stopped] -- C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe -- (SftService)
SRV - [2011/08/02 15:38:54 | 001,164,848 | ---- | M] (Acronis) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe -- (AcrSch2Svc)
SRV - [2011/07/13 13:52:34 | 000,150,920 | ---- | M] (Dell Products, LP.) [On_Demand | Stopped] -- c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery)
SRV - [2011/04/01 12:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/03/28 12:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/10/01 12:27:22 | 000,632,792 | ---- | M] (PC Tools) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe -- (PCToolsSSDMonitorSvc)
SRV - [2010/09/30 12:52:42 | 000,045,056 | ---- | M] (Intuit) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe -- (QBCFMonitorService)
SRV - [2010/09/17 18:04:30 | 001,251,840 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\DataProtect\QBIDPService.exe -- (QBVSS)
SRV - [2010/09/13 19:32:32 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/08/25 21:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU)
SRV - [2010/05/21 22:20:04 | 000,045,224 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\dleaserv.exe -- (dleaCATSCustConnectService)
SRV - [2009/12/09 15:35:58 | 000,593,920 | ---- | M] ( ) [On_Demand | Stopped] -- C:\Windows\SysWOW64\dleacoms.exe -- (dlea_device)
SRV - [2009/08/27 18:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)
SRV - [2009/08/24 23:16:12 | 000,544,768 | ---- | M] (mst software GmbH, Germany) [On_Demand | Stopped] -- H:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\DfSdkS64.exe -- (DfSdkS)
SRV - [2009/07/23 22:10:38 | 000,061,440 | ---- | M] (Intuit Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe -- (QBFCService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/08/07 12:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
SRV - [2006/06/05 20:57:00 | 000,024,576 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\SMTPing\PyCron\pycron.exe -- (PyCron)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/02/08 09:07:40 | 000,099,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\TeeDriverx64.sys -- (MEIx64)
DRV:64bit: - [2014/01/23 03:22:44 | 000,204,032 | ---- | M] (WinISO.com) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\WinisoCDBus.sys -- (WinisoCDBus)
DRV:64bit: - [2013/12/23 00:01:32 | 000,017,088 | ---- | M] (Glarysoft Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BootDefragDriver.sys -- (BootDefragDriver)
DRV:64bit: - [2013/12/13 13:37:32 | 000,276,256 | ---- | M] (Digiarty Software, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\DigiartyVirtualCDBus.sys -- (DigiartyVirtualCDBus)
DRV:64bit: - [2013/12/05 04:42:30 | 000,039,200 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2013/11/29 17:23:43 | 000,141,920 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsflt53.sys -- (vidsflt53)
DRV:64bit: - [2013/11/29 14:02:46 | 000,971,360 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\timntr.sys -- (timounter)
DRV:64bit: - [2013/11/29 14:02:40 | 000,210,016 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vididr.sys -- (vididr)
DRV:64bit: - [2013/11/29 14:02:37 | 000,275,552 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\snapman.sys -- (snapman)
DRV:64bit: - [2013/11/29 11:31:28 | 000,017,008 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\ampa.sys -- (ampa)
DRV:64bit: - [2013/11/28 11:23:08 | 000,458,960 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2013/11/28 09:38:18 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/10/28 14:13:22 | 000,449,496 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2013/10/25 18:36:26 | 000,034,544 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2013/10/01 22:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/09/15 16:50:00 | 000,030,752 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\rsdrvx64.sys -- (ElRawDisk)
DRV:64bit: - [2013/09/09 17:36:32 | 000,255,688 | ---- | M] (O&O Software GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\oodivd.sys -- (oodivd)
DRV:64bit: - [2013/09/09 17:36:32 | 000,044,744 | ---- | M] (O&O Software GmbH) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\oodivdh.sys -- (oodivdh)
DRV:64bit: - [2013/09/09 17:36:30 | 000,116,936 | ---- | M] (O&O Software GmbH) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\oodisr.sys -- (oodisr)
DRV:64bit: - [2013/09/09 17:36:30 | 000,041,160 | ---- | M] (O&O Software GmbH) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\oodisrh.sys -- (oodisrh)
DRV:64bit: - [2013/09/04 12:24:10 | 000,189,000 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EuFdDisk.sys -- (EUFDDISK)
DRV:64bit: - [2013/09/04 12:24:10 | 000,061,000 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\eubakup.sys -- (EUBAKUP)
DRV:64bit: - [2013/09/04 12:24:10 | 000,048,200 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EUBKMON.sys -- (EUBKMON)
DRV:64bit: - [2013/09/04 12:24:10 | 000,018,504 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\eudskacs.sys -- (EUDSKACS)
DRV:64bit: - [2013/08/22 08:40:24 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2013/07/24 09:53:10 | 000,054,728 | ---- | M] (Soluto LTD.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\Soluto.sys -- (Soluto)
DRV:64bit: - [2013/07/17 17:10:52 | 000,329,800 | ---- | M] (BitDefender S.R.L.) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Trufos.sys -- (Trufos)
DRV:64bit: - [2013/07/16 07:45:18 | 000,014,456 | ---- | M] (GFI Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\gfibto.sys -- (gfibto)
DRV:64bit: - [2013/06/26 19:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 19:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 19:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 19:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2013/05/21 16:38:50 | 000,036,096 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdkmpfd.sys -- (amdkmpfd)
DRV:64bit: - [2013/04/27 08:51:27 | 000,035,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WPRO_41_2001.sys -- (WPRO_41_2001)
DRV:64bit: - [2013/04/11 11:06:54 | 000,039,504 | ---- | M] (ThreatTrack Security) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\gfiark.sys -- (gfiark)
DRV:64bit: - [2013/03/07 13:37:54 | 000,019,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2013/03/07 13:37:32 | 000,009,584 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2013/03/07 10:49:18 | 000,017,480 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\epmntdrv.sys -- (epmntdrv)
DRV:64bit: - [2013/03/07 10:49:18 | 000,009,800 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\EuGdiDrv.sys -- (EuGdiDrv)
DRV:64bit: - [2013/02/26 11:48:08 | 000,039,248 | ---- | M] (Paragon Software Group) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hotcore3.sys -- (hotcore3)
DRV:64bit: - [2013/02/25 05:10:02 | 000,021,208 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\MDA_NTDRV.sys -- (MDA_NTDRV)
DRV:64bit: - [2013/02/05 19:34:43 | 000,047,240 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tbhsd.sys -- (tbhsd)
DRV:64bit: - [2012/12/22 14:44:06 | 000,052,544 | ---- | M] (Toolwiz.com) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\KSafeDISK.sys -- (KSafeDISK)
DRV:64bit: - [2012/12/22 14:44:06 | 000,050,496 | ---- | M] (Toolwiz.com) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\BTOWSVF.sys -- (BTOWSVF)
DRV:64bit: - [2012/12/22 14:44:06 | 000,032,576 | ---- | M] (Toolwiz.com) [File_System | System | Running] -- C:\Windows\SysNative\drivers\BTOWSFF.sys -- (BTOWSFF)
DRV:64bit: - [2012/12/13 15:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/12/09 05:51:20 | 000,126,944 | ---- | M] (Power Software Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 10:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/19 23:21:13 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rrnetcap.sys -- (RRNetCapMP)
DRV:64bit: - [2012/07/19 23:21:13 | 000,037,480 | ---- | M] (RapidSolution Software AG) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rrnetcap.sys -- (RRNetCap)
DRV:64bit: - [2012/03/08 19:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/11/25 12:44:22 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2011/11/14 09:11:10 | 000,572,336 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\Uim_IMx64.sys -- (Uim_IM)
DRV:64bit: - [2011/11/14 09:11:10 | 000,352,816 | ---- | M] (Paragon) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uim_vimx64.sys -- (Uim_VIM)
DRV:64bit: - [2011/11/14 09:11:10 | 000,059,184 | ---- | M] (Windows ® 2000 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\uimx64.sys -- (UimBus)
DRV:64bit: - [2011/10/28 15:27:52 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/10/28 15:27:52 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/10/27 11:18:16 | 000,027,224 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\ggcfdrv.sys -- (ggcfdrv)
DRV:64bit: - [2011/07/22 12:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2011/07/12 17:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2011/04/04 15:55:54 | 000,021,504 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp)
DRV:64bit: - [2011/03/31 15:53:40 | 000,030,208 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2011/03/18 14:46:20 | 000,074,376 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftdibus.sys -- (FTDIBUS)
DRV:64bit: - [2011/03/18 14:46:06 | 000,085,384 | ---- | M] (FTDI Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ftser2k.sys -- (FTSER2K)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/09/14 08:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/08/18 01:28:32 | 000,026,136 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ICCWDT.sys -- (ICCWDT)
DRV:64bit: - [2010/07/01 13:11:24 | 000,012,352 | ---- | M] () [Kernel | "Start" not found. | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV:64bit: - [2010/06/17 11:14:12 | 000,024,152 | R--- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FarMntIo.sys -- (FARMNTIO)
DRV:64bit: - [2010/05/20 19:42:44 | 003,058,168 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010/04/01 15:44:06 | 000,026,624 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Motousbnet.sys -- (Motousbnet)
DRV:64bit: - [2010/03/19 04:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2010/02/27 11:32:14 | 000,158,976 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/01/29 18:18:12 | 000,009,216 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl)
DRV:64bit: - [2009/01/29 18:11:38 | 000,006,144 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motfilt.sys -- (BTCFilterService)
DRV:64bit: - [2007/11/02 16:52:02 | 000,008,576 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motswch.sys -- (MotoSwitchService)
DRV:64bit: - [2006/11/01 13:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2014/03/31 11:21:31 | 000,035,816 | ---- | M] (Greatis Software) [Kernel | Boot | Unknown] -- C:\Windows\SysWOW64\drivers\Partizan.sys -- (Partizan)
DRV - [2014/03/26 11:13:30 | 000,071,472 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys -- (a2acc)
DRV - [2013/12/04 11:01:32 | 000,057,024 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys -- (cleanhlp)
DRV - [2013/11/29 11:31:28 | 000,017,008 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\ampa.sys -- (ampa)
DRV - [2013/09/30 18:23:02 | 000,045,208 | ---- | M] (Emsisoft GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys -- (a2injectiondriver)
DRV - [2013/03/28 19:03:02 | 000,026,176 | ---- | M] (Emsisoft GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys -- (A2DDA)
DRV - [2013/03/28 19:03:02 | 000,017,384 | ---- | M] (Emsisoft GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys -- (a2util)
DRV - [2013/03/07 10:49:20 | 000,014,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\epmntdrv.sys -- (epmntdrv)
DRV - [2013/03/07 10:49:20 | 000,009,160 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2012/10/20 06:16:34 | 000,208,256 | ---- | M] (Pdisk Foundation) [Kernel | System | Stopped] -- C:\Windows\SysWOW64\drivers\PDisk.sys -- (SUHDCrypt)
DRV - [2012/08/01 15:44:04 | 000,014,544 | ---- | M] (OpenLibSys.org) [File_System | On_Demand | Stopped] -- H:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys -- (WinRing0_1_2_0)
DRV - [2012/06/08 03:28:32 | 000,015,664 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2011/10/27 11:18:16 | 000,027,224 | ---- | M] (Microsoft Corporation) [File_System | Auto | Running] -- C:\Windows\SysWOW64\drivers\ggcfdrv.sys -- (ggcfdrv)
DRV - [2011/08/29 13:19:52 | 000,022,096 | ---- | M] (Paragon Software GmbH) [Kernel | On_Demand | Stopped] -- H:\Program Files (x86)\Paragon_Software\Partition_Manager_11_Personal_Special_Edition\bluescrn\biont_bs.sys -- (BioNT_BS)
DRV - [2011/06/02 11:08:34 | 000,017,864 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys -- (cpudrv64)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {49606DC7-976D-4030-A74E-9FB5C842FA68}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...64bit:</strong> - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/...rchBox<br /> IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...IE8SRC<br /> IE - HKLM\..\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}: "URL" = http://www.bing.com/...earchBox<br />

IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope =
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope =

IE - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar =
IE - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.thundercl...start/index.htm [binary data]
IE - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com
IE - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\..\SearchScopes,DefaultScope =
IE - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...IE11SR<br /> IE - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.co...={sear<br /> IE - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\..\SearchScopes\{977E617C-0D56-4C5E-A3E6-88C2C3A13C25}: "URL" = http://search.yahoo....Terms}<br /> IE - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\..\SearchScopes\{CF608B78-8D59-4B67-AF74-C6EBF1536F09}: "URL" = http://www.google.co...ding?}<br /> IE - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\..\SearchScopes\{EFC8261A-27C7-438E-AD54-A6BB4B8F614D}: "URL" = http://www.bing.com/...rchBox<br /> IE - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;192.168.*.*

IE - HKU\S-1-5-21-2573087068-2607692701-1072482724-1012\..\SearchScopes,DefaultScope =

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "GoodSearch"
FF - prefs.js..browser.search.openintab: true
FF - prefs.js..browser.search.order.3: "Bing "
FF - prefs.js..browser.search.selectedEngine: "GoodSearch"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://thundercloud.net/start/index.htm"
FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=902615&p="
FF - prefs.js..keyword.url: "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=902615&p="
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: I:\Program Files (x86)\Google\Picasa3\npPicasa3.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.51.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@siber.com/RoboForm: C:\Program Files (x86)\Siber Systems\AI RoboForm\chrome\plugin\np-rf-plugin.dll (Siber Systems Inc.)
FF - HKLM\Software\MozillaPlugins\@sony.com/ReaderDesktop: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@nds.com/PCShowPlugin: File not found
FF - HKCU\Software\MozillaPlugins\@nds.com/PlayerPlugin: C:\Users\Otie\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)
FF - HKCU\Software\MozillaPlugins\@stickypassword.com/Sticky Password: C:\Program Files (x86)\Sticky Password\npspAutofill.dll (Lamantine Software a.s.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Otie\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Otie\AppData\Local\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\en.pixelplan.pl/PIXELPLANWebViewer: C:\Users\Otie\AppData\Roaming\Pixelplan\Pixelplan O4C Viewer Web\1.2.7\npPIXELPLANWebViewer.dll (Pixelplan S.C.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Otie\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF - HKCU\Software\MozillaPlugins\NDS.com/PlayerPlugin: C:\Users\Otie\AppData\Local\DIRECTV Player\npPlayerPlugin.dll (NDS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 30.0a2\extensions\\Components: C:\Program Files (x86)\Aurora\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Aurora 30.0a2\extensions\\Plugins: C:\Program Files (x86)\Aurora\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: H:\Program Files (x86)\DAP\daplinkchecker [2013/11/29 10:35:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{22119944-ED35-4ab1-910B-E619EA06A115}: C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox [2014/04/10 15:46:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/03/12 08:28:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 28.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/03/12 08:28:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.4.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 24.4.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{F17C1572-C9EC-4e5c-A542-D05CBB5C5A08}: H:\Program Files (x86)\DAP\DAPFireFox [2013/11/29 10:35:57 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: H:\Program Files (x86)\CaptureSaver\Firefox [2013/03/19 09:48:11 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{54affe52-8223-453b-be1e-2fe2e250045c}: C:\Users\Otie\AppData\Roaming\Lamantine\Sticky Password\spAutofill [2013/08/21 07:26:21 | 000,000,000 | ---D | M]

[2013/08/20 12:09:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Extensions
[2012/11/09 16:34:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Extensions\[email protected]
[2014/04/15 21:04:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\extensions
[2014/01/01 21:03:15 | 000,128,676 | ---- | M] () (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\extensions\[email protected]
[2014/04/11 05:52:49 | 000,373,305 | ---- | M] () (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\extensions\[email protected]
[2014/02/10 06:44:07 | 000,390,318 | ---- | M] () (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\extensions\[email protected]
[2014/01/01 20:22:26 | 000,159,912 | R--- | M] () (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\extensions\[email protected]
[2014/01/03 09:30:33 | 000,049,303 | ---- | M] () (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\extensions\{4c7097f7-08f2-4ef2-9b9f-f95fa4cbb064}.xpi
[2014/03/26 09:31:29 | 000,537,316 | ---- | M] () (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
[2014/03/03 08:49:36 | 000,957,290 | ---- | M] () (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014/01/01 20:22:26 | 001,379,656 | R--- | M] () (No name found) -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\extensions\{D46E8522-6E86-44b1-A622-58C0668AD78E}.xpi
[2014/04/13 10:11:21 | 000,001,874 | ---- | M] () -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\searchplugins\duckduckgo.xml
[2014/04/13 10:11:50 | 000,002,047 | ---- | M] () -- C:\Users\Otie\AppData\Roaming\Mozilla\Firefox\Profiles\pbzi9bjo.default-1388620926941\searchplugins\goodsearch.xml
[2013/10/24 19:02:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/10/24 19:02:36 | 000,000,000 | ---D | M] (Iconix) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{852B9B5F-E8A7-49b4-B7C3-79A3E8A829F6}
[2013/10/24 19:02:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013/10/24 19:02:36 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2014/04/12 13:30:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/04/12 13:30:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\USERS\OTIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PBZI9BJO.DEFAULT-1388620926941\EXTENSIONS\{3D7EB24F-2740-49DF-8937-200B1CC08F8A}
File not found (No name found) -- C:\USERS\OTIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PBZI9BJO.DEFAULT-1388620926941\EXTENSIONS\0C822A17-A68F-4066-9257-D229458D21CA@9C178D17-DC61-4AAF-B2DA-1425AC7300AC.COM
File not found (No name found) -- C:\USERS\OTIE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PBZI9BJO.DEFAULT-1388620926941\EXTENSIONS\[email protected]
[2013/11/29 10:35:57 | 000,000,000 | ---D | M] (Download Accelerator Plus (DAP) extension) -- H:\PROGRAM FILES (X86)\DAP\DAPFIREFOX
[2013/11/29 10:35:58 | 000,000,000 | ---D | M] (DAP Link Checker) -- H:\PROGRAM FILES (X86)\DAP\DAPLINKCHECKER
[2013/02/23 09:36:00 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll
[2012/03/20 16:58:32 | 000,196,448 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npIconixProxy110.dll
[2012/11/11 10:26:05 | 000,123,159 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\testlog.txt
[2012/07/11 14:26:14 | 000,001,068 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahootc.xml

========== Chrome ==========

CHR - default_search_provider: GoodSearch (Enabled)
CHR - default_search_provider: search_url = http://www.goodsearc...erms}<br /> CHR - default_search_provider: suggest_url = \u0000,
CHR - homepage: http://www.bing.com/?pc=U161
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Otie\AppData\Local\Google\Chrome\Application\34.0.1847.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Otie\AppData\Local\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Otie\AppData\Local\Google\Chrome\Application\34.0.1847.116\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: CouponNetwork Coupon Activator Netscape Plugin v. 5.0.0.0 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPcol400.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: eMail ID (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npIconixProxy110.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Foxit Reader Plugin for Mozilla (Enabled) = C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll
CHR - plugin: Java™ Platform SE 7 U17 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Nitro PDF plugin for Firefox and Chrome (Enabled) = C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll
CHR - plugin: Windows LiveÃ⢠Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: PCShow Player Plugin (Enabled) = C:\Users\Otie\AppData\Local\DIRECTV Player\npPlayerPlugin.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Otie\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll
CHR - plugin: Pixelplan Web Viewer (Enabled) = C:\Users\Otie\AppData\Roaming\Pixelplan\Pixelplan O4C Viewer Web\1.2.7\npPIXELPLANWebViewer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_168.dll
CHR - plugin: Java Deployment Toolkit 7.0.170.2 (Enabled) = C:\Windows\SysWOW64\npDeployJava1.dll
CHR - Extension: Xmarks Bookmark Sync = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.28_0\
CHR - Extension: Theme Creator = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\akpelnjfckgfiplcikojhomllgombffc\2.5_0\
CHR - Extension: TechSmith Snagit (Extension) = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\annopcfmbiofommjmcmcfmhklhgbhkce\1.2.2.32_0\
CHR - Extension: TechSmith Snagit (Extension) = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\annopcfmbiofommjmcmcfmhklhgbhkce\1.2.3.33_0\
CHR - Extension: Google Docs = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Spider Solitaire = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcopgabdbdohekgeabpbfhledmdahkpe\1.0.2_0\
CHR - Extension: YouTube = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Switchmark = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnocffbiglfjjcgmifcampfmcbkfbhgc\1.2_0\
CHR - Extension: Freecell Solitaire = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cabpjbpfakfhcfidnjahmdophhihafkh\1.0.0.3_0\
CHR - Extension: Adblock Plus = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.7.4_0\
CHR - Extension: Google Santa Tracker 2012 Theme = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgmkeoaheilhpfachlmmonhnapbjaijf\1.2_0\
CHR - Extension: OneFeed = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cidjbmjjebfhfjodbphfklcmknafddmb\1.2.0.0_0\
CHR - Extension: Weebly - Website Builder = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnocophcbjfiimmnhlhleaooedeheifb\1.0.5_0\
CHR - Extension: Christmas Mahjong = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coconnhpdpfcoglmhjniaoipnmklkmhf\1.0.0.4_0\
CHR - Extension: Google Search = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Winter Mahjong = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddmhicnhpjfpgmcebbidppnammjebnkp\1.0.0.7_0\
CHR - Extension: Christmas Solitiare = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhcbjomfajlnldboplncbdhmdaagcpln\1.0.0.2_0\
CHR - Extension: Word Search = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnjkggjhcbohgnikmegjkodmakmimlkj\1.0.0.1_0\
CHR - Extension: Word Search = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnjkggjhcbohgnikmegjkodmakmimlkj\1.0.0.1_0\~
CHR - Extension: Spotflux Lite = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcakbkpmlidimpglgiaclbpgbedlmpfl\0.9_0\
CHR - Extension: Download Accelerator Plus (DAP) = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffdcfjdljhbehggjdkdioajnknjcpbjb\2.1.0.1_0\
CHR - Extension: AdBlock = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.18_0\
CHR - Extension: FastestFox for Chrome = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\8.0.9_0\
CHR - Extension: Onlive Clock = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\moddbcckaikhdnigidfcmaeelcobchpm\1.1_0\
CHR - Extension: Advanced SystemCare Surfing Protection = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd\1.0.0_1\
CHR - Extension: Pocket (formerly Read It Later) = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj\1.7.0_0\
CHR - Extension: Pocket (formerly Read It Later) = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj\1.7.1_0\
CHR - Extension: Google Wallet = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: RoboForm = C:\Users\Otie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob\7.9.4.4_0\

O1 HOSTS File: ([2014/04/14 16:42:26 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (ExplorerWnd Helper) - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
O2:64bit: - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O2:64bit: - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (ClassicIEBHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
O2 - BHO: (MSS+ Identifier) - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
O2 - BHO: (RoboForm Toolbar Helper) - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Sticky Password Toolbar) - {AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - C:\Program Files (x86)\Sticky Password\spIEBho.dll (Lamantine Software a.s.)
O2 - BHO: (Advanced SystemCare Browser Protection) - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (SpeedBit Link Verification Helper) - {D5974A72-C81C-4DC3-BE77-A8A7BBC8864E} - H:\Program Files (x86)\DAP\LinkVerifier.dll (Speedbit Ltd.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DAPIELoader Class) - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - H:\Program Files (x86)\DAP\dapieloader.dll (SpeedBit Ltd.)
O3:64bit: - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)
O3:64bit: - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (CaptureSaver) - {5148AB7D-8868-4490-B6DA-F98368488582} - H:\Program Files (x86)\CaptureSaver\CaptureSaverIE.dll (www.capturesaver.com)
O3 - HKLM\..\Toolbar: (&RoboForm Toolbar) - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Sticky Password Toolbar) - {AC02E217-6E13-4F14-9BAC-D7BA27C1E912} - C:\Program Files (x86)\Sticky Password\spIEBho.dll (Lamantine Software a.s.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O3 - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\..\Toolbar\WebBrowser: (&RoboForm Toolbar) - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O4:64bit: - HKLM..\Run: [AdAwareTray] C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe ()
O4:64bit: - HKLM..\Run: [Ashampoo HDD-Control 2 Guard] H:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 2\AHDDC2_Guard.exe (Ashampoo Development GmbH & Co. KG)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [Soluto] c:\program files\soluto\soluto.exe (Soluto)
O4 - HKLM..\Run: [emsisoft anti-malware] c:\program files (x86)\emsisoft anti-malware\a2guard.exe (Emsisoft GmbH)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000..\Run: [Amigabit Powerbooster Tray] H:\Program Files (x86)\Amigabit Powerbooster\Tray.exe (Amigabit)
O4 - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000..\Run: [EarthAlerts] C:\Program Files (x86)\Earth Alerts\EarthAlerts.exe (South Wind Technologies)
O4 - HKU\S-1-5-21-2573087068-2607692701-1072482724-1012..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-2573087068-2607692701-1072482724-1012..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FSL Launcher.lnk = H:\Program Files (x86)\FSL\FSL_Launcher\FSL_Launcher.exe (FSL - FreeSoftLand)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 221
O7 - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: LinkResolveIgnoreLinkInfo = 1
O7 - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveSearch = 1
O7 - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoResolveTrack = 1
O7 - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O7 - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 1
O8:64bit: - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files (x86)\IncrediMail\Bin\resources\WebMenuImg.htm ()
O8:64bit: - Extra context menu item: &Clean Traces - Reg Error: Value error. File not found
O8:64bit: - Extra context menu item: &Download with &DAP - H:\Program Files (x86)\DAP\dapextie.htm ()
O8:64bit: - Extra context menu item: &Download with DAM - H:\Program Files (x86)\Tensons\Download Accelerator Manager\\addUrl.htm ()
O8:64bit: - Extra context menu item: &Verify with DAP - H:\Program Files (x86)\DAP\dapverify.htm ()
O8:64bit: - Extra context menu item: Add to CaptureSaver - H:\Program Files (x86)\CaptureSaver\\AddFromIE.htm ()
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8:64bit: - Extra context menu item: Block frame with Ad Muncher - http://www.admuncher...d=menu_ie_frame File not found
O8:64bit: - Extra context menu item: Block image with Ad Muncher - http://www.admuncher...d=menu_ie_image File not found
O8:64bit: - Extra context menu item: Block link with Ad Muncher - http://www.admuncher...id=menu_ie_link File not found
O8:64bit: - Extra context menu item: Customize Menu - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html File not found
O8:64bit: - Extra context menu item: Don't filter page with Ad Muncher - http://www.admuncher...menu_ie_exclude File not found
O8:64bit: - Extra context menu item: Download &All with DAM - H:\Program Files (x86)\Tensons\Download Accelerator Manager\\addAllUrls.htm ()
O8:64bit: - Extra context menu item: Download &all with DAP - H:\Program Files (x86)\DAP\dapextie2.htm ()
O8:64bit: - Extra context menu item: Download with &Shareaza - E:\Program Files\Shareaza\RazaWebHook64.dll (Shareaza Development Team)
O8:64bit: - Extra context menu item: Download with Mipony - H:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
O8:64bit: - Extra context menu item: Fill Forms - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html File not found
O8:64bit: - Extra context menu item: Free YouTube Download - Reg Error: Value error. File not found
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - Reg Error: Value error. File not found
O8:64bit: - Extra context menu item: Report page to the Ad Muncher developers - http://www.admuncher...=menu_ie_report File not found
O8:64bit: - Extra context menu item: Run DAM Media&Grabber - H:\Program Files (x86)\Tensons\Download Accelerator Manager\\runMg.htm ()
O8:64bit: - Extra context menu item: Save Forms - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html File not found
O8:64bit: - Extra context menu item: Search Using Copernic Agent - Reg Error: Value error. File not found
O8:64bit: - Extra context menu item: Show RoboForm Toolbar - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html File not found
O8:64bit: - Extra context menu item: Sticky Password - C:\Program Files (x86)\Sticky Password\spIEBho.dll (Lamantine Software a.s.)
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program Files (x86)\IncrediMail\Bin\resources\WebMenuImg.htm ()
O8 - Extra context menu item: &Clean Traces - Reg Error: Value error. File not found
O8 - Extra context menu item: &Download with &DAP - H:\Program Files (x86)\DAP\dapextie.htm ()
O8 - Extra context menu item: &Download with DAM - H:\Program Files (x86)\Tensons\Download Accelerator Manager\\addUrl.htm ()
O8 - Extra context menu item: &Verify with DAP - H:\Program Files (x86)\DAP\dapverify.htm ()
O8 - Extra context menu item: Add to CaptureSaver - H:\Program Files (x86)\CaptureSaver\\AddFromIE.htm ()
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Block frame with Ad Muncher - http://www.admuncher...d=menu_ie_frame File not found
O8 - Extra context menu item: Block image with Ad Muncher - http://www.admuncher...d=menu_ie_image File not found
O8 - Extra context menu item: Block link with Ad Muncher - http://www.admuncher...id=menu_ie_link File not found
O8 - Extra context menu item: Customize Menu - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComCustomizeIEMenu.html File not found
O8 - Extra context menu item: Don't filter page with Ad Muncher - http://www.admuncher...menu_ie_exclude File not found
O8 - Extra context menu item: Download &All with DAM - H:\Program Files (x86)\Tensons\Download Accelerator Manager\\addAllUrls.htm ()
O8 - Extra context menu item: Download &all with DAP - H:\Program Files (x86)\DAP\dapextie2.htm ()
O8 - Extra context menu item: Download with &Shareaza - E:\Program Files\Shareaza\RazaWebHook64.dll (Shareaza Development Team)
O8 - Extra context menu item: Download with Mipony - H:\Program Files (x86)\MiPony\Browser\IEContext.htm ()
O8 - Extra context menu item: Fill Forms - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComFillForms.html File not found
O8 - Extra context menu item: Free YouTube Download - Reg Error: Value error. File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - Reg Error: Value error. File not found
O8 - Extra context menu item: Report page to the Ad Muncher developers - http://www.admuncher...=menu_ie_report File not found
O8 - Extra context menu item: Run DAM Media&Grabber - H:\Program Files (x86)\Tensons\Download Accelerator Manager\\runMg.htm ()
O8 - Extra context menu item: Save Forms - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComSavePass.html File not found
O8 - Extra context menu item: Search Using Copernic Agent - Reg Error: Value error. File not found
O8 - Extra context menu item: Show RoboForm Toolbar - file://C:/Program Files (x86)/Siber Systems/AI RoboForm/RoboFormComShowToolbar.html File not found
O8 - Extra context menu item: Sticky Password - C:\Program Files (x86)\Sticky Password\spIEBho.dll (Lamantine Software a.s.)
O9:64bit: - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O9:64bit: - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9:64bit: - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform-x64.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Launch Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - Reg Error: Value error. File not found
O9 - Extra Button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra Button: CaptureSaver - {3BD9DD3E-F9B6-45b9-9ED3-5E1980C2686F} - H:\Program Files (x86)\CaptureSaver\CaptureSaverIE.dll (www.capturesaver.com)
O9 - Extra 'Tools' menuitem : CaptureSaver - {3BD9DD3E-F9B6-45b9-9ED3-5E1980C2686F} - Reg Error: Value error. File not found
O9 - Extra Button: Dashlane Button - {40354A83-504E-4611-ACAE-3D137F6F595E} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe (IvoSoft)
O9 - Extra Button: Show Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O9 - Extra 'Tools' menuitem : Show RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll (Siber Systems Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\..Trusted Domains: dell.com ([]* in Trusted sites)
O15 - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\..Trusted Domains: localhost ([]* in Local intranet)
O15 - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\..Trusted Domains: magicjack.com ([my] * in Trusted sites)
O15 - HKU\S-1-5-21-2573087068-2607692701-1072482724-1000\..Trusted Domains: talk4free.com ([reg] * in Trusted sites)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} Reg Error: Value error. (SpinTop DRM Control)
O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} https://support.dell...r/SysProExe.CAB (WMI Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.51.2)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} Reg Error: Value error. (ArmHelper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4B0FFB9F-5F89-4B27-B073-20EA5C236F4B}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CE8307D0-C892-480B-BD3A-899D1DFCC9DA}: NameServer = 127.0.0.1
O18:64bit: - Protocol\Handler\belarc - No CLSID value found
O18:64bit: - Protocol\Handler\copernicagent - No CLSID value found
O18:64bit: - Protocol\Handler\copernicagentcache - No CLSID value found
O18:64bit: - Protocol\Handler\cozi - No CLSID value found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\intu-help-qb4 - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\qbwc - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\copernicagent {A979B6BD-E40B-4A07-ABDD-A62C64A4EBF6} - Reg Error: Value error. File not found
O18 - Protocol\Handler\copernicagentcache {AAC34CFD-274D-4A9D-B0DC-C74C05A67E1D} - Reg Error: Value error. File not found
O18 - Protocol\Handler\cozi {5356518D-FE9C-4E08-9C1F-1E872ECD367F} - Reg Error: Value error. File not found
O18 - Protocol\Handler\intu-help-qb4 {ACE22922-D07C-4860-B51B-8CF472FEC2CB} - Reg Error: Value error. File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - (Reg Error: Value error.) - Reg Error: Value error. File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - Reg Error: Value error. File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014/04/15 07:32:22 | 000,010,185 | ---- | M] () - C:\autoupdate.log -- [ NTFS ]
O33 - MountPoints2\{7b761033-5086-11e1-9466-180373df15a5}\Shell - "" = AutoRun
O33 - MountPoints2\{7b761033-5086-11e1-9466-180373df15a5}\Shell\AutoRun\command - "" = J:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (Partizanbddel.exe)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)


CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2014/04/16 07:11:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Systweak
[2014/04/16 06:14:06 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\Systweak
[2014/04/15 20:09:16 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/04/14 16:23:32 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/04/14 10:25:37 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Ultimate Easter Puzzler
[2014/04/14 10:24:17 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cadenza Music Betrayal and Death CE
[2014/04/14 09:51:20 | 000,000,000 | ---D | C] -- C:\Windows\Cadenza Music Betrayal and Death CE
[2014/04/14 09:47:30 | 000,000,000 | ---D | C] -- C:\Windows\The Ultimate Easter Puzzler
[2014/04/14 09:23:27 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Topaz Labs
[2014/04/14 09:23:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Topaz Labs
[2014/04/14 09:23:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Topaz Labs
[2014/04/14 09:21:04 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
[2014/04/14 09:20:49 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\IrfanView
[2014/04/14 09:20:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView
[2014/04/14 01:35:11 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\iMaxGen
[2014/04/13 10:42:11 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Otie\Desktop\OTL.exe
[2014/04/11 06:20:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Aurora
[2014/04/10 07:23:00 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jane Angel 2 - Fallen Heaven Premium Edition
[2014/04/10 07:22:13 | 000,000,000 | ---D | C] -- C:\Windows\Jane Angel 2 - Fallen Heaven Premium Edition
[2014/04/06 12:35:37 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\HomeMakeover
[2014/04/06 06:46:19 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\Alawar Entertainment
[2014/04/05 18:45:22 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hidden Object - Home Makeover
[2014/04/05 18:34:43 | 000,000,000 | ---D | C] -- C:\Windows\Hidden Object - Home Makeover
[2014/04/03 07:58:02 | 002,101,848 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2014/04/03 07:58:01 | 002,792,152 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2014/04/03 07:58:01 | 001,999,128 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO264.dll
[2014/04/03 07:58:01 | 001,728,280 | ---- | C] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBAPO232.dll
[2014/04/03 07:58:01 | 001,286,872 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2014/04/03 07:58:01 | 001,024,216 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2014/04/03 07:58:01 | 000,946,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2014/04/03 07:58:01 | 000,624,344 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtDataProc64.dll
[2014/04/03 07:58:00 | 002,770,976 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2014/04/03 07:58:00 | 002,037,336 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2014/04/03 07:58:00 | 001,033,304 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2014/04/02 00:16:08 | 000,000,000 | ---D | C] -- C:\FRST
[2014/04/01 19:40:42 | 000,000,000 | ---D | C] -- C:\EEK
[2014/04/01 19:36:50 | 002,157,056 | ---- | C] (Farbar) -- C:\Users\Otie\Desktop\FRST64.exe
[2014/04/01 19:35:50 | 000,000,000 | ---D | C] -- C:\New folder
[2014/03/31 11:49:33 | 000,040,720 | ---- | C] (Greatis Software) -- C:\Windows\SysNative\Partizan.exe
[2014/03/31 11:21:31 | 000,035,816 | ---- | C] (Greatis Software) -- C:\Windows\SysWow64\drivers\Partizan.sys
[2014/03/31 10:48:37 | 000,012,800 | ---- | C] (Greatis Software, LLC.) -- C:\Windows\SysWow64\drivers\UnHackMeDrv.sys
[2014/03/31 10:48:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
[2014/03/31 09:38:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/03/31 09:35:45 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/03/31 09:35:41 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/03/31 09:35:41 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/03/31 09:35:41 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/03/31 09:33:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/03/31 09:33:34 | 000,088,280 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/03/31 09:33:34 | 000,063,192 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/03/31 09:33:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/03/31 09:21:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus
[2014/03/31 09:21:24 | 000,000,000 | ---D | C] -- C:\Program Files\Lavasoft
[2014/03/31 09:10:50 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Lavasoft
[2014/03/30 09:08:30 | 000,070,768 | ---- | C] (Nalpeiron Ltd.) -- C:\Windows\SysWow64\nlssrv32.exe
[2014/03/30 09:08:30 | 000,070,768 | ---- | C] (Nalpeiron Ltd.) -- C:\Windows\SysNative\nlssrv32.exe
[2014/03/30 09:08:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\onOne Software
[2014/03/29 16:09:59 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bridge to Another World - Burnt Dreams Collectors Edition
[2014/03/29 16:03:20 | 000,000,000 | ---D | C] -- C:\Windows\Bridge to Another World - Burnt Dreams Collectors Edition
[2014/03/29 10:29:51 | 000,033,616 | ---- | C] (Intel Corporation ) -- C:\Windows\SysNative\drivers\iqvw64e.sys
[2014/03/28 19:19:20 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Emberwing - Lost Legacy Collectors Edition
[2014/03/28 19:17:46 | 000,000,000 | ---D | C] -- C:\Windows\Emberwing - Lost Legacy Collectors Edition
[2014/03/28 19:02:41 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vacation Adventures - Park Ranger 2
[2014/03/28 19:02:24 | 000,000,000 | ---D | C] -- C:\Windows\Vacation Adventures - Park Ranger 2
[2014/03/25 17:56:32 | 000,000,000 | ---D | C] -- C:\Users\Otie\Documents\Amazing Slideshow Maker
[2014/03/22 08:41:13 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\CodeFluent.View
[2014/03/22 08:40:55 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\CodeFluent.Modeler.Portable
[2014/03/22 08:39:04 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Local\SoftFluent
[2014/03/20 09:19:49 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/03/19 17:25:10 | 000,036,096 | ---- | C] (Advanced Micro Devices, Inc.) -- C:\Windows\SysNative\drivers\amdkmpfd.sys
[2014/03/19 17:24:35 | 000,000,000 | ---D | C] -- C:\Program Files\Synaptics
[2014/03/19 17:24:09 | 000,034,544 | ---- | C] (Synaptics Incorporated) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys
[2014/03/18 16:13:05 | 006,574,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2014/03/18 16:13:05 | 005,694,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2014/03/18 16:13:03 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/03/18 16:13:03 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/03/18 16:13:03 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/03/18 16:13:02 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/03/18 16:13:02 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/03/18 16:13:02 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/03/18 16:13:02 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/03/18 16:13:02 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/03/18 16:13:02 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/03/18 16:13:02 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/03/18 16:13:01 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/03/18 16:13:01 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/03/18 16:13:01 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/03/18 16:13:01 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/03/18 16:13:00 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/03/18 16:13:00 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/03/18 16:13:00 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/03/18 16:13:00 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/03/18 16:13:00 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/03/18 16:12:59 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/03/18 16:12:59 | 000,940,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe
[2014/03/18 16:12:59 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/03/18 16:12:59 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/03/18 16:12:59 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/03/18 12:42:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zoolz
[2014/03/18 09:03:38 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2014/03/18 09:01:48 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2014/03/18 09:01:47 | 001,147,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2014/03/18 09:01:47 | 001,068,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2014/03/18 09:01:47 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2014/03/18 09:01:47 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2014/03/18 09:01:47 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2014/03/18 09:01:47 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2014/03/18 09:01:47 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2014/03/18 09:01:47 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2014/03/18 09:01:47 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2014/03/18 09:01:47 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2014/03/18 09:01:47 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2014/03/18 09:01:47 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2014/03/18 09:01:47 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2014/03/18 09:01:46 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdvidcrl.dll
[2014/03/18 09:01:46 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdvidcrl.dll
[2014/03/18 08:59:28 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014/03/18 08:59:26 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014/03/18 08:59:26 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014/03/18 08:59:26 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/03/18 08:59:25 | 001,051,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/03/18 08:59:25 | 000,942,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014/03/18 08:59:25 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014/03/18 08:59:25 | 000,610,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/03/18 08:59:25 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/03/18 08:59:25 | 000,247,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014/03/18 08:59:25 | 000,233,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/03/18 08:59:25 | 000,151,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014/03/18 08:59:25 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014/03/18 08:59:25 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014/03/18 08:59:25 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/03/18 08:59:25 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/03/18 08:59:25 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014/03/18 08:59:25 | 000,090,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014/03/18 08:59:25 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/03/18 08:59:25 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/03/18 08:59:25 | 000,083,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014/03/18 08:59:25 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014/03/18 08:59:25 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/03/18 08:59:25 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014/03/18 08:59:25 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014/03/18 08:59:25 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/03/18 08:59:25 | 000,056,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014/03/18 08:59:25 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014/03/18 08:59:25 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014/03/18 08:59:25 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/03/18 08:59:25 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/03/18 08:59:25 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/03/18 08:59:25 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/03/18 08:59:24 | 001,228,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/03/18 08:59:24 | 000,774,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/03/18 08:59:24 | 000,616,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014/03/18 08:59:24 | 000,453,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/03/18 08:59:24 | 000,413,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/03/18 08:59:24 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/03/18 08:59:24 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/03/18 08:59:24 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014/03/18 08:59:24 | 000,147,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/03/18 08:59:24 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014/03/18 08:59:24 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/03/18 08:59:24 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/03/18 08:59:24 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014/03/18 08:59:24 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/03/18 08:59:24 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/03/18 08:59:24 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014/03/18 08:59:24 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014/03/18 08:59:24 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014/03/18 08:59:24 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014/03/18 08:59:24 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/03/18 08:59:24 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/03/18 08:59:24 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/03/18 08:57:46 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2014/03/18 08:57:46 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2014/03/18 08:57:46 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2014/03/18 08:57:46 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2014/03/18 08:57:45 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2014/03/18 08:57:45 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2014/03/18 08:57:45 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2014/03/18 08:57:27 | 000,000,000 | ---D | C] -- C:\history
[2014/03/18 08:56:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing Desktop
[2014/03/18 08:41:22 | 001,030,144 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWorkspace.dll
[2014/03/18 08:41:22 | 000,792,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\TSWorkspace.dll
[2014/03/17 09:05:29 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Roaming\FamilyTreeMaker
[2014/03/17 08:21:59 | 000,000,000 | ---D | C] -- C:\Users\Otie\AppData\Local\Sanwhole
[2014/03/17 08:11:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftOrbits Icon Maker
[2011/11/25 12:44:22 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\Otie\AppData\Roaming\pcouffin.sys
[2011/04/18 22:51:20 | 000,653,136 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\MSVCR90.dll
[2011/04/18 22:51:20 | 000,569,680 | ---- | C] (Microsoft Corporation) -- C:\Program Files (x86)\Common Files\MSVCP90.dll
[2010/12/16 21:39:36 | 000,302,592 | ---- | C] (Google) -- C:\Program Files (x86)\Common Files\webmmux.dll
[2010/12/16 21:39:16 | 000,701,440 | ---- | C] (Google) -- C:\Program Files (x86)\Common Files\vp8encoder.dll
[2010/12/16 21:39:16 | 000,412,672 | ---- | C] (Google) -- C:\Program Files (x86)\Common Files\vp8decoder.dll
[2010/12/16 21:39:14 | 000,292,352 | ---- | C] (Google) -- C:\Program Files (x86)\Common Files\webmsplit.dll
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2014/04/16 07:14:24 | 000,787,576 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/04/16 07:14:24 | 000,665,778 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/04/16 07:14:24 | 000,123,328 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/04/16 07:12:35 | 000,000,330 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize 4.job
[2014/04/16 07:11:32 | 000,003,098 | ---- | M] () -- C:\Windows\tasks\media enhance-chromeinstaller.job
[2014/04/16 07:11:32 | 000,000,374 | ---- | M] () -- C:\Windows\tasks\ResourceMonitor.job
[2014/04/16 07:11:32 | 000,000,322 | ---- | M] () -- C:\Windows\tasks\GlaryInitialize.job
[2014/04/16 07:07:00 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/04/16 07:06:09 | 000,028,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/04/16 07:06:09 | 000,028,352 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/04/16 07:06:00 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2573087068-2607692701-1072482724-1000UA.job
[2014/04/16 07:00:02 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/04/16 06:58:05 | 000,012,203 | RH-- | M] () -- C:\farstone_pe.letter
[2014/04/16 06:56:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/04/15 19:49:26 | 000,000,908 | ---- | M] () -- C:\Users\Otie\Desktop\1-abc.net Duplicate Finder.lnk
[2014/04/15 19:24:07 | 000,692,400 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/04/15 19:24:07 | 000,070,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/04/15 12:01:35 | 000,012,216 | ---- | M] () -- C:\Windows\SysNative\bddel.dat
[2014/04/15 10:44:20 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\GlaryUpdate 4.job
[2014/04/15 07:55:58 | 000,002,128 | ---- | M] () -- C:\Users\Otie\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Thunderbird.lnk
[2014/04/15 07:55:58 | 000,002,104 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2014/04/15 07:40:37 | 000,001,124 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/14 23:06:00 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2573087068-2607692701-1072482724-1000Core.job
[2014/04/14 20:30:00 | 000,000,508 | ---- | M] () -- C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 39c4d925-a8d1-4f3e-b1c2-2488c829fed5.job
[2014/04/14 16:42:26 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2014/04/14 13:45:00 | 000,000,360 | -H-- | M] () -- C:\Windows\tasks\spotfluxupdater.job
[2014/04/14 10:25:37 | 000,001,067 | ---- | M] () -- C:\Users\Otie\Desktop\The Ultimate Easter Puzzler.lnk
[2014/04/14 10:24:17 | 000,001,188 | ---- | M] () -- C:\Users\Otie\Desktop\Cadenza Music Betrayal and Death CE.lnk
[2014/04/14 09:21:04 | 000,001,896 | ---- | M] () -- C:\Users\Otie\Desktop\IrfanView Thumbnails.lnk
[2014/04/14 09:21:04 | 000,001,004 | ---- | M] () -- C:\Users\Otie\Desktop\IrfanView.lnk
[2014/04/13 10:41:56 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Otie\Desktop\OTL.exe
[2014/04/12 14:18:00 | 000,000,290 | ---- | M] () -- C:\Windows\tasks\DLL-Files.Com Fixer_Updates.job
[2014/04/12 14:14:24 | 000,000,029 | ---- | M] () -- C:\Windows\popcinfo.dat
[2014/04/12 13:30:17 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/04/10 07:23:00 | 000,001,132 | ---- | M] () -- C:\Users\Otie\Desktop\Jane Angel 2 - Fallen Heaven Premium Edition.lnk
[2014/04/09 21:11:24 | 000,681,888 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/04/09 19:08:16 | 000,002,331 | ---- | M] () -- C:\Users\Otie\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/04/09 19:08:16 | 000,002,329 | ---- | M] () -- C:\Users\Otie\Desktop\Google Chrome.lnk
[2014/04/06 06:43:14 | 000,000,665 | ---- | M] () -- C:\Users\Otie\Desktop\StickyLinky - Shortcut.lnk
[2014/04/05 18:45:22 | 000,001,016 | ---- | M] () -- C:\Users\Otie\Desktop\Hidden Object - Home Makeover.lnk
[2014/04/03 09:51:16 | 000,063,192 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/04/03 09:51:04 | 000,088,280 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/04/03 09:50:58 | 000,025,816 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/04/03 07:58:02 | 002,101,848 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2014/04/03 07:58:01 | 002,792,152 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2014/04/03 07:58:01 | 001,999,128 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\SysNative\MBAPO264.dll
[2014/04/03 07:58:01 | 001,728,280 | ---- | M] (Creative Technology Ltd.) -- C:\Windows\SysWow64\MBAPO232.dll
[2014/04/03 07:58:01 | 001,286,872 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2014/04/03 07:58:01 | 001,024,216 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2014/04/03 07:58:01 | 000,946,392 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInstII64.dll
[2014/04/03 07:58:01 | 000,757,301 | ---- | M] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2014/04/03 07:58:01 | 000,624,344 | ---- | M] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtDataProc64.dll
[2014/04/03 07:58:00 | 002,770,976 | ---- | M] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2014/04/03 07:58:00 | 002,037,336 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2014/04/03 07:58:00 | 001,033,304 | ---- | M] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2014/04/02 14:18:00 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\DLL-Files.Com Fixer_MONTHLY.job
[2014/04/01 19:40:48 | 000,000,548 | ---- | M] () -- C:\Users\Otie\Desktop\Emsisoft Emergency Kit.lnk
[2014/04/01 19:37:16 | 225,112,864 | ---- | M] () -- C:\Users\Otie\Desktop\EmsisoftEmergencyKit.exe
[2014/04/01 19:36:59 | 002,157,056 | ---- | M] (Farbar) -- C:\Users\Otie\Desktop\FRST64.exe
[2014/03/31 11:49:33 | 000,040,720 | ---- | M] (Greatis Software) -- C:\Windows\SysNative\Partizan.exe
[2014/03/31 11:21:33 | 000,000,002 | RHS- | M] () -- C:\Windows\winstart.bat
[2014/03/31 11:21:33 | 000,000,002 | RHS- | M] () -- C:\Windows\SysWow64\CONFIG.NT
[2014/03/31 11:21:33 | 000,000,002 | RHS- | M] () -- C:\Windows\SysWow64\AUTOEXEC.NT
[2014/03/31 11:21:31 | 000,035,816 | ---- | M] (Greatis Software) -- C:\Windows\SysWow64\drivers\Partizan.sys
[2014/03/31 10:50:01 | 000,000,163 | ---- | M] () -- C:\Users\Otie\AppData\Roaming\WB.CFG
[2014/03/31 10:48:37 | 000,001,112 | ---- | M] () -- C:\Users\Otie\Desktop\UnHackMe.lnk
[2014/03/31 09:38:56 | 000,001,072 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/03/31 09:35:37 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2014/03/31 09:35:36 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2014/03/31 09:35:36 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2014/03/31 09:35:36 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2014/03/31 09:30:55 | 000,001,317 | ---- | M] () -- C:\Users\Public\Desktop\Media Player Classic.lnk
[2014/03/31 09:21:42 | 000,001,355 | ---- | M] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014/03/31 09:15:19 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/03/30 09:09:49 | 000,001,949 | ---- | M] () -- C:\Users\Public\Desktop\Perfect Effects 8.lnk
[2014/03/27 12:55:26 | 000,012,800 | ---- | M] (Greatis Software, LLC.) -- C:\Windows\SysWow64\drivers\UnHackMeDrv.sys
[2014/03/26 19:10:49 | 000,221,384 | ---- | M] () -- C:\Users\Otie\Documents\Family+Fun+Pool+Schedule+3.3.14.pdf
[2014/03/26 19:02:15 | 000,001,165 | ---- | M] () -- C:\Users\Otie\Desktop\MiniLyrics - Shortcut.lnk
[2014/03/26 19:01:02 | 000,001,327 | ---- | M] () -- C:\Users\Otie\Desktop\ASMaker - Shortcut.lnk
[2014/03/26 18:45:49 | 000,001,184 | ---- | M] () -- C:\Users\Public\Desktop\Driver Booster.lnk
[2014/03/25 17:59:14 | 000,000,153 | ---- | M] () -- C:\Users\Otie\Desktop\Glarysoft Giveaway.url
[2014/03/24 12:00:47 | 000,338,385 | ---- | M] () -- C:\Users\Otie\Through Feb 2014.amk
[2014/03/24 08:14:40 | 000,000,214 | ---- | M] () -- C:\Users\Public\Desktop\Your Software Deals.url
[2014/03/22 08:40:33 | 000,001,830 | ---- | M] () -- C:\Users\Otie\Desktop\CodeFluent.View - Shortcut.lnk
[2014/03/22 08:40:21 | 000,001,950 | ---- | M] () -- C:\Users\Otie\Desktop\CodeFluent.Modeler.Portable - Shortcut.lnk
[2014/03/22 08:38:55 | 000,001,841 | ---- | M] () -- C:\Users\Otie\Desktop\CodeFluent.Build - Shortcut.lnk
[2014/03/20 09:21:00 | 000,779,698 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/03/19 20:25:41 | 000,001,572 | ---- | M] () -- C:\Windows\HRMY98.MIF
[2014/03/19 17:39:08 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/03/19 17:35:15 | 000,002,260 | ---- | M] () -- C:\Windows\SysNative\ASOROSet.bin
[2014/03/19 17:25:00 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ICCWDT_01009.Wdf
[2014/03/19 17:24:36 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
[2014/03/18 12:42:44 | 000,000,954 | ---- | M] () -- C:\Users\Otie\Desktop\Zoolz.lnk
[2014/03/18 08:59:28 | 000,194,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll
[2014/03/18 08:59:26 | 000,645,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jsIntl.dll
[2014/03/18 08:59:26 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll
[2014/03/18 08:59:26 | 000,071,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2014/03/18 08:59:25 | 001,051,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll
[2014/03/18 08:59:25 | 000,942,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jsIntl.dll
[2014/03/18 08:59:25 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat
[2014/03/18 08:59:25 | 000,610,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2014/03/18 08:59:25 | 000,337,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec
[2014/03/18 08:59:25 | 000,247,808 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll
[2014/03/18 08:59:25 | 000,233,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2014/03/18 08:59:25 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe
[2014/03/18 08:59:25 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe
[2014/03/18 08:59:25 | 000,131,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll
[2014/03/18 08:59:25 | 000,127,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll
[2014/03/18 08:59:25 | 000,116,736 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll
[2014/03/18 08:59:25 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll
[2014/03/18 08:59:25 | 000,105,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2014/03/18 08:59:25 | 000,090,112 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe
[2014/03/18 08:59:25 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2014/03/18 08:59:25 | 000,086,016 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2014/03/18 08:59:25 | 000,083,456 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll
[2014/03/18 08:59:25 | 000,074,240 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe
[2014/03/18 08:59:25 | 000,069,632 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2014/03/18 08:59:25 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll
[2014/03/18 08:59:25 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx
[2014/03/18 08:59:25 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\MshtmlDac.dll
[2014/03/18 08:59:25 | 000,056,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll
[2014/03/18 08:59:25 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll
[2014/03/18 08:59:25 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll
[2014/03/18 08:59:25 | 000,034,816 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
[2014/03/18 08:59:25 | 000,024,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll
[2014/03/18 08:59:25 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/03/18 08:59:25 | 000,013,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe
[2014/03/18 08:59:25 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe
[2014/03/18 08:59:24 | 001,228,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll
[2014/03/18 08:59:24 | 000,774,144 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2014/03/18 08:59:24 | 000,616,104 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat
[2014/03/18 08:59:24 | 000,453,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll
[2014/03/18 08:59:24 | 000,413,696 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec
[2014/03/18 08:59:24 | 000,296,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll
[2014/03/18 08:59:24 | 000,235,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2014/03/18 08:59:24 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe
[2014/03/18 08:59:24 | 000,147,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll
[2014/03/18 08:59:24 | 000,143,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe
[2014/03/18 08:59:24 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll
[2014/03/18 08:59:24 | 000,101,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll
[2014/03/18 08:59:24 | 000,084,992 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2014/03/18 08:59:24 | 000,083,968 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MshtmlDac.dll
[2014/03/18 08:59:24 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll
[2014/03/18 08:59:24 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx
[2014/03/18 08:59:24 | 000,062,464 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll
[2014/03/18 08:59:24 | 000,048,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll
[2014/03/18 08:59:24 | 000,040,448 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\JavaScriptCollectionAgent.dll
[2014/03/18 08:59:24 | 000,030,208 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll
[2014/03/18 08:59:24 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf
[2014/03/18 08:59:24 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe
[2014/03/17 08:11:32 | 000,000,720 | ---- | M] () -- C:\Users\Otie\Desktop\SoftOrbits Icon Maker.lnk
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2014/04/16 06:57:59 | 000,012,203 | RH-- | C] () -- C:\farstone_pe.letter
[2014/04/15 19:49:26 | 000,000,908 | ---- | C] () -- C:\Users\Otie\Desktop\1-abc.net Duplicate Finder.lnk
[2014/04/15 12:01:33 | 000,012,216 | ---- | C] () -- C:\Windows\SysNative\bddel.dat
[2014/04/15 07:55:58 | 000,002,116 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
[2014/04/14 10:25:37 | 000,001,067 | ---- | C] () -- C:\Users\Otie\Desktop\The Ultimate Easter Puzzler.lnk
[2014/04/14 10:24:17 | 000,001,188 | ---- | C] () -- C:\Users\Otie\Desktop\Cadenza Music Betrayal and Death CE.lnk
[2014/04/14 09:21:04 | 000,001,896 | ---- | C] () -- C:\Users\Otie\Desktop\IrfanView Thumbnails.lnk
[2014/04/14 09:21:04 | 000,001,004 | ---- | C] () -- C:\Users\Otie\Desktop\IrfanView.lnk
[2014/04/12 13:30:17 | 000,001,171 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/04/10 07:23:00 | 000,001,132 | ---- | C] () -- C:\Users\Otie\Desktop\Jane Angel 2 - Fallen Heaven Premium Edition.lnk
[2014/04/06 06:43:14 | 000,000,665 | ---- | C] () -- C:\Users\Otie\Desktop\StickyLinky - Shortcut.lnk
[2014/04/05 18:45:22 | 000,001,016 | ---- | C] () -- C:\Users\Otie\Desktop\Hidden Object - Home Makeover.lnk
[2014/04/03 07:58:01 | 000,757,301 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2014/04/01 19:40:48 | 000,000,548 | ---- | C] () -- C:\Users\Otie\Desktop\Emsisoft Emergency Kit.lnk
[2014/04/01 19:35:06 | 225,112,864 | ---- | C] () -- C:\Users\Otie\Desktop\EmsisoftEmergencyKit.exe
[2014/03/31 11:21:33 | 000,000,002 | RHS- | C] () -- C:\Windows\winstart.bat
[2014/03/31 11:21:33 | 000,000,002 | RHS- | C] () -- C:\Windows\SysWow64\CONFIG.NT
[2014/03/31 11:21:33 | 000,000,002 | RHS- | C] () -- C:\Windows\SysWow64\AUTOEXEC.NT
[2014/03/31 10:48:37 | 000,001,112 | ---- | C] () -- C:\Users\Otie\Desktop\UnHackMe.lnk
[2014/03/31 09:38:56 | 000,001,072 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2014/03/31 09:31:00 | 000,001,317 | ---- | C] () -- C:\Users\Public\Desktop\Media Player Classic.lnk
[2014/03/31 09:21:42 | 000,001,355 | ---- | C] () -- C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
[2014/03/30 09:09:49 | 000,001,949 | ---- | C] () -- C:\Users\Public\Desktop\Perfect Effects 8.lnk
[2014/03/26 19:10:49 | 000,221,384 | ---- | C] () -- C:\Users\Otie\Documents\Family+Fun+Pool+Schedule+3.3.14.pdf
[2014/03/26 19:02:15 | 000,001,165 | ---- | C] () -- C:\Users\Otie\Desktop\MiniLyrics - Shortcut.lnk
[2014/03/26 19:01:02 | 000,001,327 | ---- | C] () -- C:\Users\Otie\Desktop\ASMaker - Shortcut.lnk
[2014/03/24 12:00:47 | 000,338,385 | ---- | C] () -- C:\Users\Otie\Through Feb 2014.amk
[2014/03/22 08:40:33 | 000,001,830 | ---- | C] () -- C:\Users\Otie\Desktop\CodeFluent.View - Shortcut.lnk
[2014/03/22 08:40:21 | 000,001,950 | ---- | C] () -- C:\Users\Otie\Desktop\CodeFluent.Modeler.Portable - Shortcut.lnk
[2014/03/22 08:38:55 | 000,001,841 | ---- | C] () -- C:\Users\Otie\Desktop\CodeFluent.Build - Shortcut.lnk
[2014/03/19 17:28:41 | 000,002,260 | ---- | C] () -- C:\Windows\SysNative\ASOROSet.bin
[2014/03/19 17:25:00 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ICCWDT_01009.Wdf
[2014/03/19 17:24:36 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
[2014/03/18 08:59:25 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf
[2014/03/18 08:59:24 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf
[2014/03/17 08:11:32 | 000,000,720 | ---- | C] () -- C:\Users\Otie\Desktop\SoftOrbits Icon Maker.lnk
[2014/02/07 07:34:19 | 000,000,023 | ---- | C] () -- C:\Windows\SysWow64\AmigabitPowerboosterTrial.dll
[2014/02/05 09:52:07 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/02/03 08:20:00 | 000,000,044 | ---- | C] () -- C:\ProgramData\{3D55D1F4-1059-11DC-B281-197056D89593}
[2014/01/04 08:48:35 | 000,000,010 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\pdfdrawcodec.dll
[2014/01/03 08:39:54 | 002,499,656 | ---- | C] () -- C:\Windows\SysWow64\BootMan.exe
[2014/01/03 08:39:54 | 000,087,112 | ---- | C] () -- C:\Windows\SysWow64\setupempdrv03.exe
[2014/01/03 08:39:54 | 000,019,840 | ---- | C] () -- C:\Windows\SysWow64\EuEpmGdi.dll
[2014/01/03 08:39:54 | 000,014,920 | ---- | C] () -- C:\Windows\SysWow64\epmntdrv.sys
[2014/01/03 08:39:54 | 000,009,160 | ---- | C] () -- C:\Windows\SysWow64\EuGdiDrv.sys
[2013/12/28 08:01:31 | 000,001,156 | ---- | C] () -- C:\Users\Otie\AppData\Local\Tenorshare Music Cleanup.dat
[2013/12/24 09:01:33 | 001,806,960 | ---- | C] () -- C:\Windows\ampa.exe
[2013/12/24 09:01:33 | 000,017,008 | ---- | C] () -- C:\Windows\SysWow64\ampa.sys
[2013/11/13 07:33:13 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dat
[2013/11/07 08:50:01 | 000,000,163 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\WB.CFG
[2013/09/22 21:32:55 | 000,000,000 | ---- | C] () -- C:\Windows\Game.INI
[2013/08/14 07:42:28 | 000,000,037 | -HS- | C] () -- C:\Users\Otie\AppData\Local\70149b02515b3bb20dd492.47983420
[2013/08/10 07:21:35 | 000,000,011 | ---- | C] () -- C:\Windows\mahjongg.INI
[2013/07/24 20:19:28 | 000,503,509 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\log.sflog
[2013/07/14 07:17:01 | 000,000,703 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\pdfsound.dll
[2013/07/14 07:17:01 | 000,000,053 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\setting.ini
[2013/07/14 07:17:01 | 000,000,043 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\setup_pdfrotator.ini
[2013/07/14 07:17:01 | 000,000,043 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\setup_pdfcombine.ini
[2013/07/14 07:17:01 | 000,000,030 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\setup.ini
[2013/07/14 07:17:01 | 000,000,014 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\options.ini
[2013/07/14 07:17:01 | 000,000,003 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\options_pdfrotator.ini
[2013/07/14 07:17:01 | 000,000,003 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\options_pdfcombine.ini
[2013/07/09 07:48:48 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2013/06/04 06:15:45 | 000,000,007 | ---- | C] () -- C:\Program Files (x86)\SysResources Managersyok12.dat
[2013/06/04 06:15:36 | 000,015,620 | ---- | C] () -- C:\Windows\SysWow64\SystemRs122.f.SYS
[2013/06/02 04:48:01 | 000,000,007 | ---- | C] () -- C:\Windows\sysres14.dat
[2013/05/15 23:32:24 | 000,056,072 | ---- | C] () -- C:\Windows\AUDBootDefrag.exe
[2013/04/13 15:37:45 | 000,019,634 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\UserTile.png
[2013/04/01 02:13:30 | 000,074,752 | ---- | C] () -- C:\Windows\vssMgr.exe
[2013/03/08 02:39:40 | 000,024,036 | ---- | C] () -- C:\Users\Otie\SDActivate.lng
[2013/01/17 06:45:19 | 000,000,176 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\Earthquakes Meter_Settings.ini
[2013/01/13 16:34:26 | 000,016,384 | ---- | C] () -- C:\Windows\SysWow64\FileOps.exe
[2012/12/15 14:39:10 | 006,955,008 | ---- | C] () -- C:\Windows\SysWow64\common_res.dll
[2012/12/05 11:07:10 | 000,315,392 | ---- | C] () -- C:\Windows\SysWow64\EMRegSys.dll
[2012/12/03 08:39:46 | 000,000,567 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\burnaware.ini
[2012/11/30 08:05:25 | 000,163,123 | ---- | C] () -- C:\Windows\Animated Screensaver Maker Uninstaller.exe
[2012/11/26 07:38:28 | 000,000,000 | ---- | C] () -- C:\Windows\BanPrc.dat
[2012/11/26 07:37:31 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.Shell32.dll
[2012/11/26 07:37:31 | 000,049,152 | ---- | C] ( ) -- C:\Windows\Interop.IWshRuntimeLibrary.dll
[2012/09/03 07:21:26 | 000,163,029 | ---- | C] () -- C:\Windows\DP Animation Maker Uninstaller.exe
[2012/08/15 13:38:15 | 000,109,256 | ---- | C] () -- C:\Windows\SysWow64\EasyHook64.dll
[2012/08/15 13:38:15 | 000,090,824 | ---- | C] () -- C:\Windows\SysWow64\EasyHook32.dll
[2012/07/21 08:34:27 | 000,000,008 | ---- | C] () -- C:\Windows\SysWow64\CA4DCE6217.sys
[2012/07/13 06:38:28 | 000,000,128 | ---- | C] () -- C:\ProgramData\avalon2.2_WIPE2012.ini
[2012/07/13 06:38:22 | 000,340,992 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll
[2012/07/13 06:38:20 | 000,340,992 | ---- | C] () -- C:\Windows\sqlite36_engine.dll
[2012/05/20 06:04:34 | 000,580,096 | ---- | C] () -- C:\Windows\SysWow64\lame.exe
[2012/05/20 06:04:34 | 000,484,352 | ---- | C] () -- C:\Windows\SysWow64\lame_enc.dll
[2012/05/20 06:04:34 | 000,307,200 | ---- | C] () -- C:\Windows\SysWow64\Mp3Ctrl.dll
[2012/05/20 06:04:34 | 000,131,176 | ---- | C] () -- C:\Windows\SysWow64\mp3gain.exe
[2012/05/20 06:04:34 | 000,086,016 | ---- | C] () -- C:\Windows\SysWow64\akrip32.dll
[2012/05/20 06:04:31 | 000,003,180 | ---- | C] () -- C:\Users\Otie\AppData\Local\ZortamMp3MediaStudio.iss
[2012/05/11 14:16:16 | 000,171,520 | ---- | C] () -- C:\Program Files (x86)\Common Files\dsfOggDemux2.dll
[2012/04/25 20:35:19 | 000,000,074 | ---- | C] () -- C:\Windows\PBUpdate.ini
[2012/04/25 14:12:33 | 000,000,323 | ---- | C] () -- C:\Windows\WININIT.INI
[2012/04/21 11:19:23 | 000,004,096 | ---- | C] () -- C:\Windows\d3dx.dat
[2012/04/20 09:33:41 | 000,000,297 | ---- | C] () -- C:\Users\Otie\SecurityKISSTunnel.config
[2012/03/29 16:42:18 | 000,007,633 | ---- | C] () -- C:\Users\Otie\AppData\Local\resmon.resmoncfg
[2012/03/05 12:07:06 | 000,000,684 | ---- | C] () -- C:\Users\Otie\AppData\Local\mcset.cfg
[2011/11/27 07:10:48 | 000,845,123 | ---- | C] () -- C:\Users\Otie\AppData\Local\census.cache
[2011/11/27 07:10:40 | 000,144,324 | ---- | C] () -- C:\Users\Otie\AppData\Local\ars.cache
[2011/11/27 07:02:25 | 000,000,036 | ---- | C] () -- C:\Users\Otie\AppData\Local\housecall.guid.cache
[2011/11/25 12:45:14 | 000,001,173 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\vso_ts_preview.xml
[2011/11/25 12:44:22 | 000,099,384 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\inst.exe
[2011/11/25 12:44:22 | 000,007,859 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\pcouffin.cat
[2011/11/25 12:44:22 | 000,001,167 | ---- | C] () -- C:\Users\Otie\AppData\Roaming\pcouffin.inf
[2011/11/12 06:45:29 | 000,002,348 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2011/11/08 08:51:56 | 000,061,440 | ---- | C] () -- C:\Users\Otie\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/01/12 02:00:44 | 000,030,208 | ---- | C] () -- C:\Program Files (x86)\Common Files\wmpinfo.dll
[2011/01/12 02:00:42 | 000,240,128 | ---- | C] () -- C:\Program Files (x86)\Common Files\dsfVorbisDecoder.dll
[2011/01/12 02:00:42 | 000,146,944 | ---- | C] () -- C:\Program Files (x86)\Common Files\dsfFLACDecoder.dll
[2011/01/12 02:00:40 | 000,221,184 | ---- | C] () -- C:\Program Files (x86)\Common Files\dsfFLACEncoder.dll
[2011/01/12 02:00:40 | 000,204,800 | ---- | C] () -- C:\Program Files (x86)\Common Files\dsfNativeFLACSource.dll

========== ZeroAccess Check ==========

[2011/11/09 19:12:03 | 000,000,000 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\L.gif
[2011/11/09 19:53:48 | 000,008,571 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\l.jpg
[2011/11/09 19:12:03 | 000,000,000 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\N.gif
[2011/11/09 19:12:03 | 000,029,054 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\U.gif
[2011/11/10 07:50:49 | 000,028,617 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{03DBA44B-040F-4010-86D4-4D91906E9120}\L.gif
[2011/11/10 07:50:49 | 000,029,054 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{07FB3302-348B-4ACA-94C0-255189AD8B3E}\U.gif
[2011/11/10 07:50:49 | 000,029,161 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{167209A4-644A-4381-AFF4-D5E0656FE819}\N.gif
[2011/11/09 22:00:08 | 000,000,000 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{376D2853-44FC-4745-988E-6005F8691813}\N.gif
[2011/11/09 22:00:08 | 000,000,000 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{5B603533-0FF5-4A1D-A84C-FACDCE9E7407}\L.gif
[2011/11/09 22:00:08 | 000,029,054 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{62CA621A-FC64-4998-A5E2-70084FBD85D2}\U.gif
[2011/11/09 20:17:48 | 000,028,617 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{8C96B714-BCD2-4C6E-9FFD-8A67C3EC9125}\L.gif
[2011/11/09 20:17:48 | 000,029,054 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{DB748AAC-D4BC-4213-BDEC-824AED1ED426}\U.gif
[2011/11/09 20:17:48 | 000,029,161 | R--- | M] () -- C:\Users\Otie\AppData\Local\IM\Identities\{C7E5A081-BF2E-42EF-A5B4-169248C2C5AB}\message store\attachments\{E90D0C93-1032-4866-90AD-0224CB48AD9B}\N.gif
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 22:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/03/06 07:14:46 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Genie-Soft
[2012/08/06 10:12:12 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Ludomo
[2012/12/22 14:40:50 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\ProcessLasso
[2012/03/06 07:14:46 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Genie-Soft
[2012/08/06 10:12:12 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Ludomo
[2012/12/22 14:40:50 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\ProcessLasso
[2013/12/13 13:26:05 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\1-abc
[2013/06/19 17:18:05 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\10tons
[2013/07/12 21:24:06 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\2monkeys
[2013/08/20 12:09:03 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\4 Friends Games
[2014/01/30 12:32:03 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\8floor
[2011/11/09 07:27:18 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\A4DeskPro
[2013/08/24 20:20:30 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Absolutist
[2012/01/19 22:23:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Acronis
[2012/04/21 11:19:22 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Adore Games
[2012/04/05 10:21:52 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\AdultAdvantage
[2014/02/03 08:21:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\AJ SQUARE INC
[2014/04/06 06:46:19 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Alawar Entertainment
[2013/08/24 19:18:25 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\AlawarEntertainment
[2012/03/21 08:32:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\AlwaysNeat
[2013/08/20 12:09:03 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Angler
[2013/08/20 12:13:06 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\AnnVideo
[2013/08/26 07:36:47 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Anvate Games
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Anvsoft
[2013/12/16 09:10:25 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Anyplace Control 4
[2013/10/20 10:16:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Apowersoft
[2013/11/20 17:47:38 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Applied Systems Ltd
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ArcticLine
[2012/08/11 13:11:06 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Arevan The Bitter Truth
[2013/12/12 17:06:14 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Argali
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Art Mahjongg Egypt
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Artifact Quest
[2013/07/30 18:08:14 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Artifex Mundi
[2013/05/04 07:57:18 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Artogon
[2014/01/25 07:56:05 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Ashampoo
[2013/06/26 20:22:57 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Ashampoo Slideshow Studio 2013
[2013/05/19 07:22:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Asterisk Password Decryptor
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Astro Gemini Software
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Atomic Alarm Clock 6
[2013/08/20 12:13:28 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Audacity
[2013/08/18 11:43:00 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Auslogics
[2012/07/12 06:25:57 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\AV Burning Pro
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Aveyond 3
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Awem
[2013/07/23 12:52:17 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Awesomium
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\B
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\BackToTheBeach
[2012/09/08 12:37:47 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\BackupSF
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\bicyclestudios
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Big Fish Games
[2012/04/15 18:52:38 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\bigwig_media
[2014/02/16 11:37:31 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\BlamGames
[2011/11/07 07:43:06 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Blio
[2013/02/15 15:34:24 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Blue Tea Games
[2013/07/18 12:53:58 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\BlueMountain.D47BD63EE77CC0AC7AE23BFA386A3F1EDA7C080D.1
[2013/08/20 12:09:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\BlueSprig
[2013/07/05 17:38:01 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Bmd
[2014/04/04 19:56:29 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Boomzap
[2013/11/02 10:12:36 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Brabl
[2014/01/22 11:38:23 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Brave Giant
[2013/12/11 16:51:42 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\BrightnessGuide
[2014/02/16 11:15:35 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\calibre
[2013/08/20 12:09:05 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Canneverbe Limited
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\CaptureSaver
[2013/11/24 12:58:06 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Casual Arts
[2013/12/25 12:13:42 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\casualArts
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Catalina Marketing Corp
[2013/04/14 16:49:15 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\cerasus.media
[2013/03/05 21:20:03 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\cerasus.media GmbH
[2013/06/20 19:23:13 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Chayowo Games
[2012/06/12 06:34:03 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ChemTable Software
[2013/10/30 19:32:31 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ClassicShell
[2013/08/20 12:13:07 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\CloneSpy
[2014/03/22 08:40:55 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\CodeFluent.Modeler.Portable
[2014/03/22 08:41:13 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\CodeFluent.View
[2012/04/02 14:09:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\CoffeeCup Software
[2013/02/05 18:53:55 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Color Brush
[2013/04/26 05:41:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\com.koingosw.DataGuardian
[2014/01/27 07:29:48 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\com.leawo.imediago
[2014/02/06 07:10:36 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\CommonDataMSI
[2013/08/20 12:13:07 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Copernic
[2012/10/09 06:32:16 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\DailyMagic
[2012/03/22 19:48:16 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Dark Blue Games
[2013/02/26 08:13:18 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Dashlane
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\DAZ 3D
[2014/01/21 08:54:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Deep Shadows
[2011/11/24 04:32:20 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Dexpot
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Digiarty
[2014/03/31 11:49:55 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\DIGITALSITES.del
[2013/08/29 20:04:30 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\DikobrazGames
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\DK Finder
[2013/03/22 07:03:07 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\DMCache
[2014/01/26 12:44:41 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\DominiGames
[2013/08/20 12:13:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Downloaded Installations
[2013/08/20 12:09:17 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Dragonshorn Studios
[2014/01/11 09:05:37 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Driver Magician
[2013/08/20 12:09:18 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Dropbox
[2014/02/01 15:26:24 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\DVDFab9
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\DVDVideoSoft
[2011/11/26 10:50:39 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\EA
[2014/04/16 07:39:59 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Earth Alerts
[2013/09/04 06:22:31 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Easy Query Builder
[2011/11/24 04:51:44 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Easy Watermark Studio
[2013/12/05 19:31:35 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\eDoc LLC
[2013/11/25 18:25:29 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\eGames
[2013/12/19 22:49:48 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Eipix
[2013/08/20 12:09:19 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\EleFun Games
[2014/01/01 20:50:44 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Elephant Games
[2013/08/20 12:13:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\EMCO
[2013/11/18 09:26:39 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\EnchantedCavern2
[2013/11/11 07:30:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Engelmann Media
[2013/08/07 15:13:47 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Enlightenus2_BFG
[2013/11/28 11:52:53 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\EQATEC Analytics
[2013/09/17 20:55:24 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ERS G-Studio
[2014/01/16 15:24:48 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ERS Game Studios
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\EurekaLog
[2013/11/15 07:30:37 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Eusing
[2014/01/22 20:55:17 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Eyeblaster
[2014/03/17 09:06:50 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\FamilyTreeMaker
[2013/10/05 18:26:29 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\FamilyVacationCalifornia
[2014/02/13 20:28:31 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Fanda Games
[2013/05/14 20:25:36 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\FarmMystery
[2013/12/08 21:41:52 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\FGS
[2012/11/06 15:54:51 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\FileOpen
[2011/11/03 13:22:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Fingertapps
[2013/03/02 20:53:05 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Floodlight Games
[2012/03/19 08:02:46 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Folder Scout Labs
[2013/11/15 15:05:53 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Foxit Software
[2013/01/16 14:36:48 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Free Download Manager
[2013/07/02 12:03:57 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Free Scan to PDF
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\FreeAudioPack
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\FreeBurner
[2014/02/20 08:06:05 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\FreeCDRipper
[2013/08/20 12:09:20 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Friday's games
[2012/06/21 07:58:22 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Frieger
[2013/10/08 11:19:11 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Fugazo
[2013/08/20 12:13:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\funkitron
[2013/11/26 10:05:19 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Funlinker
[2013/09/27 14:25:56 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Fuzzy Bug Interactive
[2013/12/12 16:50:41 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GameCards
[2014/01/09 17:41:46 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GameCartel
[2012/03/29 17:13:31 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GameHouse
[2013/01/01 09:34:35 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GameInvest
[2013/05/06 20:55:47 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GameMill Entertainment
[2013/08/20 12:09:20 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Genie-Soft
[2013/08/28 16:47:59 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Genie9
[2013/11/27 10:22:36 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Genimo
[2013/01/29 16:28:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Ghost Ship Studios
[2013/10/13 20:40:13 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GhostElisaCameron
[2012/09/16 14:23:43 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GhostFleet
[2012/11/03 06:24:40 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GirlsWithSecretsAdventure
[2013/12/25 08:30:09 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GlarySoft
[2014/03/26 11:08:49 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Glarysoft Giveaway
[2013/08/20 12:09:20 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Gogii
[2014/01/08 14:05:11 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Gogii Games
[2013/01/29 05:35:11 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Gold Casual Games
[2012/01/15 08:40:15 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Good Keywords v2
[2012/03/18 08:08:44 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GoodSync
[2011/11/09 10:28:33 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GottCode
[2013/08/20 12:09:20 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GrassGames
[2012/09/29 18:21:38 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\GuardiansOfMagic
[2013/04/26 15:44:44 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Gunnar Games
[2013/09/12 17:39:19 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Hard Disk Sentinel
[2012/08/20 21:40:58 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\HdO Adventure
[2012/04/28 13:56:32 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\HitPoint Studios
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\holdkey
[2014/04/06 12:35:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\HomeMakeover
[2014/01/09 19:05:02 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Hoyle Card Games Vol. 4
[2014/02/17 09:58:30 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Hoyle FaceCreator
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Hoyle Puzzle and Board Games 2012
[2014/02/17 10:07:00 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Hoyle Slots volume 2
[2013/08/20 12:09:20 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Hulubulu
[2011/11/08 07:40:46 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\IBKPRO
[2014/02/06 07:09:52 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Iconico
[2012/03/20 16:58:13 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Iconix
[2012/10/24 07:45:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\images
[2014/04/14 01:35:11 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\iMaxGen
[2014/02/20 08:40:37 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ImgBurn
[2013/09/05 08:15:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Intermedia Software
[2013/11/02 07:23:06 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\IObit
[2013/11/13 07:32:17 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\iolo
[2014/04/14 09:20:49 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\IrfanView
[2011/11/23 15:52:44 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\jAlbum
[2011/11/27 07:13:29 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\JAM Software
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\jdast
[2014/01/10 20:36:47 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\JetFun
[2012/11/27 08:23:32 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\KC Softwares
[2013/06/27 14:20:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Kingdom of Seven Seals
[2012/08/20 09:09:16 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\KLS Soft
[2013/05/05 07:10:34 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\KRyLack Archive Password Recovery
[2013/08/21 07:25:52 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Lamantine
[2013/06/07 16:40:15 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\LAVA SoftWorks
[2014/03/12 13:57:24 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Lazy Turtle Games
[2011/11/15 07:05:43 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Leadertech
[2013/12/23 07:45:35 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Leawo
[2013/11/24 10:11:40 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\LeeGT-Games
[2013/11/13 15:54:23 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Legacy Games
[2013/01/23 06:19:09 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\LifeSniffer
[2012/11/21 07:35:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Light Developer
[2013/05/25 13:50:28 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\LimeWire Music
[2013/11/24 08:56:14 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\LockHunter
[2012/02/04 20:48:33 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\LogSys
[2013/08/20 12:09:21 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\M8 Software
[2013/08/20 12:09:21 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Mad Head Games
[2013/03/17 06:39:38 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Magic Landscape Filter
[2013/03/08 06:44:51 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Magic Skin Filter
[2013/08/20 12:09:21 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MagicIndie
[2013/08/20 12:13:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MAGIX
[2014/03/18 12:47:21 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MahJong Suite
[2014/01/31 10:09:06 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Mariaglorum
[2013/06/05 05:33:23 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MarkdownPad 2
[2013/08/20 12:13:09 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MarkdownPad 2 2.1.18.37279
[2013/11/06 08:43:28 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Maxthon3
[2013/10/03 16:05:37 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MechCAD
[2013/07/01 20:32:31 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MediaArt
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MediaMonkey
[2013/04/02 20:20:56 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Meridian93
[2013/10/08 22:40:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Merscom
[2014/01/05 09:33:25 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MiniLyrics
[2014/02/16 10:34:43 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Mipony
[2013/08/29 08:20:22 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\mjusbsp
[2013/11/19 17:05:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Moncarwit
[2013/05/04 15:09:07 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Monotype
[2012/11/21 06:55:41 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Moonchild Productions
[2013/08/26 08:40:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MoonriseInteractive
[2013/08/20 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Motorola
[2014/02/18 21:24:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MP3 Quality Modifier
[2012/07/28 05:40:54 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MP3 Tag Express V6
[2012/10/14 03:50:30 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MumboJumbo
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MusicBee
[2013/08/20 12:09:39 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\My Games
[2013/08/20 12:09:39 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Mystery of Mortlake Mansion
[2014/01/03 22:03:31 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\MysteryTag
[2013/03/11 19:54:20 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Natural Threat.Ominous Shores
[2012/02/04 00:59:11 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\NeoSoftTools
[2012/07/13 16:23:55 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Nevosoft-Breeze
[2012/11/06 15:54:51 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Nitro
[2014/04/16 06:14:51 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Nitro PDF
[2012/09/06 06:55:59 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\nspaces_bytesignals
[2014/03/30 09:09:41 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\onOne Software
[2013/09/22 11:54:46 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\OpenDNS Updater
[2013/12/15 18:44:14 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\OpenOffice
[2013/08/20 12:09:39 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\OpenOffice.org
[2013/08/20 12:09:39 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Opera Software
[2014/01/14 21:06:07 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Organic 2 Digital
[2013/03/17 13:50:49 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Orneon
[2013/07/04 19:29:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PassionFruit Games
[2012/11/18 06:53:40 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Pavtube
[2014/03/26 11:08:34 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PCDr
[2013/11/18 07:01:24 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PearlMountain
[2013/08/20 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PearlMountainSoft
[2013/04/13 15:37:44 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PeerNetworking
[2013/05/03 15:49:34 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PhantomFivePack03
[2012/01/22 06:09:38 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Photo DVD Slideshow
[2013/07/18 10:09:42 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Photodex
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PhotoScape
[2013/08/20 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PhoXo
[2013/04/02 05:49:21 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PicaJet.Com
[2013/12/20 09:39:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PictureCutoutGuide
[2013/08/20 12:09:44 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Pixelplan
[2013/04/04 17:02:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PlataGames
[2013/08/20 12:09:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PlayFavoriteGames
[2014/01/22 15:38:30 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Playrix Entertainment
[2013/03/23 08:38:36 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PoBros
[2013/08/20 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PopCap Games
[2013/08/20 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PopCapv1003
[2013/08/20 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PopCapv1006
[2013/08/20 12:13:12 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PowerISO
[2014/01/02 08:46:21 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ProcessLasso
[2012/03/05 09:15:09 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Proxima Software
[2012/09/29 06:39:28 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Purple Patch Games
[2013/06/05 18:43:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\PuzzleLab
[2011/12/30 07:44:19 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\QuickZip
[2013/02/19 14:28:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Rainbow
[2013/08/20 12:09:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ReelDealVampireAdventure
[2013/11/18 07:59:49 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ReelDealWildWestShootOut
[2012/07/10 19:25:46 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ReelTen
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\RetouchPilot
[2013/06/27 21:17:48 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\RoboForm
[2013/11/25 07:35:09 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\rokapublish
[2013/07/05 22:46:53 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Rumbic Studio
[2013/07/24 20:20:55 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\saves
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Scribus
[2013/05/26 16:28:03 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SecretIslandUSA
[2013/12/14 16:03:56 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\ShamanGS
[2013/12/04 08:19:59 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Shareaza
[2013/08/20 12:09:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Silverback Games
[2012/04/25 14:07:03 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Simple Star
[2013/11/25 09:12:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Smarty Uninstaller
[2012/06/27 17:55:00 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SMIGames
[2013/08/20 12:09:45 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SoftGrid Client
[2012/03/20 07:37:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Softland
[2014/01/25 08:11:14 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SoftMaker
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Solitaire Egypt
[2013/10/03 16:05:38 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Soluto
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Songbird2
[2013/08/20 12:09:46 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Spacejock Software
[2013/11/29 10:35:59 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SpeedBit
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SpeedMP3Downloader
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SpinTop
[2013/08/20 12:13:13 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SpinTop Games
[2014/02/05 09:51:30 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Spotflux
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SpringPublisher
[2013/05/18 08:09:23 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Stardock
[2013/08/20 12:09:46 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\StartMenuX
[2013/08/20 12:13:25 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Stellarium
[2013/08/20 12:13:25 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\StepShot
[2012/03/22 10:10:34 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\streamWriter
[2013/10/26 08:36:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SulusGames
[2013/08/20 12:13:25 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SuperUtils.com
[2013/10/11 03:32:57 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Synei
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\SystemRequirementsLab
[2014/04/16 07:11:41 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Systweak
[2013/11/10 20:54:44 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\T1 Games
[2013/07/20 20:36:15 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Tap It Games
[2012/11/03 06:11:42 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Tape_Worm
[2013/10/03 16:05:48 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TaskmgrPro
[2014/03/26 11:08:49 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TeraCopy
[2011/11/20 06:48:14 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TERMINAL Studio
[2013/09/29 13:57:58 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TheFlyingDutchman
[2013/07/20 20:27:02 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TheLastDays
[2013/05/14 07:59:36 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TheScruffs
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Thunderbird
[2013/07/12 15:30:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\tiger-k
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TMInc
[2013/08/20 12:13:27 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Tonido
[2012/02/22 11:35:54 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TP
[2012/10/20 08:28:33 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Trellian
[2012/05/22 11:52:32 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\TweakNow DriveShortcut
[2014/01/30 12:51:37 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Twilight Games
[2013/08/20 12:12:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\URSE Games
[2013/08/20 12:12:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\URSoft
[2013/08/20 12:12:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\V-Games
[2011/11/09 04:19:07 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\V310-V510 Series
[2012/07/02 19:35:42 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\V5 Play
[2013/07/14 19:45:19 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Vast Studios
[2011/11/25 12:30:46 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Video DVD Maker FREE
[2013/05/26 10:48:02 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Virtual Prophecy
[2014/02/18 07:33:11 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\VitySoft
[2011/11/16 20:23:50 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Vogat Interactive
[2012/11/17 20:06:31 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Vso
[2012/05/19 10:02:51 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\WallpaperDownloader.com
[2013/08/20 12:13:28 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Wandoujia2
[2012/04/14 07:03:16 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Watermark Express
[2012/07/03 08:22:52 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\WeatherPaper
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\WindSolutions
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\WinISO Computing
[2012/11/26 07:17:04 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\WinPatrol
[2012/07/13 06:38:28 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\WIPE2012
[2013/08/20 12:13:28 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Wise Auto Shutdown
[2014/04/15 07:35:22 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Wise Care 365
[2013/08/20 12:12:17 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Wondershare
[2012/07/11 15:40:08 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\World-LooM
[2013/08/20 12:13:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\XnView
[2013/08/20 12:13:28 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\XYplorer
[2012/09/16 06:57:48 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Youdagames
[2013/04/27 08:14:41 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\YoWindow
[2013/08/10 18:09:26 | 000,000,000 | ---D | M] -- C:\Users\Otie\AppData\Roaming\Zoner
[2014/03/30 09:09:41 | 000,000,000 | ---D | M] -- C:\Users\TEMP\AppData\Roaming\onOne Software
[2012/03/06 07:14:46 | 000,000,000 | ---D | M] -- C:\Users\UpdatusUser\AppData\Roaming\Genie-Soft
[2014/03/30 09:09:42 | 000,000,000 | ---D | M] -- C:\Users\UpdatusUser\AppData\Roaming\onOne Software
[2012/03/06 07:14:46 | 000,000,000 | ---D | M] -- C:\Users\_ocster_backup_\AppData\Roaming\Genie-Soft
[2012/08/06 10:12:12 | 000,000,000 | ---D | M] -- C:\Users\_ocster_backup_\AppData\Roaming\Ludomo
[2014/03/30 09:09:42 | 000,000,000 | ---D | M] -- C:\Users\_ocster_backup_\AppData\Roaming\onOne Software
[2013/08/29 08:20:04 | 000,000,000 | ---D | M] -- C:\Users\_ocster_backup_\AppData\Roaming\ProcessLasso
[2012/03/06 07:14:46 | 000,000,000 | ---D | M] -- C:\Users\_supereasy_1cbackup_\AppData\Roaming\Genie-Soft
[2012/08/06 10:12:12 | 000,000,000 | ---D | M] -- C:\Users\_supereasy_1cbackup_\AppData\Roaming\Ludomo
[2014/03/30 09:09:43 | 000,000,000 | ---D | M] -- C:\Users\_supereasy_1cbackup_\AppData\Roaming\onOne Software
[2012/12/22 14:40:50 | 000,000,000 | ---D | M] -- C:\Users\_supereasy_1cbackup_\AppData\Roaming\ProcessLasso

========== Purity Check ==========



========== Custom Scans ==========

========== Base Services ==========
SRV:64bit: - [2009/07/13 21:40:01 | 000,072,192 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\aelupsvc.dll -- (AeLookupSvc)
SRV:64bit: - [2013/02/27 01:47:10 | 000,070,144 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appinfo.dll -- (Appinfo)
SRV:64bit: - [2009/07/13 21:38:55 | 000,079,360 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\alg.exe -- (ALG)
SRV:64bit: - [2010/11/20 23:23:51 | 000,849,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\qmgr.dll -- (BITS)
SRV:64bit: - [2010/11/20 23:24:00 | 000,705,024 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\BFE.DLL -- (BFE)
SRV:64bit: - [2013/09/24 21:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\lsass.exe -- (KeyIso)
SRV:64bit: - [2009/07/13 21:40:50 | 000,402,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\es.dll -- (EventSystem)
SRV - [2009/07/13 21:15:19 | 000,271,360 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\es.dll -- (EventSystem)
SRV:64bit: - [2012/07/04 18:13:27 | 000,136,704 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\browser.dll -- (Browser)
SRV:64bit: - [2013/07/09 01:46:20 | 000,184,320 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\cryptsvc.dll -- (CryptSvc)
SRV - [2013/07/09 00:46:31 | 000,140,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\cryptsvc.dll -- (CryptSvc)
SRV:64bit: - [2010/11/20 23:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (DcomLaunch)
SRV:64bit: - [2010/11/20 23:24:00 | 000,317,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dhcpcore.dll -- (Dhcp)
SRV - [2010/11/20 23:24:09 | 000,254,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\dhcpcore.dll -- (Dhcp)
SRV:64bit: - [2011/10/28 15:27:51 | 000,183,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\dnsrslvr.dll -- (Dnscache)
SRV:64bit: - [2009/07/13 21:40:35 | 000,111,104 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\eapsvc.dll -- (EapHost)
SRV:64bit: - [2009/07/13 21:41:00 | 000,038,912 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\hidserv.dll -- (hidserv)
SRV - [2009/07/13 21:15:24 | 000,049,152 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\hidserv.dll -- (hidserv)
SRV:64bit: - [2009/07/13 21:41:10 | 000,359,424 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ipnathlp.dll -- (SharedAccess)
SRV:64bit: - [2010/11/20 23:23:48 | 000,501,248 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\IPSECSVC.DLL -- (PolicyAgent)
No service found with a name of MsMpSvc
No service found with a name of NisSrv
SRV:64bit: - [2009/07/13 21:41:54 | 000,524,288 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\swprv.dll -- (swprv)
SRV:64bit: - [2009/07/13 21:41:26 | 000,067,584 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\mmcss.dll -- (MMCSS)
SRV:64bit: - [2009/07/13 21:41:52 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netman.dll -- (Netman)
SRV:64bit: - [2009/07/13 21:41:52 | 000,459,776 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofm.dll -- (netprofm)
SRV - [2009/07/13 21:16:03 | 000,360,448 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\netprofm.dll -- (netprofm)
SRV:64bit: - [2012/10/03 13:44:21 | 000,303,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nlasvc.dll -- (NlaSvc)
SRV:64bit: - [2009/07/13 21:41:53 | 000,025,600 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\nsisvc.dll -- (nsi)
SRV:64bit: - [2011/10/28 15:27:54 | 000,404,480 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\umpnpmgr.dll -- (PlugPlay)
SRV:64bit: - [2012/02/11 02:36:02 | 000,559,104 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\spoolsv.exe -- (Spooler)
SRV:64bit: - [2013/09/24 21:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\lsass.exe -- (ProtectedStorage)
No service found with a name of EMDMgmt
SRV:64bit: - [2009/07/13 21:41:53 | 000,099,328 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasauto.dll -- (RasAuto)
SRV:64bit: - [2010/11/20 23:24:17 | 000,344,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\rasmans.dll -- (RasMan)
SRV:64bit: - [2010/11/20 23:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\rpcss.dll -- (RpcSs)
SRV:64bit: - [2010/11/20 23:24:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\seclogon.dll -- (seclogon)
SRV:64bit: - [2013/09/24 21:03:24 | 000,030,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsass.exe -- (SamSs)
SRV:64bit: - [2009/07/13 21:41:58 | 000,097,280 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wscsvc.dll -- (wscsvc)
SRV:64bit: - [2010/11/20 23:23:48 | 000,236,032 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\srvsvc.dll -- (LanmanServer)
SRV:64bit: - [2010/11/20 23:23:55 | 000,370,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\shsvcs.dll -- (ShellHWDetection)
SRV - [2010/11/20 23:24:03 | 000,328,192 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\shsvcs.dll -- (ShellHWDetection)
No service found with a name of slsvc
SRV:64bit: - [2010/11/20 23:24:16 | 001,110,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\schedsvc.dll -- (Schedule)
SRV:64bit: - [2010/11/20 23:24:32 | 000,316,928 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\tapisrv.dll -- (TapiSrv)
SRV - [2010/11/20 23:24:00 | 000,242,176 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\tapisrv.dll -- (TapiSrv)
SRV:64bit: - [2009/07/13 21:41:55 | 000,044,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\themeservice.dll -- (Themes)
SRV:64bit: - [2012/05/01 01:40:20 | 000,209,920 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\profsvc.dll -- (ProfSvc)
SRV:64bit: - [2010/11/20 23:23:55 | 001,600,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\VSSVC.exe -- (VSS)
SRV:64bit: - [2010/11/20 23:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioSrv)
SRV:64bit: - [2010/11/20 23:24:32 | 000,679,424 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\audiosrv.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2010/11/20 23:25:06 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\sdrsvc.dll -- (SDRSVC)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/11/20 23:23:55 | 001,646,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wevtsvc.dll -- (eventlog)
SRV:64bit: - [2010/11/20 23:24:28 | 000,828,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\MPSSVC.dll -- (MpsSvc)
SRV:64bit: - [2010/11/20 23:24:48 | 000,580,096 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wiaservc.dll -- (stisvc)
SRV:64bit: - [2010/11/20 23:24:15 | 000,128,000 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\msiexec.exe -- (msiserver)
SRV - [2010/11/20 23:24:28 | 000,073,216 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysWow64\msiexec.exe -- (msiserver)
SRV:64bit: - [2009/07/13 21:41:56 | 000,242,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wbem\WMIsvc.dll -- (Winmgmt)
SRV:64bit: - [2012/06/02 18:19:43 | 002,428,952 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wuaueng.dll -- (wuauserv)
SRV:64bit: - [2010/11/20 23:24:09 | 000,252,416 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\dot3svc.dll -- (dot3svc)
SRV:64bit: - [2009/07/13 21:41:56 | 000,886,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wlansvc.dll -- (Wlansvc)
SRV:64bit: - [2010/11/20 23:24:32 | 000,118,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wkssvc.dll -- (LanmanWorkstation)

< %SYSTEMDRIVE%\*.exe >

< c:\program files (x86)\Google\Desktop >
[2009/07/14 01:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT
[2009/07/14 01:08:49 | 000,032,654 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012/01/16 16:20:41 | 000,000,508 | ---- | C] () -- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 7bf20141-dabc-4caa-9489-a9d4d6c4a0d6.job
[2012/01/16 16:20:47 | 000,000,508 | ---- | C] () -- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 39c4d925-a8d1-4f3e-b1c2-2488c829fed5.job
[2012/01/25 06:21:41 | 000,000,322 | ---- | C] () -- C:\Windows\Tasks\GlaryInitialize.job
[2012/02/29 11:41:33 | 000,000,890 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[2012/02/29 11:41:34 | 000,000,894 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[2012/04/02 10:13:09 | 000,000,397 | ---- | C] () -- C:\Windows\Tasks\2 Copernic Daily ~Otie-PC Otie.job
[2012/04/02 10:13:09 | 000,000,402 | ---- | C] () -- C:\Windows\Tasks\3 Copernic Weekly ~Otie-PC Otie.job
[2012/04/02 10:13:09 | 000,000,407 | ---- | C] () -- C:\Windows\Tasks\4 Copernic Monthly ~Otie-PC Otie.job
[2012/04/02 10:13:09 | 000,000,421 | ---- | C] () -- C:\Windows\Tasks\1 Copernic Intra-Daily ~Otie-PC Otie.job
[2013/03/09 09:18:13 | 000,000,852 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2573087068-2607692701-1072482724-1000Core.job
[2013/03/09 09:18:13 | 000,000,904 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2573087068-2607692701-1072482724-1000UA.job
[2013/07/08 08:49:01 | 000,000,264 | ---- | C] () -- C:\Windows\Tasks\RMSchedule.job
[2013/08/08 14:32:03 | 000,000,830 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job
[2013/12/25 08:30:10 | 000,000,330 | ---- | C] () -- C:\Windows\Tasks\GlaryInitialize 4.job
[2013/12/25 08:31:04 | 000,000,376 | ---- | C] () -- C:\Windows\Tasks\GlaryUpdate 4.job
[2014/02/01 15:18:41 | 000,000,274 | ---- | C] () -- C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
[2014/02/01 15:18:41 | 000,000,290 | ---- | C] () -- C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job
[2014/02/05 09:51:46 | 000,000,360 | -H-- | C] () -- C:\Windows\Tasks\spotfluxupdater.job
[2014/02/07 07:36:19 | 000,000,374 | ---- | C] () -- C:\Windows\Tasks\ResourceMonitor.job
[2014/03/16 07:38:50 | 000,003,098 | ---- | C] () -- C:\Windows\Tasks\media enhance-chromeinstaller.job

< c:\program files\Google\Desktop >

< dir "%systemdrive%\*" /S /A:L /C >
Volume in drive C is OS
Volume Serial Number is 8830-3CEE
Directory of C:\
07/14/2009 01:08 AM Documents and Settings [C:\Users]
0 File(s) 0 bytes
Directory of C:\Program Files (x86)\ghostscript-9.04\ghostscript-9.04
01/23/2012 06:15 AM configure.ac [base\configure.ac]
01/23/2012 06:15 AM Makefile.in [base\Makefile.in]
2 File(s) 0 bytes
Directory of C:\ProgramData
07/14/2009 01:08 AM Application Data [C:\ProgramData]
07/14/2009 01:08 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 01:08 AM Documents [C:\Users\Public\Documents]
07/14/2009 01:08 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 01:08 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 01:08 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users
07/14/2009 01:08 AM All Users [C:\ProgramData]
07/14/2009 01:08 AM Default User [C:\Users\Default]
0 File(s) 0 bytes
Directory of C:\Users\All Users
07/14/2009 01:08 AM Application Data [C:\ProgramData]
07/14/2009 01:08 AM Desktop [C:\Users\Public\Desktop]
07/14/2009 01:08 AM Documents [C:\Users\Public\Documents]
07/14/2009 01:08 AM Favorites [C:\Users\Public\Favorites]
07/14/2009 01:08 AM Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
07/14/2009 01:08 AM Templates [C:\ProgramData\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default
07/14/2009 01:08 AM Application Data [C:\Users\Default\AppData\Roaming]
07/14/2009 01:08 AM Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
07/14/2009 01:08 AM Local Settings [C:\Users\Default\AppData\Local]
07/14/2009 01:08 AM My Documents [C:\Users\Default\Documents]
07/14/2009 01:08 AM NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
07/14/2009 01:08 AM PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
07/14/2009 01:08 AM Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
07/14/2009 01:08 AM SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
07/14/2009 01:08 AM Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
07/14/2009 01:08 AM Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Default\AppData\Local
07/14/2009 01:08 AM Application Data [C:\Users\Default\AppData\Local]
07/14/2009 01:08 AM History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
07/14/2009 01:08 AM Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Default\Documents
07/14/2009 01:08 AM My Music [C:\Users\Default\Music]
07/14/2009 01:08 AM My Pictures [C:\Users\Default\Pictures]
07/14/2009 01:08 AM My Videos [C:\Users\Default\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Otie
11/03/2011 12:51 AM Application Data [C:\Users\Otie\AppData\Roaming]
11/03/2011 12:51 AM Cookies [C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Cookies]
11/03/2011 12:51 AM Local Settings [C:\Users\Otie\AppData\Local]
11/03/2011 12:51 AM My Documents [C:\Users\Otie\Documents]
11/03/2011 12:51 AM NetHood [C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
11/03/2011 12:51 AM PrintHood [C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
11/03/2011 12:51 AM Recent [C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Recent]
11/03/2011 12:51 AM SendTo [C:\Users\Otie\AppData\Roaming\Microsoft\Windows\SendTo]
11/03/2011 12:51 AM Start Menu [C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Start Menu]
11/03/2011 12:51 AM Templates [C:\Users\Otie\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\Otie\AppData\Local
11/03/2011 12:51 AM Application Data [C:\Users\Otie\AppData\Local]
11/03/2011 12:51 AM History [C:\Users\Otie\AppData\Local\Microsoft\Windows\History]
11/03/2011 12:51 AM Temporary Internet Files [C:\Users\Otie\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\Otie\AppData\LocalLow\Siber Systems\RoboForm
04/10/2014 03:46 PM UserData [C:/Users/Otie/Documents/My RoboForm Data/Default Profile]
0 File(s) 0 bytes
Directory of C:\Users\Otie\Documents
11/03/2011 12:51 AM My Pictures [C:\Users\Otie\Pictures]
11/03/2011 12:51 AM My Videos [C:\Users\Otie\Videos]
0 File(s) 0 bytes
Directory of C:\Users\Public\Documents
07/14/2009 01:08 AM My Music [C:\Users\Public\Music]
07/14/2009 01:08 AM My Pictures [C:\Users\Public\Pictures]
07/14/2009 01:08 AM My Videos [C:\Users\Public\Videos]
0 File(s) 0 bytes
Directory of C:\Users\UpdatusUser
05/04/2012 08:17 PM Application Data [C:\Users\UpdatusUser\AppData\Roaming]
05/04/2012 08:17 PM Cookies [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Cookies]
05/04/2012 08:17 PM Local Settings [C:\Users\UpdatusUser\AppData\Local]
05/04/2012 08:17 PM My Documents [C:\Users\UpdatusUser\Documents]
05/04/2012 08:17 PM NetHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
05/04/2012 08:17 PM PrintHood [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
05/04/2012 08:17 PM Recent [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Recent]
05/04/2012 08:17 PM SendTo [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\SendTo]
05/04/2012 08:17 PM Start Menu [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu]
05/04/2012 08:17 PM Templates [C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\UpdatusUser\AppData\Local
05/04/2012 08:17 PM Application Data [C:\Users\UpdatusUser\AppData\Local]
05/04/2012 08:17 PM History [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\History]
05/04/2012 08:17 PM Temporary Internet Files [C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\UpdatusUser\Documents
05/04/2012 08:17 PM My Music [C:\Users\UpdatusUser\Music]
05/04/2012 08:17 PM My Pictures [C:\Users\UpdatusUser\Pictures]
05/04/2012 08:17 PM My Videos [C:\Users\UpdatusUser\Videos]
0 File(s) 0 bytes
Directory of C:\Users\_ocster_backup_
08/28/2013 07:53 AM Application Data [C:\Users\_ocster_backup_\AppData\Roaming]
08/28/2013 07:53 AM Cookies [C:\Users\_ocster_backup_\AppData\Roaming\Microsoft\Windows\Cookies]
08/28/2013 07:53 AM Local Settings [C:\Users\_ocster_backup_\AppData\Local]
08/28/2013 07:53 AM My Documents [C:\Users\_ocster_backup_\Documents]
08/28/2013 07:53 AM NetHood [C:\Users\_ocster_backup_\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
08/28/2013 07:53 AM PrintHood [C:\Users\_ocster_backup_\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
08/28/2013 07:53 AM Recent [C:\Users\_ocster_backup_\AppData\Roaming\Microsoft\Windows\Recent]
08/28/2013 07:53 AM SendTo [C:\Users\_ocster_backup_\AppData\Roaming\Microsoft\Windows\SendTo]
08/28/2013 07:53 AM Start Menu [C:\Users\_ocster_backup_\AppData\Roaming\Microsoft\Windows\Start Menu]
08/28/2013 07:53 AM Templates [C:\Users\_ocster_backup_\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\_ocster_backup_\AppData\Local
08/28/2013 07:53 AM Application Data [C:\Users\_ocster_backup_\AppData\Local]
08/28/2013 07:53 AM History [C:\Users\_ocster_backup_\AppData\Local\Microsoft\Windows\History]
08/28/2013 07:53 AM Temporary Internet Files [C:\Users\_ocster_backup_\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\_ocster_backup_\Documents
08/28/2013 07:53 AM My Music [C:\Users\_ocster_backup_\Music]
08/28/2013 07:53 AM My Pictures [C:\Users\_ocster_backup_\Pictures]
08/28/2013 07:53 AM My Videos [C:\Users\_ocster_backup_\Videos]
0 File(s) 0 bytes
Directory of C:\Users\_supereasy_1cbackup_
12/26/2013 09:28 AM Application Data [C:\Users\_supereasy_1cbackup_\AppData\Roaming]
12/26/2013 09:28 AM Cookies [C:\Users\_supereasy_1cbackup_\AppData\Roaming\Microsoft\Windows\Cookies]
12/26/2013 09:28 AM Local Settings [C:\Users\_supereasy_1cbackup_\AppData\Local]
12/26/2013 09:28 AM My Documents [C:\Users\_supereasy_1cbackup_\Documents]
12/26/2013 09:28 AM NetHood [C:\Users\_supereasy_1cbackup_\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
12/26/2013 09:28 AM PrintHood [C:\Users\_supereasy_1cbackup_\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
12/26/2013 09:28 AM Recent [C:\Users\_supereasy_1cbackup_\AppData\Roaming\Microsoft\Windows\Recent]
12/26/2013 09:28 AM SendTo [C:\Users\_supereasy_1cbackup_\AppData\Roaming\Microsoft\Windows\SendTo]
12/26/2013 09:28 AM Start Menu [C:\Users\_supereasy_1cbackup_\AppData\Roaming\Microsoft\Windows\Start Menu]
12/26/2013 09:28 AM Templates [C:\Users\_supereasy_1cbackup_\AppData\Roaming\Microsoft\Windows\Templates]
0 File(s) 0 bytes
Directory of C:\Users\_supereasy_1cbackup_\AppData\Local
12/26/2013 09:28 AM Application Data [C:\Users\_supereasy_1cbackup_\AppData\Local]
12/26/2013 09:28 AM History [C:\Users\_supereasy_1cbackup_\AppData\Local\Microsoft\Windows\History]
12/26/2013 09:28 AM Temporary Internet Files [C:\Users\_supereasy_1cbackup_\AppData\Local\Microsoft\Windows\Temporary Internet Files]
0 File(s) 0 bytes
Directory of C:\Users\_supereasy_1cbackup_\Documents
12/26/2013 09:28 AM My Music [C:\Users\_supereasy_1cbackup_\Music]
12/26/2013 09:28 AM My Pictures [C:\Users\_supereasy_1cbackup_\Pictures]
12/26/2013 09:28 AM My Videos [C:\Users\_supereasy_1cbackup_\Videos]
0 File(s) 0 bytes
Total Files Listed:
2 File(s) 0 bytes
98 Dir(s) 594,722,725,888 bytes free

< MD5 for: RPCSS.DLL >
[2010/11/20 23:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\SysNative\rpcss.dll
[2010/11/20 23:24:01 | 000,512,000 | ---- | M] (Microsoft Corporation) MD5=5C627D1B1138676C0A7AB2C2C190D123 -- C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll

========== Files - Unicode (All) ==========
[2012/05/14 07:18:13 | 000,000,000 | ---D | M](C:\Windows\SysNative\3?) -- C:\Windows\SysNative\3쀀
[2012/05/14 07:18:13 | 000,000,000 | ---D | C](C:\Windows\SysNative\3?) -- C:\Windows\SysNative\3쀀

========== Alternate Data Streams ==========

@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:6B50A605
@Alternate Data Stream - 99 bytes -> C:\ProgramData\Temp:33DB8278
@Alternate Data Stream - 97 bytes -> C:\ProgramData\Temp:AA8AD2BF
@Alternate Data Stream - 97 bytes -> C:\ProgramData\Temp:60A4BB64
@Alternate Data Stream - 94 bytes -> C:\ProgramData\Temp:101708D3
@Alternate Data Stream - 5 bytes -> C:\ProgramData\Nalpeiron:user.ns4
@Alternate Data Stream - 5 bytes -> C:\ProgramData\Nalpeiron:user.ns3
@Alternate Data Stream - 5 bytes -> C:\ProgramData\Nalpeiron:user.ns2
@Alternate Data Stream - 5 bytes -> C:\ProgramData\Nalpeiron:user.ns1
@Alternate Data Stream - 294 bytes -> C:\ProgramData\Temp:56E2E879
@Alternate Data Stream - 275 bytes -> C:\ProgramData\Temp:A9662AE0
@Alternate Data Stream - 258 bytes -> C:\ProgramData\Temp:93F3E4C9
@Alternate Data Stream - 239 bytes -> C:\ProgramData\Temp:80F63EC3
@Alternate Data Stream - 236 bytes -> C:\ProgramData\Temp:918B7566
@Alternate Data Stream - 235 bytes -> C:\ProgramData\Temp:9A870F8B
@Alternate Data Stream - 232 bytes -> C:\ProgramData\Temp:A3B8F70C
@Alternate Data Stream - 223 bytes -> C:\ProgramData\Temp:F5E90ED3
@Alternate Data Stream - 221 bytes -> C:\ProgramData\Temp:2BC498A4
@Alternate Data Stream - 221 bytes -> C:\ProgramData\Temp:091193F8
@Alternate Data Stream - 216 bytes -> C:\ProgramData\Temp:C22674B6
@Alternate Data Stream - 216 bytes -> C:\ProgramData\Temp:090FB735
@Alternate Data Stream - 213 bytes -> C:\ProgramData\Temp:B42826C8
@Alternate Data Stream - 213 bytes -> C:\ProgramData\Temp:7C412B92
@Alternate Data Stream - 212 bytes -> C:\ProgramData\Temp:0DACB2B7
@Alternate Data Stream - 206 bytes -> C:\ProgramData\Temp:EC0A74A1
@Alternate Data Stream - 204 bytes -> C:\ProgramData\Temp:E51234A9
@Alternate Data Stream - 203 bytes -> C:\ProgramData\Temp:9B285B76
@Alternate Data Stream - 203 bytes -> C:\ProgramData\Temp:1B927722
@Alternate Data Stream - 202 bytes -> C:\ProgramData\Temp:98DFF516
@Alternate Data Stream - 201 bytes -> C:\ProgramData\Temp:561B1D2B
@Alternate Data Stream - 199 bytes -> C:\ProgramData\Temp:3C282BEA
@Alternate Data Stream - 199 bytes -> C:\ProgramData\Temp:0AC32449
@Alternate Data Stream - 198 bytes -> C:\ProgramData\Temp:260575F1
@Alternate Data Stream - 195 bytes -> C:\ProgramData\Temp:84D15556
@Alternate Data Stream - 192 bytes -> C:\Windows:nlsPreferences
@Alternate Data Stream - 180 bytes -> C:\ProgramData\Temp:12D21A9A
@Alternate Data Stream - 173 bytes -> C:\ProgramData\Temp:F8B88761
@Alternate Data Stream - 164 bytes -> C:\ProgramData\Temp:D1B5B4F1
@Alternate Data Stream - 162 bytes -> C:\ProgramData\Temp:1CE11B51
@Alternate Data Stream - 16 bytes -> C:\Users\Otie\Downloads:Shareaza.GUID
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:EAF3ADF5
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:5704AA2B
@Alternate Data Stream - 142 bytes -> C:\ProgramData\Temp:D3A82449
@Alternate Data Stream - 138 bytes -> C:\ProgramData\Temp:AA0017FD
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:2B9B6BC0
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:2CB9631F
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:CA400C1B
@Alternate Data Stream - 133 bytes -> C:\ProgramData\Temp:62EBE39C
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:7BE5BAAB
@Alternate Data Stream - 131 bytes -> C:\ProgramData\Temp:B06385AA
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:A7596EAE
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:4DDE401B
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:0785072C
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:DF3CC840
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:D6255023
@Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:D5CCCBAA
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:373E1720
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:E0F0F1BE
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:517EFA90
@Alternate Data Stream - 124 bytes -> C:\ProgramData\Temp:26499772
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:A07E3E9D
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:9D06FB9C
@Alternate Data Stream - 123 bytes -> C:\ProgramData\Temp:5BC73C48
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:D3331ADB
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:03A039A3
@Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:93B1FB40
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:AD2DB2F9
@Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:2CEFEABF
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:834DD57E
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:B36361EE
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:B1CD2545
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:FA206A00
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:F89F2593
@Alternate Data Stream - 117 bytes -> C:\ProgramData\Temp:C83012A4
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:EB86F355
@Alternate Data Stream - 116 bytes -> C:\ProgramData\Temp:94B46CA2
@Alternate Data Stream - 115 bytes -> C:\ProgramData\Temp:84E7BFEB
@Alternate Data Stream - 114 bytes -> C:\ProgramData\Temp:0B352B60
@Alternate Data Stream - 113 bytes -> C:\ProgramData\Temp:370E4EFB
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:9812B773
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:070D9534
@Alternate Data Stream - 112 bytes -> C:\ProgramData\Temp:0441DB7A
@Alternate Data Stream - 111 bytes -> C:\ProgramData\Temp:5E9E3A14
@Alternate Data Stream - 110 bytes -> C:\ProgramData\Temp:7757A6D4
@Alternate Data Stream - 102 bytes -> C:\ProgramData\Temp:614F17D3
@Alternate Data Stream - 100 bytes -> C:\ProgramData\Temp:E40EED9B

< End of report >


  • 0

#4
Essexboy
Posted 16 April 2014 - 02:10 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
How is the computer behaving now ?

Did you intentionally install Advanced System Optimizer 3

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    OTL_Fix.GIF
:Commands
[CREATERESTOREPOINT]

:OTL
[2014/04/16 07:11:32 | 000,003,098 | ---- | M] () -- C:\Windows\tasks\media enhance-chromeinstaller.job

:Commands
[resethosts]
[emptytemp]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#5
otieatkins
Posted 16 April 2014 - 02:27 PM

otieatkins

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 105 posts
Hi! I haven't seen the window pop up!! Yahoo!! No, I didn't intentionally install Advanced System Optimizer 3 - should I uninstall? I've no idea if it's a good or bad program..... Thanks so much for helping me get rid of that.
  • 0

#6
Essexboy
Posted 16 April 2014 - 03:14 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Yes I would definitely uninstall it, also are you aware that you have about three backup programmes running
  • 0

#7
otieatkins
Posted 17 April 2014 - 07:01 AM

otieatkins

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 105 posts
Three??? OMG! no, I had no idea. Can you tell me what they are so I can uninstall them? You are such a great help!!
  • 0

#8
Essexboy
Posted 17 April 2014 - 07:16 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Ooops sorry I lied it is 7 :)

Each of these will start with windows and have a service running, using a fair bit of resources

Ocster Backup
CyberGhost 5
OO Software DiskImage
Carbonite
DigitalLifeboat
FarStone TotalRecovery
Acronis

Meanwhile any further problems before I tidy up ?
  • 0

#9
otieatkins
Posted 17 April 2014 - 07:40 AM

otieatkins

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 105 posts
I can't tell you how wonderful you have been. Thank you so much for everything. Dianne
  • 0

#10
Essexboy
Posted 17 April 2014 - 08:07 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
In that case methinks I will send you on your merry way :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Download and run Delfix

delfix.JPG


: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article and this article.
I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

CryptoPrevent.JPG

Malwarebytes.

Update and run weekly to keep your system clean


It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:
  • 0

#11
otieatkins
Posted 17 April 2014 - 08:51 AM

otieatkins

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 105 posts
wait....... What is UAC? The directions for IE say to check UAC but I don't know what it is?
  • 0

#12
Essexboy
Posted 17 April 2014 - 09:14 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Go to control panel > action centre
Select User Account Control
Set the slider as shown
User Account Control is the small box that pops up when you run some programmes

[attachment=70122:Capture.JPG]

[attachment=70123:images.jpg]
  • 0

#13
otieatkins
Posted 17 April 2014 - 09:35 AM

otieatkins

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 105 posts
Thank you!! I found it and did it. Once again I truly appreciate everything you've done for me. Dianne
  • 0

#14
Essexboy
Posted 17 April 2014 - 09:45 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Not a problem, my pleasure :) 


  • 0

#15
Essexboy
Posted 18 April 2014 - 09:52 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP