Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01 Ran by Woei Shyang (administrator) on WSHYANG-DESKTOP on 19-08-2014 06:48:45 Running from C:\users\Woei Shyang\Downloads Platform: Windows 8.1 Pro (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Agnitum Ltd.) C:\Program Files\Agnitum\Outpost Firewall Pro\acs.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Brio) C:\Program Files\FolderSize\FolderSizeSvc.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe (CANON INC.) C:\Windows\System32\CNAB4RPD.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Oracle Corporation) C:\Program Files\Java\jdk1.8.0_05\jre\bin\javaw.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (Agnitum Ltd.) C:\Program Files\Agnitum\Outpost Firewall Pro\op_mon.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Barracuda Networks, Inc.) D:\users\Woei Shyang\AppData\Roaming\Copy\CopyAgent.exe (The Pidgin developer community) C:\Program Files (x86)\Pidgin\pidgin.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Flux Software LLC) D:\users\Woei Shyang\AppData\Local\FluxSoftware\Flux\flux.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Google Inc.) D:\users\Woei Shyang\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Brio) C:\Program Files\FolderSize\FolderSize.exe (Dropbox, Inc.) D:\users\Woei Shyang\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Simon Tatham) C:\Program Files (x86)\PuTTY\pageant.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (AgileBits) C:\Program Files (x86)\1Password 4\Agile1pAgent.exe (Firaxis Games) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization IV Beyond the Sword\Beyond the Sword\Civ4BeyondSword.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [jEdit Server] => C:\Program Files\jEdit\jedit.exe [42496 2013-07-29] (Contributors) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-20] (Logitech, Inc.) HKLM\...\Run: [OutpostMonitor] => C:\Program Files\Agnitum\Outpost Firewall Pro\op_mon.exe [4735312 2014-02-24] (Agnitum Ltd.) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [180304 2014-04-15] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-04] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [112856 2014-04-14] (VMware, Inc.) HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2099200 2014-04-13] (Dominik Reichl) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-04-23] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.) HKLM-x32\...\Run: [Agile1pAgent] => C:\Program Files (x86)\1Password 4\Agile1pAgent.exe [3675920 2014-07-10] (AgileBits) Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\.DEFAULT\...\Run: [Copy] => C:\Users\Woei Shyang\AppData\Roaming\Copy\CopyAgent.exe [15367824 2014-08-04] (Barracuda Networks, Inc.) HKU\S-1-5-21-1205358742-1771774525-369522282-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24477056 2014-06-27] (Google) HKU\S-1-5-21-1205358742-1771774525-369522282-1001\...\Run: [Copy] => C:\Users\Woei Shyang\AppData\Roaming\Copy\CopyAgent.exe [15367824 2014-08-04] (Barracuda Networks, Inc.) HKU\S-1-5-21-1205358742-1771774525-369522282-1001\...\Run: [Pidgin] => C:\Program Files (x86)\Pidgin\pidgin.exe [60216 2014-02-03] (The Pidgin developer community) HKU\S-1-5-21-1205358742-1771774525-369522282-1001\...\Run: [f.lux] => C:\Users\Woei Shyang\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC) HKU\S-1-5-21-1205358742-1771774525-369522282-1001\...\Run: [Google Update] => C:\Users\Woei Shyang\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-07-25] (Google Inc.) HKU\S-1-5-21-1205358742-1771774525-369522282-1001\...\Run: [MusicManager] => C:\Users\Woei Shyang\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7631872 2014-05-16] (Google Inc.) HKU\S-1-5-21-1205358742-1771774525-369522282-1001\...\Run: [Folder Size] => C:\Program Files\FolderSize\FolderSize.exe [169472 2013-02-13] (Brio) HKU\S-1-5-21-1205358742-1771774525-369522282-1001\...\Policies\Explorer\DisallowRun: [1] ipmgui.exe HKU\S-1-5-21-1205358742-1771774525-369522282-1001\...\Policies\Explorer\DisallowRun: [2] avnotify.exe HKU\S-1-5-21-1205358742-1771774525-369522282-1001\...\Policies\Explorer: [DisallowRun] 1 AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hoo~1.dll => c:\Program Files\Agnitum\Outpost Firewall Pro\wl_hook64.dll [1126216 2014-02-24] (Agnitum Ltd.) AppInit_DLLs-x32: c:\progra~1\agnitum\outpos~1\wl_hook.dll => c:\Program Files\Agnitum\Outpost Firewall Pro\wl_hook.dll [837304 2014-02-24] (Agnitum Ltd.) Startup: C:\Users\Woei Shyang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ShortcutTarget: Dropbox.lnk -> C:\users\Woei Shyang\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Woei Shyang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KeePass.exe - Shortcut.lnk ShortcutTarget: KeePass.exe - Shortcut.lnk -> C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl) Startup: C:\Users\Woei Shyang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pageant - Shortcut.lnk ShortcutTarget: pageant - Shortcut.lnk -> C:\Program Files (x86)\PuTTY\pageant.exe (Simon Tatham) ShellIconOverlayIdentifiers: 1aCopyShExtError -> {83BEA36E-7680-4598-A4DF-994426F6E78D} => C:\users\Woei Shyang\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 2aCopyShExtSynced -> {845B7388-6F85-4F32-9FD5-F02DC7882B89} => C:\users\Woei Shyang\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 3aCopyShExtSyncing -> {F6378A7A-F753-449B-AE1B-997A96132E61} => C:\users\Woei Shyang\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 4aCopyShExtSyncingProg1 -> {3A511828-777D-46F8-82F4-5B530C1B3D9E} => C:\users\Woei Shyang\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 5aCopyShExtSyncingProg2 -> {C8C88204-5B14-40EC-BA72-8AEBC762047E} => C:\users\Woei Shyang\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 6aCopyShExtSyncingProg3 -> {ACFF45C3-3EEB-4351-86C2-6696BA264239} => C:\users\Woei Shyang\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 7aCopyShExtSyncingProg4 -> {29AF997F-488B-46F0-AE78-7146F1B89CC3} => C:\users\Woei Shyang\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: 8aCopyShExtSyncingProg5 -> {03F9AD29-1C78-4B66-8890-B177B5430C53} => C:\users\Woei Shyang\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.) ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woei Shyang\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woei Shyang\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woei Shyang\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woei Shyang\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google) ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woei Shyang\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woei Shyang\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woei Shyang\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://123.taobao.com/?wangwang/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.xin.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x301DC15F3A68CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-SG BHO: 1Password -> {037C06D5-3893-49E8-9AC0-41F7524AFBF5} -> C:\Program Files (x86)\1Password 4\x64\Agile1pIE4.dll (AgileBits) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: 1Password -> {037C06D5-3893-49E8-9AC0-41F7524AFBF5} -> C:\Program Files (x86)\1Password 4\x86\Agile1pIE4.dll (AgileBits) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Woei Shyang\AppData\Roaming\Mozilla\Firefox\Profiles\uy7mx9xt.default FF NetworkProxy: "socks", "localhost" FF NetworkProxy: "socks_port", 1080 FF NetworkProxy: "socks_version", 4 FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @java.com/DTPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tencent.com/nptxftnWebKit,version=1.0.0.1 -> C:\Program Files (x86)\QQMailPlugin\nptxftnWebKit.dll (Tencent Technology (Shenzhen) Company Limited) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin HKCU: @alibaba.com/npAliSSOLogin;version=1.0 -> C:\Program Files (x86)\AliWangWang\8.00.34C\npAliSSOLogin.dll No File FF Plugin HKCU: @alibaba.com/npwangwang;version=1.0 -> C:\Program Files (x86)\AliWangWang\8.00.34C\npwangwang.dll No File FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Woei Shyang\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Woei Shyang\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Extension: Pocket - C:\Users\Woei Shyang\AppData\Roaming\Mozilla\Firefox\Profiles\uy7mx9xt.default\Extensions\isreaditlater@ideashower.com [2014-08-10] FF Extension: KeeFox - C:\Users\Woei Shyang\AppData\Roaming\Mozilla\Firefox\Profiles\uy7mx9xt.default\Extensions\keefox@chris.tomlinson [2014-06-27] FF Extension: DownloadHelper - C:\Users\Woei Shyang\AppData\Roaming\Mozilla\Firefox\Profiles\uy7mx9xt.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-08-10] FF Extension: HTML5 Notifications - C:\Users\Woei Shyang\AppData\Roaming\Mozilla\Firefox\Profiles\uy7mx9xt.default\Extensions\html5notifications@paxal.net.xpi [2014-08-10] FF Extension: 1Password - C:\Users\Woei Shyang\AppData\Roaming\Mozilla\Firefox\Profiles\uy7mx9xt.default\Extensions\onepassword4@agilebits.com.xpi [2014-08-10] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-06-19] Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter} CHR Extension: (Entanglement Web App) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2014-08-18] CHR Extension: (Awesome Screenshot: Capture & Annotate) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2014-08-18] CHR Extension: (Google Docs) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-18] CHR Extension: (1Password: Password Manager and Secure Wallet) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjjhallfgjeglblehebfpbcfeobpgk [2014-08-18] CHR Extension: (Google Drive) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-05] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-19] CHR Extension: (YouTube) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-05] CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2014-08-18] CHR Extension: (Adblock Plus) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-18] CHR Extension: (Google Search) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-05] CHR Extension: (Tampermonkey) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-08-18] CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-08-18] CHR Extension: (Proxy SwitchySharp) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2014-08-18] CHR Extension: (Autocomplete = on) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecpgkdflcnofdbbkiggklcfmgbnbabhh [2014-08-18] CHR Extension: (Tab Wrangler) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\egnjhciaieeiiohknchakcodbpgjnchh [2014-08-18] CHR Extension: (Gmail Offline) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2014-08-18] CHR Extension: (HTTPS Everywhere) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2014-08-18] CHR Extension: (The Camelizer - Amazon Price Tracker) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo [2014-08-18] CHR Extension: (Save to Google Drive) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2014-08-18] CHR Extension: (TweetDeck by Twitter) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2014-08-18] CHR Extension: (Eye Dropper) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka [2014-08-18] CHR Extension: (Bitly | Unleash the power of the link) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic [2014-08-18] CHR Extension: (Kindle Cloud Reader) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2014-08-18] CHR Extension: (Disconnect) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2014-08-18] CHR Extension: (eBay Search Alert) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmgddmdmhifhklhbhconpaehgbkaphcd [2014-08-18] CHR Extension: (Window Resizer) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkelicaakdanhinjdeammmilcgefonfh [2014-08-18] CHR Extension: (Codenvy IDE) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\lefigjbiimiemfhjmibbgemkpenelmag [2014-08-18] CHR Extension: (Ultimate User Agent Switcher, URL sniffer) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljfpjnehmoiabkefmnjegmpdddgcdnpo [2014-08-18] CHR Extension: (Poppit!) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2014-08-18] CHR Extension: (View Link in Google Cache) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbphmmfbemkijojeojbkecbgmpiamnlk [2014-08-18] CHR Extension: (Save to Pocket) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2014-08-18] CHR Extension: (Google Wallet) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-05] CHR Extension: (imo free video calls and text) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocaebkdojpikfmhmnekiflipcicedobi [2014-08-18] CHR Extension: (Checker Plus for Gmail™) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2014-08-18] CHR Extension: (chromeIPass) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\ompiailgknfdndiefoaoiligalphfdae [2014-08-18] CHR Extension: (Evernote Web Clipper) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2014-08-18] CHR Extension: (Gmail) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-05] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 acssrv; C:\Program Files\Agnitum\Outpost Firewall Pro\acs.exe [3402016 2014-02-24] (Agnitum Ltd.) [File not signed] S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [262320 2014-07-09] (Adobe Systems Incorporated) [File not signed] R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [208896 2014-03-18] (Microsoft Corporation) [File not signed] S3 ALG; C:\Windows\System32\alg.exe [92672 2013-08-22] (Microsoft Corporation) [File not signed] R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [239616 2014-06-10] (AMD) [File not signed] R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-04] (Avira Operations GmbH & Co. KG) [File not signed] R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-04] (Avira Operations GmbH & Co. KG) [File not signed] S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1021520 2014-08-04] (Avira Operations GmbH & Co. KG) [File not signed] S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [37888 2013-08-22] (Microsoft Corporation) [File not signed] R3 Appinfo; C:\Windows\System32\appinfo.dll [109568 2014-03-18] (Microsoft Corporation) [File not signed] R2 Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336 2014-02-12] (Apple Inc.) [File not signed] S3 AppMgmt; C:\Windows\System32\appmgmts.dll [183296 2014-03-18] (Microsoft Corporation) [File not signed] S3 AppMgmt; C:\Windows\SysWOW64\appmgmts.dll [151040 2014-03-18] (Microsoft Corporation) [File not signed] S3 AppReadiness; C:\Windows\system32\AppReadiness.dll [530944 2014-03-18] (Microsoft Corporation) [File not signed] S3 AppXSvc; C:\Windows\system32\appxdeploymentserver.dll [1306624 2014-03-08] (Microsoft Corporation) [File not signed] R2 AudioEndpointBuilder; C:\Windows\System32\AudioEndpointBuilder.dll [201216 2014-06-19] (Microsoft Corporation) [File not signed] R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [834048 2014-06-19] (Microsoft Corporation) [File not signed] R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [122448 2014-04-15] (Avira Operations GmbH & Co. KG) [File not signed] S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [109568 2014-03-18] (Microsoft Corporation) [File not signed] S3 BDESVC; C:\Windows\System32\bdesvc.dll [339456 2014-07-02] (Microsoft Corporation) [File not signed] R2 BFE; C:\Windows\System32\bfe.dll [827392 2014-07-02] (Microsoft Corporation) [File not signed] R2 BITS; C:\Windows\System32\qmgr.dll [1017856 2013-08-22] (Microsoft Corporation) [File not signed] R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-30] (Apple Inc.) [File not signed] R2 BrokerInfrastructure; C:\Windows\System32\bisrv.dll [269824 2014-03-18] (Microsoft Corporation) [File not signed] R3 Browser; C:\Windows\System32\browser.dll [134144 2013-08-22] (Microsoft Corporation) [File not signed] R3 bthserv; C:\Windows\system32\bthserv.dll [92160 2013-08-22] (Microsoft Corporation) [File not signed] S3 CertPropSvc; C:\Windows\System32\certprop.dll [155136 2013-08-22] (Microsoft Corporation) [File not signed] S3 COMSysApp; C:\Windows\system32\dllhost.exe [19296 2013-08-22] (Microsoft Corporation) [File not signed] S3 COMSysApp; C:\Windows\SysWOW64\dllhost.exe [17760 2013-08-22] (Microsoft Corporation) [File not signed] R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [129536 2013-08-22] (Microsoft Corporation) [File not signed] S3 CscService; C:\Windows\System32\cscsvc.dll [778240 2014-03-18] (Microsoft Corporation) [File not signed] R2 DcomLaunch; C:\Windows\system32\rpcss.dll [753664 2014-03-18] (Microsoft Corporation) [File not signed] S3 defragsvc; C:\Windows\System32\defragsvc.dll [449536 2014-06-19] (Microsoft Corporation) [File not signed] R2 DeviceAssociationService; C:\Windows\system32\das.dll [399872 2014-03-18] (Microsoft Corporation) [File not signed] S3 DeviceInstall; C:\Windows\system32\umpnpmgr.dll [115200 2014-03-06] (Microsoft Corporation) [File not signed] R2 Dhcp; C:\Windows\system32\dhcpcore.dll [353280 2014-07-02] (Microsoft Corporation) [File not signed] R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [254464 2014-03-04] (Microsoft Corporation) [File not signed] S3 dot3svc; C:\Windows\System32\dot3svc.dll [258560 2013-08-22] (Microsoft Corporation) [File not signed] R2 DPS; C:\Windows\system32\dps.dll [170496 2013-08-22] (Microsoft Corporation) [File not signed] S3 DsmSvc; C:\Windows\System32\DeviceSetupManager.dll [201728 2013-08-22] (Microsoft Corporation) [File not signed] S3 Eaphost; C:\Windows\System32\eapsvc.dll [107008 2013-08-22] (Microsoft Corporation) [File not signed] S3 EFS; C:\Windows\system32\efssvc.dll [40448 2013-08-22] (Microsoft Corporation) [File not signed] R2 EventLog; C:\Windows\System32\wevtsvc.dll [1669632 2013-08-22] (Microsoft Corporation) [File not signed] R2 EventSystem; C:\Windows\system32\es.dll [468992 2013-08-22] (Microsoft Corporation) [File not signed] S3 Fax; C:\Windows\system32\fxssvc.exe [655360 2013-08-22] (Microsoft Corporation) [File not signed] R3 fdPHost; C:\Windows\system32\fdPHost.dll [21504 2013-08-22] (Microsoft Corporation) [File not signed] R3 FDResPub; C:\Windows\system32\fdrespub.dll [33280 2013-08-22] (Microsoft Corporation) [File not signed] S3 fhsvc; C:\Windows\system32\fhsvc.dll [118272 2013-08-22] (Microsoft Corporation) [File not signed] R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-13] (Brio) [File not signed] R2 FontCache; C:\Windows\system32\FntCache.dll [1345536 2014-06-19] (Microsoft Corporation) [File not signed] S3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [43696 2013-08-03] (Microsoft Corporation) [File not signed] S2 gpsvc; C:\Windows\System32\gpsvc.dll [1308160 2014-06-19] (Microsoft Corporation) [File not signed] S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2014-05-05] (Google Inc.) [File not signed] S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2014-05-05] (Google Inc.) [File not signed] R3 hidserv; C:\Windows\system32\hidserv.dll [32256 2013-08-22] (Microsoft Corporation) [File not signed] S3 hkmsvc; C:\Windows\system32\kmsvc.dll [97792 2013-08-22] (Microsoft Corporation) [File not signed] R3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [261632 2013-08-22] (Microsoft Corporation) [File not signed] R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [405504 2014-03-18] (Microsoft Corporation) [File not signed] S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [111616 2014-06-19] (Microsoft Corporation) [File not signed] R2 IKEEXT; C:\Windows\System32\ikeext.dll [1063424 2014-07-02] (Microsoft Corporation) [File not signed] R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [903168 2014-03-18] (Microsoft Corporation) [File not signed] R3 iPod Service; C:\Program Files\iPod\bin\iPodService.exe [641352 2014-05-26] (Apple Inc.) [File not signed] R3 KeyIso; C:\Windows\system32\keyiso.dll [59392 2013-08-22] (Microsoft Corporation) [File not signed] S3 KtmRm; C:\Windows\system32\msdtckrm.dll [357888 2013-08-22] (Microsoft Corporation) [File not signed] R2 LanmanServer; C:\Windows\system32\srvsvc.dll [323072 2014-06-19] (Microsoft Corporation) [File not signed] R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [284160 2013-08-22] (Microsoft Corporation) [File not signed] S3 LBTServ; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [357144 2014-03-25] (Logitech, Inc.) [File not signed] S3 lfsvc; C:\Windows\System32\GeofenceMonitorService.dll [491520 2014-06-19] (Microsoft Corporation) [File not signed] S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [269824 2013-08-22] (Microsoft Corporation) [File not signed] R2 lmhosts; C:\Windows\System32\lmhsvc.dll [24576 2013-08-22] (Microsoft Corporation) [File not signed] R2 LSM; C:\Windows\System32\lsm.dll [710656 2014-03-18] (Microsoft Corporation) [File not signed] R2 MMCSS; C:\Windows\system32\mmcss.dll [70656 2013-08-22] (Microsoft Corporation) [File not signed] S3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [119408 2014-08-01] (Mozilla Foundation) [File not signed] R2 MpsSvc; C:\Windows\system32\mpssvc.dll [878080 2013-08-22] (Microsoft Corporation) [File not signed] S3 MSDTC; C:\Windows\System32\msdtc.exe [142848 2013-08-22] (Microsoft Corporation) [File not signed] S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [150528 2013-08-22] (Microsoft Corporation) [File not signed] S3 msiserver; C:\Windows\System32\msiexec.exe [62464 2013-08-22] (Microsoft Corporation) [File not signed] S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [55808 2013-08-22] (Microsoft Corporation) [File not signed] S4 MsKeyboardFilter; C:\Windows\System32\KeyboardFilterSvc.dll [90464 2014-03-18] (Microsoft Corporation) [File not signed] S3 napagent; C:\Windows\system32\qagentRT.dll [435200 2013-08-22] (Microsoft Corporation) [File not signed] S3 NcaSvc; C:\Windows\System32\ncasvc.dll [164352 2013-08-22] (Microsoft Corporation) [File not signed] R3 NcbService; C:\Windows\System32\ncbservice.dll [151040 2013-08-22] (Microsoft Corporation) [File not signed] R3 NcdAutoSetup; C:\Windows\System32\NcdAutoSetup.dll [73728 2013-08-22] (Microsoft Corporation) [File not signed] S3 Netlogon; C:\Windows\system32\netlogon.dll [834560 2014-03-06] (Microsoft Corporation) [File not signed] S3 Netman; C:\Windows\System32\netman.dll [254976 2013-08-22] (Microsoft Corporation) [File not signed] R3 netprofm; C:\Windows\System32\netprofmsvc.dll [525312 2013-08-22] (Microsoft Corporation) [File not signed] S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-08-10] (Microsoft Corporation) [File not signed] R2 NlaSvc; C:\Windows\System32\nlasvc.dll [387584 2013-08-22] (Microsoft Corporation) [File not signed] R2 nsi; C:\Windows\system32\nsisvc.dll [29184 2013-08-22] (Microsoft Corporation) [File not signed] S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [150600 2014-01-23] (Microsoft Corporation) [File not signed] R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [376320 2014-03-18] (Microsoft Corporation) [File not signed] R3 p2psvc; C:\Windows\system32\p2psvc.dll [433664 2013-08-22] (Microsoft Corporation) [File not signed] R2 PcaSvc; C:\Windows\System32\pcasvc.dll [471552 2014-03-18] (Microsoft Corporation) [File not signed] S3 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [2176000 2014-03-18] (Microsoft Corporation) [File not signed] S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [21504 2013-08-22] (Microsoft Corporation) [File not signed] S3 pla; C:\Windows\system32\pla.dll [1443840 2013-08-22] (Microsoft Corporation) [File not signed] R3 PlugPlay; C:\Windows\system32\umpnpmgr.dll [115200 2014-03-06] (Microsoft Corporation) [File not signed] S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25600 2013-08-22] (Microsoft Corporation) [File not signed] R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [376320 2014-03-18] (Microsoft Corporation) [File not signed] R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [403456 2013-08-22] (Microsoft Corporation) [File not signed] R2 Power; C:\Windows\system32\umpo.dll [79360 2013-08-22] (Microsoft Corporation) [File not signed] S3 PrintNotify; C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll [2899968 2013-08-22] (Microsoft Corporation) [File not signed] R2 ProfSvc; C:\Windows\system32\profsvc.dll [220160 2014-03-04] (Microsoft Corporation) [File not signed] R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc) [File not signed] S3 QWAVE; C:\Windows\system32\qwave.dll [297472 2013-08-22] (Microsoft Corporation) [File not signed] S3 RasAuto; C:\Windows\System32\rasauto.dll [101376 2013-08-22] (Microsoft Corporation) [File not signed] S3 RasMan; C:\Windows\System32\rasmans.dll [534528 2014-03-18] (Microsoft Corporation) [File not signed] S4 RemoteAccess; C:\Windows\System32\mprdim.dll [223744 2013-08-22] (Microsoft Corporation) [File not signed] S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [177664 2013-08-22] (Microsoft Corporation) [File not signed] S4 RemoteRegistry; C:\Windows\system32\regsvc.dll [164864 2013-08-22] (Microsoft Corporation) [File not signed] R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [79872 2013-08-22] (Microsoft Corporation) [File not signed] S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2013-08-22] (Microsoft Corporation) [File not signed] R2 RpcSs; C:\Windows\system32\rpcss.dll [753664 2014-03-18] (Microsoft Corporation) [File not signed] R2 SamSs; C:\Windows\system32\lsass.exe [45008 2013-08-22] (Microsoft Corporation) [File not signed] S4 SCardSvr; C:\Windows\System32\SCardSvr.dll [188416 2013-08-22] (Microsoft Corporation) [File not signed] S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [130560 2013-08-22] (Microsoft Corporation) [File not signed] R2 Schedule; C:\Windows\system32\schedsvc.dll [1214976 2014-03-18] (Microsoft Corporation) [File not signed] S3 SCPolicySvc; C:\Windows\System32\certprop.dll [155136 2013-08-22] (Microsoft Corporation) [File not signed] S3 seclogon; C:\Windows\system32\seclogon.dll [30720 2013-08-22] (Microsoft Corporation) [File not signed] R2 SENS; C:\Windows\System32\sens.dll [71680 2013-08-22] (Microsoft Corporation) [File not signed] R3 SensrSvc; C:\Windows\system32\sensrsvc.dll [220672 2014-03-18] (Microsoft Corporation) [File not signed] S3 SessionEnv; C:\Windows\system32\sessenv.dll [324096 2014-03-06] (Microsoft Corporation) [File not signed] S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [280576 2014-03-06] (Microsoft Corporation) [File not signed] S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [433664 2014-03-18] (Microsoft Corporation) [File not signed] R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [629760 2013-08-22] (Microsoft Corporation) [File not signed] R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [564736 2013-08-22] (Microsoft Corporation) [File not signed] S3 smphost; C:\Windows\System32\smphost.dll [13312 2013-08-22] (Microsoft Corporation) [File not signed] S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14848 2013-08-22] (Microsoft Corporation) [File not signed] R2 Spooler; C:\Windows\System32\spoolsv.exe [798208 2013-08-22] (Microsoft Corporation) [File not signed] S2 sppsvc; C:\Windows\system32\sppsvc.exe [6353960 2014-03-18] (Microsoft Corporation) [File not signed] R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [239616 2013-08-22] (Microsoft Corporation) [File not signed] S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [144384 2013-08-22] (Microsoft Corporation) [File not signed] R3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [833728 2014-08-14] (Valve Corporation) [File not signed] R2 stisvc; C:\Windows\System32\wiaservc.dll [634368 2013-08-22] (Microsoft Corporation) [File not signed] S3 StorSvc; C:\Windows\system32\storsvc.dll [19968 2013-08-22] (Microsoft Corporation) [File not signed] S3 svsvc; C:\Windows\system32\svsvc.dll [13312 2013-08-22] (Microsoft Corporation) [File not signed] S3 swprv; C:\Windows\System32\swprv.dll [718336 2014-06-19] (Microsoft Corporation) [File not signed] R2 SysMain; C:\Windows\system32\sysmain.dll [1192448 2014-03-18] (Microsoft Corporation) [File not signed] R2 SystemEventsBroker; C:\Windows\System32\SystemEventsBrokerServer.dll [282112 2014-03-18] (Microsoft Corporation) [File not signed] S3 TabletInputService; C:\Windows\System32\TabSvc.dll [147456 2013-08-22] (Microsoft Corporation) [File not signed] S3 TapiSrv; C:\Windows\System32\tapisrv.dll [306688 2013-08-22] (Microsoft Corporation) [File not signed] S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [248320 2013-08-22] (Microsoft Corporation) [File not signed] S3 TermService; C:\Windows\System32\termsrv.dll [1018880 2014-07-09] (Microsoft Corporation) [File not signed] R2 Themes; C:\Windows\system32\themeservice.dll [50688 2013-08-22] (Microsoft Corporation) [File not signed] S3 THREADORDER; C:\Windows\system32\mmcss.dll [70656 2013-08-22] (Microsoft Corporation) [File not signed] R3 TimeBroker; C:\Windows\System32\TimeBrokerServer.dll [245760 2013-08-22] (Microsoft Corporation) [File not signed] R2 TrkWks; C:\Windows\System32\trkwks.dll [122368 2013-08-22] (Microsoft Corporation) [File not signed] S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [99840 2014-03-18] (Microsoft Corporation) [File not signed] S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2013-08-22] (Microsoft Corporation) [File not signed] S3 UmRdpService; C:\Windows\System32\umrdp.dll [289280 2014-03-18] (Microsoft Corporation) [File not signed] R3 upnphost; C:\Windows\System32\upnphost.dll [436224 2013-08-22] (Microsoft Corporation) [File not signed] R3 VaultSvc; C:\Windows\System32\vaultsvc.dll [248832 2013-08-22] (Microsoft Corporation) [File not signed] S3 vds; C:\Windows\System32\vds.exe [1283584 2014-03-18] (Microsoft Corporation) [File not signed] R2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [86744 2014-04-14] (VMware, Inc.) [File not signed] S3 vmicguestinterface; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation) [File not signed] S3 vmicheartbeat; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation) [File not signed] S3 vmickvpexchange; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation) [File not signed] S3 vmicrdv; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation) [File not signed] S3 vmicshutdown; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation) [File not signed] S3 vmictimesync; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation) [File not signed] S3 vmicvss; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation) [File not signed] R2 VMnetDHCP; C:\Windows\SysWOW64\vmnetdhcp.exe [359128 2014-04-14] (VMware, Inc.) [File not signed] R2 VMUSBArbService; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [906432 2014-02-27] (VMware, Inc.) [File not signed] R2 VMware NAT Service; C:\Windows\SysWOW64\vmnat.exe [437976 2014-04-14] (VMware, Inc.) [File not signed] S4 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14407384 2014-04-14] () [File not signed] S3 VSS; C:\Windows\system32\vssvc.exe [1436160 2014-06-19] (Microsoft Corporation) [File not signed] S3 W32Time; C:\Windows\system32\w32time.dll [404480 2013-08-22] (Microsoft Corporation) [File not signed] S3 wbengine; C:\Windows\system32\wbengine.exe [1543680 2014-03-18] (Microsoft Corporation) [File not signed] S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [453632 2014-03-18] (Microsoft Corporation) [File not signed] R2 Wcmsvc; C:\Windows\System32\wcmsvc.dll [366080 2014-03-18] (Microsoft Corporation) [File not signed] S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [459776 2014-03-18] (Microsoft Corporation) [File not signed] S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [41984 2013-08-22] (Microsoft Corporation) [File not signed] R3 WdiServiceHost; C:\Windows\system32\wdi.dll [91136 2013-08-22] (Microsoft Corporation) [File not signed] S3 WdiSystemHost; C:\Windows\system32\wdi.dll [91136 2013-08-22] (Microsoft Corporation) [File not signed] S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-05-15] (Microsoft Corporation) [File not signed] S3 WebClient; C:\Windows\System32\webclnt.dll [226816 2014-07-02] (Microsoft Corporation) [File not signed] S3 Wecsvc; C:\Windows\system32\wecsvc.dll [215040 2013-08-22] (Microsoft Corporation) [File not signed] S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [24576 2013-08-22] (Microsoft Corporation) [File not signed] S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [81408 2014-03-18] (Microsoft Corporation) [File not signed] R3 WerSvc; C:\Windows\System32\WerSvc.dll [107008 2014-03-18] (Microsoft Corporation) [File not signed] S3 WiaRpc; C:\Windows\System32\wiarpc.dll [66048 2013-08-22] (Microsoft Corporation) [File not signed] S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-05-15] (Microsoft Corporation) [File not signed] R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [786432 2013-08-22] (Microsoft Corporation) [File not signed] R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [220672 2013-08-22] (Microsoft Corporation) [File not signed] S3 WinRM; C:\Windows\system32\WsmSvc.dll [2479616 2014-03-06] (Microsoft Corporation) [File not signed] S3 WlanSvc; C:\Windows\System32\wlansvc.dll [1527296 2014-06-19] (Microsoft Corporation) [File not signed] R3 wlidsvc; C:\Windows\system32\wlidsvc.dll [1576960 2014-03-18] (Microsoft Corporation) [File not signed] S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [195072 2013-08-22] (Microsoft Corporation) [File not signed] R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1403392 2014-03-18] (Microsoft Corporation) [File not signed] S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1584128 2014-06-19] (Microsoft Corporation) [File not signed] S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2013-08-22] (Microsoft Corporation) [File not signed] S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [84480 2013-08-22] (Microsoft Corporation) [File not signed] R2 wscsvc; C:\Windows\System32\wscsvc.dll [135168 2014-06-19] (Microsoft Corporation) [File not signed] R2 WSearch; C:\Windows\system32\SearchIndexer.exe [845824 2014-03-18] (Microsoft Corporation) [File not signed] R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [658432 2014-03-18] (Microsoft Corporation) [File not signed] S3 WSService; C:\Windows\System32\WSService.dll [3394384 2014-03-18] (Microsoft Corporation) [File not signed] S3 wuauserv; C:\Windows\system32\wuaueng.dll [3463680 2014-07-09] (Microsoft Corporation) [File not signed] R3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [100352 2013-08-22] (Microsoft Corporation) [File not signed] S3 WwanSvc; C:\Windows\System32\wwansvc.dll [510464 2013-08-22] (Microsoft Corporation) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 1394ohci; C:\Windows\System32\drivers\1394ohci.sys [231424 2013-08-22] (Microsoft Corporation) [File not signed] S0 3ware; C:\Windows\System32\drivers\3ware.sys [108896 2013-08-22] (LSI) [File not signed] R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [539992 2014-03-18] (Microsoft Corporation) [File not signed] R0 acpiex; C:\Windows\System32\Drivers\acpiex.sys [79712 2013-08-22] (Microsoft Corporation) [File not signed] S3 acpipagr; C:\Windows\System32\drivers\acpipagr.sys [10240 2013-08-22] (Microsoft Corporation) [File not signed] S3 AcpiPmi; C:\Windows\System32\drivers\acpipmi.sys [12288 2013-08-22] (Microsoft Corporation) [File not signed] S3 acpitime; C:\Windows\System32\drivers\acpitime.sys [10752 2013-08-22] (Microsoft Corporation) [File not signed] S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) [File not signed] R1 AFD; C:\Windows\system32\drivers\afd.sys [563200 2014-07-09] (Microsoft Corporation) [File not signed] R1 afw; C:\Windows\system32\DRIVERS\afw.sys [40544 2012-10-16] (Agnitum Ltd.) [File not signed] R3 afwcore; C:\Windows\System32\drivers\afwcore.sys [470224 2014-02-04] (Agnitum Ltd.) [File not signed] S0 agp440; C:\Windows\System32\drivers\agp440.sys [62304 2013-08-22] (Microsoft Corporation) [File not signed] R1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [76800 2013-08-22] (Microsoft Corporation) [File not signed] S3 AmdK8; C:\Windows\System32\drivers\amdk8.sys [95744 2013-08-22] (Microsoft Corporation) [File not signed] R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [13209088 2014-06-10] (Advanced Micro Devices, Inc.) [File not signed] R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [626688 2014-06-10] (Advanced Micro Devices, Inc.) [File not signed] S3 AmdPPM; C:\Windows\System32\drivers\amdppm.sys [98816 2013-08-22] (Microsoft Corporation) [File not signed] S0 amdsata; C:\Windows\System32\drivers\amdsata.sys [79200 2013-08-22] (Advanced Micro Devices) [File not signed] S0 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [259424 2013-08-22] (AMD Technologies Inc.) [File not signed] S0 amdxata; C:\Windows\System32\drivers\amdxata.sys [25952 2013-08-22] (Advanced Micro Devices) [File not signed] S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2012-07-03] (Google Inc) [File not signed] S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.) [File not signed] S3 AndNetDiag2; C:\Windows\system32\DRIVERS\lgandnetdiag264.sys [29184 2012-07-03] (LG Electronics Inc.) [File not signed] S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.) [File not signed] S3 AppID; C:\Windows\system32\drivers\appid.sys [83456 2014-03-18] (Microsoft Corporation) [File not signed] S0 arcsas; C:\Windows\System32\drivers\arcsas.sys [114016 2013-08-22] (PMC-Sierra, Inc.) [File not signed] R0 atapi; C:\Windows\System32\drivers\atapi.sys [26464 2013-08-22] (Microsoft Corporation) [File not signed] R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG) [File not signed] R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-06-08] (Avira Operations GmbH & Co. KG) [File not signed] R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG) [File not signed] S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [531296 2013-08-22] (Broadcom Corporation) [File not signed] R1 BasicDisplay; C:\Windows\System32\drivers\BasicDisplay.sys [50688 2013-08-22] (Microsoft Corporation) [File not signed] R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [33280 2014-03-18] (Microsoft Corporation) [File not signed] U5 BattC; C:\Windows\System32\Drivers\BattC.sys [35168 2013-08-22] (Microsoft Corporation) [File not signed] S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider) [File not signed] R1 Beep; C:\Windows\System32\Drivers\Beep.sys [7680 2013-08-22] (Microsoft Corporation) [File not signed] R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [102912 2013-08-22] (Microsoft Corporation) [File not signed] S3 BthAvrcpTg; C:\Windows\System32\drivers\BthAvrcpTg.sys [36992 2013-08-22] (Microsoft Corporation) [File not signed] R3 BthEnum; C:\Windows\System32\drivers\BthEnum.sys [53248 2013-08-22] (Microsoft Corporation) [File not signed] S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [57856 2013-08-22] (Microsoft Corporation) [File not signed] S3 bthhfhid; C:\Windows\System32\drivers\BthHFHid.sys [30720 2013-08-22] (Microsoft Corporation) [File not signed] S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [64000 2014-03-18] (Microsoft Corporation) [File not signed] R3 BthPan; C:\Windows\system32\DRIVERS\bthpan.sys [118272 2013-08-22] (Microsoft Corporation) [File not signed] S3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [1200128 2014-06-19] (Microsoft Corporation) [File not signed] R3 BTHUSB; C:\Windows\System32\Drivers\BTHUSB.sys [81920 2014-03-18] (Microsoft Corporation) [File not signed] S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [88576 2013-08-22] (Microsoft Corporation) [File not signed] S1 cdrom; C:\Windows\System32\drivers\cdrom.sys [164352 2013-08-22] (Microsoft Corporation) [File not signed] S3 circlass; C:\Windows\System32\drivers\circlass.sys [44032 2013-08-22] (Microsoft Corporation) [File not signed] R0 CLFS; C:\Windows\System32\drivers\CLFS.sys [376152 2014-03-20] (Microsoft Corporation) [File not signed] S3 CmBatt; C:\Windows\System32\drivers\CmBatt.sys [25472 2013-08-22] (Microsoft Corporation) [File not signed] R3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2013-12-11] (C-Media Inc) [File not signed] R0 CNG; C:\Windows\System32\Drivers\cng.sys [565576 2014-07-09] (Microsoft Corporation) [File not signed] R3 CompositeBus; C:\Windows\System32\drivers\CompositeBus.sys [36352 2013-08-22] (Microsoft Corporation) [File not signed] R3 condrv; C:\Windows\System32\drivers\condrv.sys [43008 2013-08-22] (Microsoft Corporation) [File not signed] R1 CSC; C:\Windows\System32\drivers\csc.sys [559616 2014-03-18] (Microsoft Corporation) [File not signed] S1 dam; C:\Windows\System32\drivers\dam.sys [57696 2013-08-22] (Microsoft Corporation) [File not signed] R1 Dfsc; C:\Windows\System32\Drivers\dfsc.sys [134144 2014-03-06] (Microsoft Corporation) [File not signed] R0 disk; C:\Windows\System32\drivers\disk.sys [100192 2013-08-22] (Microsoft Corporation) [File not signed] S3 dmvsc; C:\Windows\System32\drivers\dmvsc.sys [29696 2013-08-22] (Microsoft Corporation) [File not signed] S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [14560 2013-08-22] (Microsoft Corporation) [File not signed] R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [1557848 2014-03-06] (Microsoft Corporation) [File not signed] R3 e1iexpress; C:\Windows\system32\DRIVERS\e1i63x64.sys [460288 2013-06-18] (Intel Corporation) [File not signed] S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) [File not signed] S0 EhStorClass; C:\Windows\System32\drivers\EhStorClass.sys [82784 2013-08-22] (Microsoft Corporation) [File not signed] S0 EhStorTcgDrv; C:\Windows\System32\drivers\EhStorTcgDrv.sys [114016 2013-08-22] (Microsoft Corporation) [File not signed] S3 ErrDev; C:\Windows\System32\drivers\errdev.sys [10240 2013-08-22] (Microsoft Corporation) [File not signed] S3 exfat; C:\Windows\System32\Drivers\exfat.sys [200704 2013-08-22] (Microsoft Corporation) [File not signed] S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [217952 2013-08-22] (Microsoft Corporation) [File not signed] S3 fdc; C:\Windows\System32\drivers\fdc.sys [30720 2013-08-22] (Microsoft Corporation) [File not signed] R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [79192 2014-03-18] (Microsoft Corporation) [File not signed] S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34816 2013-08-22] (Microsoft Corporation) [File not signed] S3 flpydisk; C:\Windows\System32\drivers\flpydisk.sys [25088 2013-08-22] (Microsoft Corporation) [File not signed] R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [360792 2014-06-19] (Microsoft Corporation) [File not signed] S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [56672 2013-08-22] (Microsoft Corporation) [File not signed] U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [30048 2013-08-22] (Microsoft Corporation) [File not signed] R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [589656 2014-06-19] (Microsoft Corporation) [File not signed] S3 FxPPM; C:\Windows\System32\drivers\fxppm.sys [27136 2013-08-22] (Microsoft Corporation) [File not signed] S0 gagp30kx; C:\Windows\System32\drivers\gagp30kx.sys [65888 2013-08-22] (Microsoft Corporation) [File not signed] S3 GEARAspiWDM; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.) [File not signed] S3 gencounter; C:\Windows\System32\drivers\vmgencounter.sys [11264 2013-08-22] (Microsoft Corporation) [File not signed] S3 GPIOClx0101; C:\Windows\System32\Drivers\msgpioclx.sys [146776 2014-03-18] (Microsoft Corporation) [File not signed] R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [54464 2014-02-27] (VMware, Inc.) [File not signed] R3 HdAudAddService; C:\Windows\system32\drivers\HdAudio.sys [395776 2013-08-22] (Microsoft Corporation) [File not signed] R3 HDAudBus; C:\Windows\System32\drivers\HDAudBus.sys [77312 2014-06-19] (Microsoft Corporation) [File not signed] S3 HidBatt; C:\Windows\System32\drivers\HidBatt.sys [26624 2013-08-22] (Microsoft Corporation) [File not signed] S3 HidBth; C:\Windows\System32\drivers\hidbth.sys [96768 2013-08-22] (Microsoft Corporation) [File not signed] S3 hidi2c; C:\Windows\System32\drivers\hidi2c.sys [41472 2013-08-22] (Microsoft Corporation) [File not signed] S3 HidIr; C:\Windows\System32\drivers\hidir.sys [45568 2013-08-22] (Microsoft Corporation) [File not signed] R3 HidUsb; C:\Windows\System32\drivers\hidusb.sys [33280 2014-03-06] (Microsoft Corporation) [File not signed] S0 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [64352 2013-08-22] (Hewlett-Packard Company) [File not signed] R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [994136 2014-03-18] (Microsoft Corporation) [File not signed] S0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [24416 2013-08-22] (Microsoft Corporation) [File not signed] S3 hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys [13824 2013-08-22] (Microsoft Corporation) [File not signed] S3 HyperVideo; C:\Windows\system32\DRIVERS\HyperVideo.sys [22016 2013-08-22] (Microsoft Corporation) [File not signed] S3 i8042prt; C:\Windows\System32\drivers\i8042prt.sys [107520 2013-08-22] (Microsoft Corporation) [File not signed] S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-31] (Intel Corporation) [File not signed] S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-26] (Intel Corporation) [File not signed] S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation) [File not signed] S0 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [412000 2013-08-22] (Intel Corporation) [File not signed] S0 intelide; C:\Windows\System32\drivers\intelide.sys [18272 2013-08-22] (Microsoft Corporation) [File not signed] R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-03-18] (Microsoft Corporation) [File not signed] R3 intelppm; C:\Windows\System32\drivers\intelppm.sys [98816 2013-08-22] (Microsoft Corporation) [File not signed] S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [84992 2013-08-22] (Microsoft Corporation) [File not signed] S3 IPMIDRV; C:\Windows\System32\drivers\IPMIDrv.sys [79360 2014-03-06] (Microsoft Corporation) [File not signed] S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [142848 2014-03-18] (Microsoft Corporation) [File not signed] S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2013-08-22] (Microsoft Corporation) [File not signed] S0 isapnp; C:\Windows\System32\drivers\isapnp.sys [21856 2013-08-22] (Microsoft Corporation) [File not signed] S3 iScsiPrt; C:\Windows\System32\drivers\msiscsi.sys [275800 2014-06-19] (Microsoft Corporation) [File not signed] R3 kbdclass; C:\Windows\System32\drivers\kbdclass.sys [58208 2013-08-22] (Microsoft Corporation) [File not signed] R3 kbdhid; C:\Windows\System32\drivers\kbdhid.sys [32256 2013-08-22] (Microsoft Corporation) [File not signed] S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2014-03-18] (Microsoft Corporation) [File not signed] R3 kdnic; C:\Windows\system32\DRIVERS\kdnic.sys [19456 2013-08-22] (Microsoft Corporation) [File not signed] R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [101208 2014-03-18] (Microsoft Corporation) [File not signed] R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [180056 2014-03-09] (Microsoft Corporation) [File not signed] R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [21248 2013-08-22] (Microsoft Corporation) [File not signed] R3 LEqdUsb; C:\Windows\system32\DRIVERS\LEqdUsb.Sys [77592 2014-03-19] (Logitech, Inc.) [File not signed] R3 LHidEqd; C:\Windows\system32\DRIVERS\LHidEqd.Sys [13080 2014-03-19] (Logitech, Inc.) [File not signed] R3 LHidFilt; C:\Windows\system32\DRIVERS\LHidFilt.Sys [76568 2014-03-19] (Logitech, Inc.) [File not signed] R2 lltdio; C:\Windows\system32\DRIVERS\lltdio.sys [59392 2013-08-22] (Microsoft Corporation) [File not signed] R3 LMouFilt; C:\Windows\system32\DRIVERS\LMouFilt.Sys [59160 2014-03-19] (Logitech, Inc.) [File not signed] S0 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [109408 2013-08-22] (LSI Corporation) [File not signed] S0 LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys [93536 2013-08-22] (LSI Corporation) [File not signed] S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) [File not signed] S0 LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [82784 2013-08-22] (LSI Corporation) [File not signed] R2 luafv; C:\Windows\system32\drivers\luafv.sys [124416 2014-03-18] (Microsoft Corporation) [File not signed] S0 megasas; C:\Windows\System32\drivers\megasas.sys [56672 2013-08-22] (LSI Corporation) [File not signed] S0 megasr; C:\Windows\System32\drivers\megasr.sys [575840 2013-08-22] (LSI Corporation, Inc.) [File not signed] S3 Modem; C:\Windows\System32\drivers\modem.sys [40960 2013-08-22] (Microsoft Corporation) [File not signed] R3 monitor; C:\Windows\System32\drivers\monitor.sys [30208 2013-08-22] (Microsoft Corporation) [File not signed] R3 mouclass; C:\Windows\System32\drivers\mouclass.sys [51040 2013-08-22] (Microsoft Corporation) [File not signed] R3 mouhid; C:\Windows\System32\drivers\mouhid.sys [30208 2013-08-22] (Microsoft Corporation) [File not signed] R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [101728 2013-08-22] (Microsoft Corporation) [File not signed] R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [74240 2013-08-22] (Microsoft Corporation) [File not signed] S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140288 2014-03-06] (Microsoft Corporation) [File not signed] R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [402432 2014-07-02] (Microsoft Corporation) [File not signed] R2 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [283648 2014-03-06] (Microsoft Corporation) [File not signed] R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [206848 2014-07-02] (Microsoft Corporation) [File not signed] S3 MsBridge; C:\Windows\system32\DRIVERS\bridge.sys [115712 2013-08-22] (Microsoft Corporation) [File not signed] R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [30208 2013-08-22] (Microsoft Corporation) [File not signed] S3 msgpiowin32; C:\Windows\System32\drivers\msgpiowin32.sys [41824 2013-08-22] (Microsoft Corporation) [File not signed] S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2013-08-22] (Microsoft Corporation) [File not signed] S3 mshidumdf; C:\Windows\System32\drivers\mshidumdf.sys [9728 2013-08-22] (Microsoft Corporation) [File not signed] R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [17248 2013-08-22] (Microsoft Corporation) [File not signed] S3 MSKSSRV; C:\Windows\system32\drivers\MSKSSRV.sys [10624 2013-08-22] (Microsoft Corporation) [File not signed] R3 MsLldp; C:\Windows\system32\DRIVERS\mslldp.sys [66560 2013-08-22] (Microsoft Corporation) [File not signed] S3 MSPCLOCK; C:\Windows\system32\drivers\MSPCLOCK.sys [7040 2013-08-22] (Microsoft Corporation) [File not signed] S3 MSPQM; C:\Windows\system32\drivers\MSPQM.sys [6784 2013-08-22] (Microsoft Corporation) [File not signed] S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366432 2013-08-22] (Microsoft Corporation) [File not signed] R1 mssmbios; C:\Windows\System32\drivers\mssmbios.sys [37728 2013-08-22] (Microsoft Corporation) [File not signed] S3 MSTEE; C:\Windows\system32\drivers\MSTEE.sys [7936 2013-08-22] (Microsoft Corporation) [File not signed] S3 MTConfig; C:\Windows\System32\drivers\MTConfig.sys [13312 2013-08-22] (Microsoft Corporation) [File not signed] R0 Mup; C:\Windows\System32\Drivers\mup.sys [78688 2013-08-22] (Microsoft Corporation) [File not signed] S0 mvumis; C:\Windows\System32\drivers\mvumis.sys [63840 2013-08-22] (Marvell Semiconductor, Inc.) [File not signed] S3 NativeWifiP; C:\Windows\system32\DRIVERS\nwifi.sys [443904 2014-06-19] (Microsoft Corporation) [File not signed] R0 NDIS; C:\Windows\System32\drivers\ndis.sys [1118552 2014-03-18] (Microsoft Corporation) [File not signed] S3 NdisCap; C:\Windows\system32\DRIVERS\ndiscap.sys [43008 2013-08-22] (Microsoft Corporation) [File not signed] S3 NdisImPlatform; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [124928 2013-08-22] (Microsoft Corporation) [File not signed] S3 NdisTapi; C:\Windows\system32\DRIVERS\ndistapi.sys [24576 2013-08-22] (Microsoft Corporation) [File not signed] S3 Ndisuio; C:\Windows\system32\DRIVERS\ndisuio.sys [60416 2013-08-22] (Microsoft Corporation) [File not signed] R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) [File not signed] S3 NdisWan; C:\Windows\system32\DRIVERS\ndiswan.sys [220672 2013-08-22] (Microsoft Corporation) [File not signed] S3 NdisWanLegacy; C:\Windows\system32\DRIVERS\ndiswan.sys [220672 2013-08-22] (Microsoft Corporation) [File not signed] S3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [72192 2013-08-22] (Microsoft Corporation) [File not signed] R2 Ndu; C:\Windows\System32\drivers\Ndu.sys [103424 2013-08-22] (Microsoft Corporation) [File not signed] R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [48128 2013-08-22] (Microsoft Corporation) [File not signed] R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [282624 2013-08-22] (Microsoft Corporation) [File not signed] S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) [File not signed] R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [58880 2013-08-22] (Microsoft Corporation) [File not signed] R1 npsvctrig; C:\Windows\System32\drivers\npsvctrig.sys [23040 2013-08-22] (Microsoft Corporation) [File not signed] R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [39936 2013-08-22] (Microsoft Corporation) [File not signed] R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [2013016 2014-03-20] (Microsoft Corporation) [File not signed] R1 Null; C:\Windows\System32\Drivers\Null.sys [5632 2013-08-22] (Microsoft Corporation) [File not signed] S0 nvraid; C:\Windows\System32\drivers\nvraid.sys [150368 2013-08-22] (NVIDIA Corporation) [File not signed] S0 nvstor; C:\Windows\System32\drivers\nvstor.sys [168288 2013-08-22] (NVIDIA Corporation) [File not signed] S0 nv_agp; C:\Windows\System32\drivers\nv_agp.sys [124768 2013-08-22] (Microsoft Corporation) [File not signed] S3 Parport; C:\Windows\System32\drivers\parport.sys [94208 2013-08-22] (Microsoft Corporation) [File not signed] R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [88928 2013-08-22] (Microsoft Corporation) [File not signed] R0 pci; C:\Windows\System32\drivers\pci.sys [280920 2014-03-18] (Microsoft Corporation) [File not signed] R0 pciide; C:\Windows\System32\drivers\pciide.sys [14688 2013-08-22] (Microsoft Corporation) [File not signed] S0 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [114528 2013-08-22] (Microsoft Corporation) [File not signed] R0 pcw; C:\Windows\System32\drivers\pcw.sys [50016 2013-08-22] (Microsoft Corporation) [File not signed] R0 pdc; C:\Windows\System32\drivers\pdc.sys [86872 2014-03-18] (Microsoft Corporation) [File not signed] R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [663040 2014-03-18] (Microsoft Corporation) [File not signed] S3 Processor; C:\Windows\System32\drivers\processr.sys [92160 2013-08-22] (Microsoft Corporation) [File not signed] R1 Psched; C:\Windows\system32\DRIVERS\pacer.sys [151552 2013-08-22] (Microsoft Corporation) [File not signed] S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] () [File not signed] S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] () [File not signed] S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [47104 2013-08-22] (Microsoft Corporation) [File not signed] S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [17408 2013-08-22] (Microsoft Corporation) [File not signed] S3 RasPppoe; C:\Windows\system32\DRIVERS\raspppoe.sys [84992 2013-08-22] (Microsoft Corporation) [File not signed] R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [408576 2014-03-18] (Microsoft Corporation) [File not signed] R3 rdpbus; C:\Windows\System32\drivers\rdpbus.sys [22528 2013-08-22] (Microsoft Corporation) [File not signed] S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [195584 2014-03-18] (Microsoft Corporation) [File not signed] S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [27488 2014-03-18] (Microsoft Corporation) [File not signed] R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [249688 2014-03-18] (Microsoft Corporation) [File not signed] S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-03-18] (Microsoft Corporation) [File not signed] R3 RFCOMM; C:\Windows\system32\DRIVERS\rfcomm.sys [167424 2014-03-18] (Microsoft Corporation) [File not signed] R2 rspndr; C:\Windows\system32\DRIVERS\rspndr.sys [80384 2013-08-22] (Microsoft Corporation) [File not signed] S3 s3cap; C:\Windows\System32\drivers\vms3cap.sys [7168 2013-08-22] (Microsoft Corporation) [File not signed] R1 SandBox; C:\Windows\system32\drivers\SandBox64.sys [1324992 2013-12-20] (Agnitum Ltd.) [File not signed] S0 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [107872 2013-08-22] (Microsoft Corporation) [File not signed] S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [40960 2013-08-22] (Microsoft Corporation) [File not signed] S3 sdbus; C:\Windows\System32\drivers\sdbus.sys [236888 2014-03-18] (Microsoft Corporation) [File not signed] S3 sdstor; C:\Windows\System32\drivers\sdstor.sys [79192 2014-03-18] (Microsoft Corporation) [File not signed] R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2013-08-22] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed] S3 SerCx; C:\Windows\System32\drivers\SerCx.sys [69472 2013-08-22] (Microsoft Corporation) [File not signed] S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-03-18] (Microsoft Corporation) [File not signed] S3 Serenum; C:\Windows\System32\drivers\serenum.sys [23040 2013-08-22] (Microsoft Corporation) [File not signed] S3 Serial; C:\Windows\System32\drivers\serial.sys [83456 2013-08-22] (Microsoft Corporation) [File not signed] S3 sermouse; C:\Windows\System32\drivers\sermouse.sys [26112 2013-08-22] (Microsoft Corporation) [File not signed] S3 sfloppy; C:\Windows\System32\drivers\sfloppy.sys [17408 2013-08-22] (Microsoft Corporation) [File not signed] S0 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44896 2013-08-22] (Silicon Integrated Systems Corp.) [File not signed] S0 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81760 2013-08-22] (Silicon Integrated Systems) [File not signed] R0 spaceport; C:\Windows\System32\drivers\spaceport.sys [384856 2014-06-19] (Microsoft Corporation) [File not signed] S3 SpbCx; C:\Windows\System32\drivers\SpbCx.sys [72032 2013-08-22] (Microsoft Corporation) [File not signed] R2 srv; C:\Windows\System32\DRIVERS\srv.sys [454656 2014-03-18] (Microsoft Corporation) [File not signed] R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [677376 2014-06-19] (Microsoft Corporation) [File not signed] R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [246272 2014-06-19] (Microsoft Corporation) [File not signed] S0 stexstor; C:\Windows\System32\drivers\stexstor.sys [31072 2013-08-22] (Promise Technology, Inc.) [File not signed] R0 storahci; C:\Windows\System32\drivers\storahci.sys [107872 2013-08-22] (Microsoft Corporation) [File not signed] S0 storflt; C:\Windows\System32\DRIVERS\vmstorfl.sys [49984 2013-08-22] (Microsoft Corporation) [File not signed] S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2014-03-18] (Microsoft Corporation) [File not signed] S0 storvsc; C:\Windows\System32\drivers\storvsc.sys [45888 2013-08-22] (Microsoft Corporation) [File not signed] S3 storvsp; C:\Windows\System32\drivers\storvsp.sys [68608 2014-03-18] (Microsoft Corporation) [File not signed] R3 swenum; C:\Windows\System32\drivers\swenum.sys [14176 2013-08-22] (Microsoft Corporation) [File not signed] R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [2518872 2014-06-19] (Microsoft Corporation) [File not signed] S3 TCPIP6; C:\Windows\system32\DRIVERS\tcpip.sys [2518872 2014-06-19] (Microsoft Corporation) [File not signed] R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [49152 2014-03-06] (Microsoft Corporation) [File not signed] R1 tdx; C:\Windows\system32\DRIVERS\tdx.sys [107520 2013-08-22] (Microsoft Corporation) [File not signed] S3 terminpt; C:\Windows\System32\drivers\terminpt.sys [37216 2014-03-18] (Microsoft Corporation) [File not signed] S3 TPM; C:\Windows\system32\drivers\tpm.sys [159584 2013-08-22] (Microsoft Corporation) [File not signed] S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [56320 2013-08-22] (Microsoft Corporation) [File not signed] S3 TsUsbGD; C:\Windows\System32\drivers\TsUsbGD.sys [29696 2013-08-22] (Microsoft Corporation) [File not signed] R3 tunnel; C:\Windows\system32\DRIVERS\tunnel.sys [154112 2013-08-22] (Microsoft Corporation) [File not signed] S0 uagp35; C:\Windows\System32\drivers\uagp35.sys [64864 2013-08-22] (Microsoft Corporation) [File not signed] S3 UASPStor; C:\Windows\System32\drivers\uaspstor.sys [74080 2013-08-22] (Microsoft Corporation) [File not signed] S3 UCX01000; C:\Windows\System32\drivers\ucx01000.sys [189784 2014-03-18] (Microsoft Corporation) [File not signed] S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [316928 2013-08-22] (Microsoft Corporation) [File not signed] S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) [File not signed] S0 uliagpkx; C:\Windows\System32\drivers\uliagpkx.sys [65888 2013-08-22] (Microsoft Corporation) [File not signed] R3 umbus; C:\Windows\System32\drivers\umbus.sys [46080 2013-08-22] (Microsoft Corporation) [File not signed] S3 UmPass; C:\Windows\System32\drivers\umpass.sys [11776 2013-08-22] (Microsoft Corporation) [File not signed] S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed] R3 usbccgp; C:\Windows\System32\drivers\usbccgp.sys [155480 2014-03-18] (Microsoft Corporation) [File not signed] S3 usbcir; C:\Windows\System32\drivers\usbcir.sys [98304 2013-08-22] (Microsoft Corporation) [File not signed] R3 usbehci; C:\Windows\System32\drivers\usbehci.sys [89944 2014-07-02] (Microsoft Corporation) [File not signed] R3 usbhub; C:\Windows\System32\drivers\usbhub.sys [418136 2014-07-02] (Microsoft Corporation) [File not signed] S3 USBHUB3; C:\Windows\System32\drivers\UsbHub3.sys [467800 2014-03-09] (Microsoft Corporation) [File not signed] S3 usbohci; C:\Windows\System32\drivers\usbohci.sys [30208 2013-08-22] (Microsoft Corporation) [File not signed] S3 usbprint; C:\Windows\System32\drivers\usbprint.sys [26112 2013-08-22] (Microsoft Corporation) [File not signed] S3 usbscan; C:\Windows\system32\DRIVERS\usbscan.sys [44544 2013-08-22] (Microsoft Corporation) [File not signed] R3 USBSTOR; C:\Windows\System32\drivers\USBSTOR.SYS [148824 2014-03-18] (Microsoft Corporation) [File not signed] S3 usbuhci; C:\Windows\System32\drivers\usbuhci.sys [37376 2014-07-02] (Microsoft Corporation) [File not signed] S3 USBXHCI; C:\Windows\System32\drivers\USBXHCI.SYS [325464 2014-03-18] (Microsoft Corporation) [File not signed] R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [37728 2013-08-22] (Microsoft Corporation) [File not signed] S3 VerifierExt; C:\Windows\System32\drivers\VerifierExt.sys [175960 2014-03-18] (Microsoft Corporation) [File not signed] S3 vhdmp; C:\Windows\System32\drivers\vhdmp.sys [551256 2014-03-18] (Microsoft Corporation) [File not signed] S0 viaide; C:\Windows\System32\drivers\viaide.sys [19808 2013-08-22] (VIA Technologies, Inc.) [File not signed] S3 Vid; C:\Windows\System32\drivers\Vid.sys [220672 2014-03-18] (Microsoft Corporation) [File not signed] S0 vmbus; C:\Windows\System32\drivers\vmbus.sys [97088 2013-08-22] (Microsoft Corporation) [File not signed] S3 VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys [21760 2013-08-22] (Microsoft Corporation) [File not signed] S3 vmbusr; C:\Windows\System32\drivers\vmbusr.sys [129536 2014-03-18] (Microsoft Corporation) [File not signed] R0 vmci; C:\Windows\System32\drivers\vmci.sys [85584 2013-10-08] (VMware, Inc.) [File not signed] R3 VMnetAdapter; C:\Windows\system32\DRIVERS\vmnetadapter.sys [20560 2014-04-14] (VMware, Inc.) [File not signed] R2 VMnetBridge; C:\Windows\system32\DRIVERS\vmnetbridge.sys [46160 2014-04-14] (VMware, Inc.) [File not signed] R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [31448 2014-04-14] (VMware, Inc.) [File not signed] S3 vmusb; C:\Windows\System32\drivers\vmusb.sys [51904 2014-02-27] (VMware, Inc.) [File not signed] R2 vmx86; C:\Windows\system32\drivers\vmx86.sys [64728 2014-04-14] (VMware, Inc.) [File not signed] R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [73568 2013-08-22] (Microsoft Corporation) [File not signed] R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [377696 2013-08-22] (Microsoft Corporation) [File not signed] R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [310616 2014-06-19] (Microsoft Corporation) [File not signed] S3 vpci; C:\Windows\System32\drivers\vpci.sys [69472 2013-08-22] (Microsoft Corporation) [File not signed] S3 vpcivsp; C:\Windows\System32\drivers\vpcivsp.sys [65536 2014-03-18] (Microsoft Corporation) [File not signed] S0 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [168800 2013-08-22] (VIA Technologies Inc.,Ltd) [File not signed] R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.) [File not signed] R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.) [File not signed] S0 VSTXRAID; C:\Windows\System32\drivers\vstxraid.sys [305504 2013-08-22] (VIA Corporation) [File not signed] S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [24576 2013-08-22] (Microsoft Corporation) [File not signed] S3 WacomPen; C:\Windows\System32\drivers\wacompen.sys [26752 2013-08-22] (Microsoft Corporation) [File not signed] S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-05-15] (Microsoft Corporation) [File not signed] R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [839488 2013-08-22] (Microsoft Corporation) [File not signed] S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [257880 2014-05-15] (Microsoft Corporation) [File not signed] S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-05-15] (Microsoft Corporation) [File not signed] R0 WFPLWFS; C:\Windows\System32\DRIVERS\wfplwfs.sys [136024 2014-03-09] (Microsoft Corporation) [File not signed] S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [33632 2013-08-22] (Microsoft Corporation) [File not signed] S3 WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [78848 2013-08-22] (Microsoft Corporation) [File not signed] R3 WmiAcpi; C:\Windows\System32\drivers\wmiacpi.sys [16384 2013-08-22] (Microsoft Corporation) [File not signed] R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation) [File not signed] S3 wpcfltr; C:\Windows\System32\DRIVERS\wpcfltr.sys [55328 2014-06-19] (Microsoft Corporation) [File not signed] R3 WpdUpFltr; C:\Windows\System32\drivers\WpdUpFltr.sys [26976 2013-08-22] (Microsoft Corporation) [File not signed] R1 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2013-08-22] (Microsoft Corporation) [File not signed] R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [117760 2013-08-22] (Microsoft Corporation) [File not signed] R3 WUDFRd; C:\Windows\System32\drivers\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation) [File not signed] R3 WUDFSensorLP; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation) [File not signed] R3 WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation) [File not signed] R3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation) [File not signed] ========================== Drivers MD5 ======================= C:\Windows\System32\drivers\1394ohci.sys E1832BD9FD7E0FC2DC9FA5935DE3E8C1 C:\Windows\System32\drivers\3ware.sys AD508A1A46EC21B740AB31C28EFDFDB1 C:\Windows\System32\drivers\ACPI.sys 9539F7917B4B6D92C90F0FAA6B86C605 C:\Windows\System32\Drivers\acpiex.sys AC8279D229398BCF05C3154ADCA86813 C:\Windows\System32\drivers\acpipagr.sys A8970D9BF23CD309E0403978A1B58F3F C:\Windows\System32\drivers\acpipmi.sys 111A89C99C5B4F1A7BCE5F643DD86F65 C:\Windows\System32\drivers\acpitime.sys 5758387D68A20AE7D3245011B07E36E7 C:\Windows\System32\drivers\ADP80XX.SYS 7C1FDF1B48298CBA7CE4BDD4978951AD C:\Windows\system32\drivers\afd.sys 374E27295F0A9DCAA8FC96370F9BEEA5 C:\Windows\system32\DRIVERS\afw.sys A12CC7EA6448C7BADC8677593C2AC55D C:\Windows\System32\drivers\afwcore.sys B998EC04EF865567B78D4F0E36530FFC C:\Windows\System32\drivers\agp440.sys 7DFAEBA9AD62D20102B576D5CAC45EC8 C:\Windows\System32\DRIVERS\ahcache.sys 8E8E34B7BA059050EED827410D0697A2 C:\Windows\System32\drivers\amdk8.sys 7589DE749DB6F71A68489DCE04158729 C:\Windows\system32\DRIVERS\atikmdag.sys 64F79795D91CCA5FFC2694975AAED35F C:\Windows\system32\DRIVERS\atikmpag.sys DDB6A787E34A158B684CE2389894EB96 C:\Windows\System32\drivers\amdppm.sys B46D2D89AFF8A9490FA8C98C7A5616E3 C:\Windows\System32\drivers\amdsata.sys D2BF2F94A47D332814910FD47C6BBCD2 C:\Windows\System32\drivers\amdsbs.sys A8E04943C7BBA7219AA50400272C3C6E C:\Windows\System32\drivers\amdxata.sys CEA5F4F27CFC08E3A44D576811B35F50 C:\Windows\System32\Drivers\lgandnetadb.sys EFD1765905491B742C531FF6C38E9EC7 C:\Windows\system32\DRIVERS\lgandnetdiag64.sys 8660C7BFE2CBA7E0B3F5D9ECD05D780E C:\Windows\system32\DRIVERS\lgandnetdiag264.sys 680DEB3075D4F9FFF02A2754A3A3B6FB C:\Windows\system32\DRIVERS\lgandnetmodem64.sys 620F9CDFC8987FE26F6E0DC37D645B45 C:\Windows\system32\drivers\appid.sys 04951A9A937CBE28A2D3FEEA360B6D1F C:\Windows\System32\drivers\arcsas.sys 65045784366F7EC5FB4E71BCF923187B C:\Windows\System32\drivers\atapi.sys 74B14192CF79A72F7536B27CB8814FBD C:\Windows\System32\DRIVERS\avgntflt.sys 4663C5AD76FE8E19592DE808156FA07D C:\Windows\system32\DRIVERS\avipbb.sys 8902AEC2382A37E9E99A4E0D52DBD42B C:\Windows\system32\DRIVERS\avkmgr.sys 390184FAD8FCC1B6DA25AEBAE928C3B6 C:\Windows\System32\drivers\bxvbda.sys A4A73F631FE2AA2826FBE4A399B04DEF C:\Windows\System32\drivers\BasicDisplay.sys 8CC7F7E4AFCBA605921B137ED7992C68 C:\Windows\System32\drivers\BasicRender.sys 38A82F4EE8C416A6744B6D30381ED768 C:\Windows\System32\drivers\bcmfn2.sys C1ABB0F7E3BEA48A0417BDF6FF14AB21 C:\Windows\System32\Drivers\Beep.sys EC19013E4CF87609534165DF897274D6 C:\Windows\System32\DRIVERS\bowser.sys 6B4FFFDDC618FCF64473CAA86E305697 C:\Windows\System32\drivers\BthAvrcpTg.sys A8F23D453A424FF4DE04989C4727ECC7 C:\Windows\System32\drivers\BthEnum.sys 131F1C8573E7BFB41C54FBF5309CCD94 C:\Windows\System32\drivers\bthhfenum.sys 746B9F94214915AECDE4B7FEA5FF9664 C:\Windows\System32\drivers\BthHFHid.sys 71FE2A48E4C93DDB9798C024880B6C07 C:\Windows\System32\drivers\bthmodem.sys 66B791F6B11DC4303DD18A224A501542 C:\Windows\system32\DRIVERS\bthpan.sys 3AFE71D80EDF5D4DE0C5731352905669 C:\Windows\System32\Drivers\BTHport.sys 92370F46AF28D54B67C135FA8C2AFCFC C:\Windows\System32\Drivers\BTHUSB.sys 23E75BED9076F856B36F5F934BBD5795 C:\Windows\System32\DRIVERS\cdfs.sys 2FA6510E33F7DEFEC03658B74101A9B9 C:\Windows\System32\drivers\cdrom.sys C6796EA22B513E3457514D92DCDB1A3D C:\Windows\System32\drivers\circlass.sys BE9936EDD3267FAAFF94A7835867F00B C:\Windows\System32\drivers\CLFS.sys 179A41249055D5F039F1B6703F3B6D2B C:\Windows\System32\drivers\CmBatt.sys EF6EF85DADC3184A10D8F2F7159973CB C:\Windows\system32\drivers\cmudaxp.sys 2A01CA9628F36208A7D188F34B295192 C:\Windows\System32\Drivers\cng.sys 1CD3A907D64D08F49208DA00B69BF35E C:\Windows\System32\drivers\CompositeBus.sys 03AAED827C36F35D70900558B8274905 C:\Windows\System32\drivers\condrv.sys A1FF7DFBFBE164CF92603C651D304DD2 C:\Windows\System32\drivers\csc.sys EE2F3C0D6ADBC975D6B621EC15ACF4E2 C:\Windows\System32\drivers\dam.sys 315BA4BC19316D72B2E037534E048B93 C:\Windows\System32\Drivers\dfsc.sys A03F362C5557E238CBFA914689C77248 C:\Windows\System32\drivers\disk.sys 4D40C9B33F738797CF50E77CB7C53E85 C:\Windows\System32\drivers\dmvsc.sys EB70A894708D1BC176AFD690FF06085F C:\Windows\system32\drivers\drmkaud.sys DDC11A202207C0400CBE07315B8FDE5E C:\Windows\System32\drivers\dxgkrnl.sys C7D252742946DD395670649742FBD73D C:\Windows\system32\DRIVERS\e1i63x64.sys FA988D76745C917CDFE20031C06DE860 C:\Windows\System32\drivers\evbda.sys 114BCFDF367FF37C3F1B0A96AF542E4D C:\Windows\System32\drivers\EhStorClass.sys 43531A5993380CC5113242C29D265FD9 C:\Windows\System32\drivers\EhStorTcgDrv.sys 6F8E738A9505A388B1157FDDE7B3101B C:\Windows\System32\drivers\errdev.sys DFFFAE1442BA4076E18EED5E406FA0D3 C:\Windows\System32\Drivers\exfat.sys 7729D294A555C7AEB281ED8E4D0E01E4 C:\Windows\System32\Drivers\fastfat.sys 7C4E0D5900B2A1D11EDD626D6DDB937B C:\Windows\System32\drivers\fdc.sys 5D8402613E778B3BD45E687A8372710B C:\Windows\System32\drivers\fileinfo.sys BCFD8B149B3ADF92D0DB1E909CAF0265 C:\Windows\System32\drivers\filetrace.sys A1A66C4FDAFD6B0289523232AFB7D8AF C:\Windows\System32\drivers\flpydisk.sys BE743083CF7063C486A4398E3AEFE59A C:\Windows\System32\drivers\fltmgr.sys 6592D192E2823C043EDBC010E7774053 C:\Windows\System32\drivers\FsDepends.sys 35005534E600E993A90B036E4E599F2B C:\Windows\System32\Drivers\Fs_Rec.sys 09F460AFEDCA03F3BF6E07D1CCC9AC42 C:\Windows\System32\DRIVERS\fvevol.sys F152D55E497E12256290C43B31C7D0CE C:\Windows\System32\drivers\fxppm.sys 9591D0B9351ED489EAFD9D1CE52A8015 C:\Windows\System32\drivers\gagp30kx.sys FC3EF65EE20D39F8749C2218DBA681CA C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F C:\Windows\System32\drivers\vmgencounter.sys 0BF5CAD281E25F1418E5B8875DC5ADD1 C:\Windows\System32\Drivers\msgpioclx.sys EF3AE7773394DF49CE74AF78A1C8D23D C:\Windows\system32\drivers\hcmon.sys BDDBCFF870442B3C24C158CD53079132 C:\Windows\system32\drivers\HdAudio.sys 56F69F7C25FB67C970997D7066DBC593 C:\Windows\System32\drivers\HDAudBus.sys 498288DD5CA42C2D36D125893E968C53 C:\Windows\System32\drivers\HidBatt.sys 10A70BC1871CD955D85CD88372724906 C:\Windows\System32\drivers\hidbth.sys 1EA1B4FABB8CC348E73CA90DBA22E104 C:\Windows\System32\drivers\hidi2c.sys C241A8BAFBBFC90176EA0F5240EACC17 C:\Windows\System32\drivers\hidir.sys 9BDDEE26255421017E161CCB9D5EDA95 C:\Windows\System32\drivers\hidusb.sys 8DB8EAB9D0C6A5DF0BDCADEA239220B4 C:\Windows\System32\drivers\HpSAMD.sys A6AACEA4C785789BDA5912AD1FEDA80D C:\Windows\System32\drivers\HTTP.sys 9DDCA7F18983C5410DEFF79F819DF93C C:\Windows\System32\drivers\hwpolicy.sys 90656C0B3864804B090434EFC582404F C:\Windows\System32\drivers\hyperkbd.sys 6D6F9E3BF0484967E52F7E846BFF1CA1 C:\Windows\system32\DRIVERS\HyperVideo.sys 907C870F8C31F8DDD6F090857B46AB25 C:\Windows\System32\drivers\i8042prt.sys 84CFC5EFA97D0C965EDE1D56F116A541 C:\Windows\System32\drivers\iaLPSSi_GPIO.sys 5D90E32E36CE5D4C535D17CE08AEAF05 C:\Windows\System32\drivers\iaLPSSi_I2C.sys DD05E7E80F52ADE9AEB292819920F32C C:\Windows\System32\drivers\iaStorAV.sys 08BFE413B0B4AA8DFA4B5684CE06D3DC C:\Windows\System32\drivers\iaStorV.sys A2200C3033FA4EF249FC096A7A7D02A2 C:\Windows\System32\drivers\intelide.sys 4E448FCFFD00E8D657CD9E48D3E47157 C:\Windows\System32\drivers\intelpep.sys 139CFCDCD36B1B1782FD8C0014AC9B0E C:\Windows\System32\drivers\intelppm.sys 47E74A8E53C7C24DCE38311E1451C1D9 C:\Windows\System32\DRIVERS\ipfltdrv.sys 9DB76D7F9E4E53EFE5DD8C53DE837514 C:\Windows\System32\drivers\IPMIDrv.sys FD9C9E9E3F0ED51502C7E8C066BE26B9 C:\Windows\System32\drivers\ipnat.sys B7342B3C58E91107F6E946A93D9D4EFD C:\Windows\System32\drivers\irenum.sys AE44C526AB5F8A487D941CEB57B10C97 C:\Windows\System32\drivers\isapnp.sys 8AFEEA3955AA43616A60F133B1D25F21 C:\Windows\System32\drivers\msiscsi.sys D90AB68D0FAC9F357F663670FDBB511E C:\Windows\System32\drivers\kbdclass.sys 8BE92376799B6B44D543E8D07CDCF885 C:\Windows\System32\drivers\kbdhid.sys FB6E47E569D4872ABEB506BE03A45FBA C:\Windows\System32\drivers\kbldfltr.sys DB7A09BC90DF20F44F16F8B0F9ED3491 C:\Windows\system32\DRIVERS\kdnic.sys 813871C7D402A05F2E3A7075F9584A05 C:\Windows\System32\Drivers\ksecdd.sys ADDECBCC777665BD113BED437E602AB0 C:\Windows\System32\Drivers\ksecpkg.sys F88CC88F4A6D8476F1664E805CA18CC2 C:\Windows\system32\drivers\ksthunk.sys 11AFB527AA370B1DAFD5C36F35F6D45F C:\Windows\system32\DRIVERS\LEqdUsb.Sys 5EA1731968F2FD0E950DDCE6D36C5134 C:\Windows\system32\DRIVERS\LHidEqd.Sys 50AC0930F05DFB996F085B49E112E5C9 C:\Windows\system32\DRIVERS\LHidFilt.Sys 96EB043E2843B5A87A486D0BC6921094 C:\Windows\system32\DRIVERS\lltdio.sys C09010B3680860131631F53E8FE7BAD8 C:\Windows\system32\DRIVERS\LMouFilt.Sys A5C1DA229B3B660BBF3BDC30ADBFBB61 C:\Windows\System32\drivers\lsi_sas.sys C755AE4635457AA2A11F79C0DF857ABC C:\Windows\System32\drivers\lsi_sas2.sys ADAC09CBE7A2040B7F68B5E5C9A75141 C:\Windows\System32\drivers\lsi_sas3.sys 04D1274BB9BBCCF12BD12374002AA191 C:\Windows\System32\drivers\lsi_sss.sys 327469EEF3833D0C584B7E88A76AEC0C C:\Windows\system32\drivers\luafv.sys DDEE191AB32DFC22C6465002ECDF5EE4 C:\Windows\System32\drivers\megasas.sys EB5C03A070F30D64A6DF80E53B22F53F C:\Windows\System32\drivers\megasr.sys F6F13533196DE7A582D422B0241E4363 C:\Windows\System32\drivers\modem.sys 8B38C44F69259987C95135C9627E2378 C:\Windows\System32\drivers\monitor.sys 601589000CC90F0DF8DA2CC254A3CCC9 C:\Windows\System32\drivers\mouclass.sys CEAC6D40FE887CE8406C2393CF97DE06 C:\Windows\System32\drivers\mouhid.sys 02D98BF804084E9A0D69D1C69B02CCA9 C:\Windows\System32\drivers\mountmgr.sys 515549560D481138E6E21AF7C6998E56 C:\Windows\System32\drivers\mpsdrv.sys F170510BE94CF45E3C6274578F6204B2 C:\Windows\system32\drivers\mrxdav.sys 1D55DADC22D21883A2F80297F5A5AE48 C:\Windows\System32\DRIVERS\mrxsmb.sys 7A1A3F213CDB3363D179D5014272025D C:\Windows\System32\DRIVERS\mrxsmb10.sys 3E28B99198B514DFEB152EACF913025E C:\Windows\System32\DRIVERS\mrxsmb20.sys 5C42CEE3E2018E1DFC6E3E17240A432A C:\Windows\system32\DRIVERS\bridge.sys 4E888019078AC363076A5433E89AA4F8 C:\Windows\System32\Drivers\Msfs.sys D13329FBF8345B28AB30F44CC247DC08 C:\Windows\System32\drivers\msgpiowin32.sys C6B474E46F9E543B875981ED3FFE6ADD C:\Windows\System32\drivers\mshidkmdf.sys 65C92EB9D08DB5C69F28C7FFD4E84E31 C:\Windows\System32\drivers\mshidumdf.sys 52299F086AC2DAFD100DD5DC4A8614BA C:\Windows\System32\drivers\msisadrv.sys 36D92AF3343C3A3E57FEF11C449AEA4C C:\Windows\system32\drivers\MSKSSRV.sys A9BBBD2BAE6142253B9195E949AC2E8D C:\Windows\system32\DRIVERS\mslldp.sys 375E44168F2DFB91A68B8A3F619C5A7C C:\Windows\system32\drivers\MSPCLOCK.sys 7B2128EB875DCBC006E6A913211006D6 C:\Windows\system32\drivers\MSPQM.sys 1E88171579B218115C7A772F8DE04BD8 C:\Windows\System32\Drivers\MsRPC.sys BBE2A455053E63BECBF42C2F9B21FAE0 C:\Windows\System32\drivers\mssmbios.sys 8D6B7D515C5CBCDB75B928A0B73C3C5E C:\Windows\system32\drivers\MSTEE.sys 115019AE01E0EB9C048530D2928AB4A2 C:\Windows\System32\drivers\MTConfig.sys 96D604A35070360F0DD4A7A8AF410B5E C:\Windows\System32\Drivers\mup.sys 619CA29326B82372621DB2C0964D8365 C:\Windows\System32\drivers\mvumis.sys B8C35C94DCB2DFEAF03BB42131F2F77F C:\Windows\system32\DRIVERS\nwifi.sys 78514B073CC5775800A65BFB82A0D66B C:\Windows\System32\drivers\ndis.sys F21B77B4D74092A543807D3CEB711A88 C:\Windows\system32\DRIVERS\ndiscap.sys C6BB12BC35D1637CA17AE16D3A4725EB C:\Windows\system32\DRIVERS\NdisImPlatform.sys 9F1DA20E943BE7AA4ED5F3E1EBA78B37 C:\Windows\system32\DRIVERS\ndistapi.sys 9423421E735BD5394351E0C47C76BB92 C:\Windows\system32\DRIVERS\ndisuio.sys B832B35055BA2B7B4181861FF94D8E59 C:\Windows\System32\drivers\NdisVirtualBus.sys 1F58E48EF75F34C35D8E93A0DC535CFE C:\Windows\system32\DRIVERS\ndiswan.sys DEC29080202D4F9F17F55E18BCFCC41A C:\Windows\system32\DRIVERS\ndiswan.sys DEC29080202D4F9F17F55E18BCFCC41A C:\Windows\System32\Drivers\NDProxy.sys A5BD69A8812FA79D1A487691DD3FB244 C:\Windows\System32\drivers\Ndu.sys 5A072F0B90C29C5233D78BE33EF5ED78 C:\Windows\System32\DRIVERS\netbios.sys A83D67D347A684F10B7D3019C8A6380C C:\Windows\System32\DRIVERS\netbt.sys 0217532E19A748F0E5D569307363D5FD C:\Windows\system32\DRIVERS\netvsc63.sys 70414DB660BFBB7BD58FCE8EA4364E1B C:\Windows\System32\Drivers\Npfs.sys 8F44A2F57C9F1A19AC9C6288C10FB351 C:\Windows\System32\drivers\npsvctrig.sys CBDB4F0871C88DF930FC0E8588CA67FC C:\Windows\System32\drivers\nsiproxy.sys E490B459978CB87779E84C761D22B827 C:\Windows\System32\Drivers\Ntfs.sys 1C80517BE6836A812F6A9B99B8321351 C:\Windows\System32\Drivers\Null.sys EF1B290FC9F0E47CC0B537292BEE5904 C:\Windows\System32\drivers\nvraid.sys BC6B5942AFF25EBAF62DE43C3807EDF8 C:\Windows\System32\drivers\nvstor.sys 1F43ABFFAC3D6CA356851D517392966E C:\Windows\System32\drivers\nv_agp.sys 6934A936A7369DFE37B7DBA93F5E5E49 C:\Windows\System32\drivers\parport.sys 764B1121867B2D9B31C491668AC72B2B C:\Windows\System32\drivers\partmgr.sys EF0C1749C9A8CEE9A457473D433CC00F C:\Windows\System32\drivers\pci.sys 275AFE3FA35E8D78BE97695DF49817C6 C:\Windows\System32\drivers\pciide.sys 346E38FCC6859A727DD28AFAD1F0AFF4 C:\Windows\System32\drivers\pcmcia.sys 4D3BDCC1C7B40C9D7B6AD990E6DEC397 C:\Windows\System32\drivers\pcw.sys BF28771D1436C88BE1D297D3098B0F7D C:\Windows\System32\drivers\pdc.sys B9D968D8E2B0F9C6301CEB39CFC9B9E4 C:\Windows\System32\drivers\peauth.sys 0ECEE590F2E2EF969FB74A6FC583A1E6 C:\Windows\System32\drivers\processr.sys ECD373F9571C745894367CC2635EA44F C:\Windows\system32\DRIVERS\pacer.sys 8528BB05E4D4E25945F78B00B2555FB7 C:\Windows\system32\pwdrvio.sys C32ECB99AD25E9A04F01C8665DF29EF8 C:\Windows\system32\pwdspio.sys D619356B955EEFA642F5FF72755E8B3C C:\Windows\system32\drivers\qwavedrv.sys 3FB466684609A4329858CF2EBD62E0FD C:\Windows\System32\DRIVERS\rasacd.sys 2C56F0EE27E4EF70CA4B4983D3638905 C:\Windows\system32\DRIVERS\raspppoe.sys 5247F308C4103CDC4FE12AE1D235800A C:\Windows\System32\DRIVERS\rdbss.sys A1A5E79C0D1352AFDC08328A623DA051 C:\Windows\System32\drivers\rdpbus.sys 6B21EBF892CD8CACB71669B35AB5DE32 C:\Windows\System32\drivers\rdpdr.sys 680C1DAE268B6FB67FA21B389A8B79EF C:\Windows\System32\drivers\rdpvideominiport.sys 858776908AF838E3790F3261B799CDA6 C:\Windows\System32\drivers\rdyboost.sys A26AEC49F318FEE141DDDB2C5F99B3E6 C:\Windows\System32\Drivers\ReFS.sys E515A287C8FAE901EB8FB42F168E14F2 C:\Windows\system32\DRIVERS\rfcomm.sys 0527EF6E23B9FAB37DDCBC479C6CFA28 C:\Windows\system32\DRIVERS\rspndr.sys 2D05A5508F4685412F2B89E8C2189ABC C:\Windows\System32\drivers\vms3cap.sys 1A063730F221B2746FF00457AE17E4F0 C:\Windows\system32\drivers\SandBox64.sys CB08A85D0CCC29F2D84D97D3A445841A C:\Windows\System32\drivers\sbp2port.sys C624A1B32211C3166EDB3F4AB02A30B7 C:\Windows\System32\DRIVERS\scfilter.sys ABD0237B15DBD2B4695F4B7D734A58F7 C:\Windows\System32\drivers\sdbus.sys FDEC5799BA499D18AFA3A540538866E7 C:\Windows\System32\drivers\sdstor.sys 0B1E929D11A8E358106955603FAC65E8 C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit C:\Windows\System32\drivers\SerCx.sys DB2FF24CE0BDD15FE75870AFE312BA89 C:\Windows\System32\drivers\SerCx2.sys 0044B31F93946D5D41982314381FE431 C:\Windows\System32\drivers\serenum.sys 3CD600C089C1251BEEB4CD4CD5164F9E C:\Windows\System32\drivers\serial.sys D864381BC9C725FAB01D94C060660166 C:\Windows\System32\drivers\sermouse.sys 0BD2B65DCE756FDE95A2E5CCCBF7705D C:\Windows\System32\drivers\sfloppy.sys 472B7A5AC181C050888DB454663DD764 C:\Windows\System32\drivers\SiSRaid2.sys 2F518D13DD6F3053837FE606F1A2EA1F C:\Windows\System32\drivers\sisraid4.sys 1AC9A200A9C49C4508F04AAFFCA34A3F C:\Windows\System32\drivers\spaceport.sys 33977549C2CED09936E05BEE7659EAFF C:\Windows\System32\drivers\SpbCx.sys F337BE11071818FC3F5DC2940B6BDE34 C:\Windows\System32\DRIVERS\srv.sys 2B78788A1485F9B99A578A299DF42C02 C:\Windows\System32\DRIVERS\srv2.sys FD163F487CBA9C98AFFEB546C80F49A2 C:\Windows\System32\DRIVERS\srvnet.sys 716059F37BCCB1ABEDE99EBE82E8E362 C:\Windows\System32\drivers\stexstor.sys 366DEA74BBA65B362BCCFC6FC2ADFD8B C:\Windows\System32\drivers\storahci.sys 0ED2E318ABB68C1A35A8B8038BDB4C90 C:\Windows\System32\DRIVERS\vmstorfl.sys 7A08CEE1535F5A448215634C5EA74E50 C:\Windows\System32\drivers\stornvme.sys 6B06E2D11E604BE2B1A406C4CB3B90DE C:\Windows\System32\drivers\storvsc.sys 548759755BC73DAD663250239D7E0B9F C:\Windows\System32\drivers\storvsp.sys 03618F935379614837F915D04C45FC0E C:\Windows\System32\drivers\swenum.sys 84E0F5D41C138C5CC975137A2A98F6D3 C:\Windows\System32\drivers\tcpip.sys 4B666AE119D2ADBAC816BEA7DB4D6881 C:\Windows\system32\DRIVERS\tcpip.sys 4B666AE119D2ADBAC816BEA7DB4D6881 C:\Windows\System32\drivers\tcpipreg.sys 41CF802064F72E55F50CA0A221FD36D4 C:\Windows\system32\DRIVERS\tdx.sys FFF28F9F6823EB1756C60F1649560BBF C:\Windows\System32\drivers\terminpt.sys 232D185D2337F141311D0CF1983E1431 C:\Windows\system32\drivers\tpm.sys 82F909359600D3603FE852DB7F135626 C:\Windows\System32\drivers\tsusbflt.sys BF8F54CA37E9C9D6582C31C5761F8C93 C:\Windows\System32\drivers\TsUsbGD.sys E0088068DCE2EE82897027DDB8E05254 C:\Windows\system32\DRIVERS\tunnel.sys C8E0E78B5D284C2FF59BDFFDAF997242 C:\Windows\System32\drivers\uagp35.sys F6EEAD052943B5A3104C1405BB856C54 C:\Windows\System32\drivers\uaspstor.sys FE6067B1FD4E63650C667B33D080565B C:\Windows\System32\drivers\ucx01000.sys B034A41891A36457B994307DFA772293 C:\Windows\System32\DRIVERS\udfs.sys 1EC649F112896FAE33250F0B97AC5D0B C:\Windows\System32\drivers\UEFI.sys 9578691F297E1B1F519970FE6D47CB21 C:\Windows\System32\drivers\uliagpkx.sys 5EAB5117DDB24FC4D39E6FFFCF1837B9 C:\Windows\System32\drivers\umbus.sys DA34C39A18E60E7C3FA0630566408034 C:\Windows\System32\drivers\umpass.sys AE8294875E5446E359B1E8035D40C05E C:\Windows\System32\Drivers\usbaapl64.sys C9E9D59C0099A9FF51697E9306A44240 C:\Windows\System32\drivers\usbccgp.sys 433ECDE01A52691FA7ACA51C10C09B70 C:\Windows\System32\drivers\usbcir.sys B3D6457D841A0CAEF4C52D88621715F2 C:\Windows\System32\drivers\usbehci.sys DE9C8D03C010969CAD96ACAFC9FD1901 C:\Windows\System32\drivers\usbhub.sys 0F35ADB37DF6AF6BDFB725ECC6C2FD1B C:\Windows\System32\drivers\UsbHub3.sys CFC52C49BEFE4D70D87FFA900EAB9777 C:\Windows\System32\drivers\usbohci.sys 3019097FB6C985EF24C058090FF3BDBD C:\Windows\System32\drivers\usbprint.sys 4D655E3B684BE9B0F7FFD8A2935C348C C:\Windows\system32\DRIVERS\usbscan.sys F04D164C4168701A4E7835607722E5F1 C:\Windows\System32\drivers\USBSTOR.SYS EA23453240137F6773174E0D93F61A69 C:\Windows\System32\drivers\usbuhci.sys 6BD2B29B58E12B478B2FB2E8866AE784 C:\Windows\System32\drivers\USBXHCI.SYS 48430B0313FC1CFE3D2400553F1A93CD C:\Windows\System32\drivers\vdrvroot.sys FEB26E3B8345A7E8D62F945C4AE86562 C:\Windows\System32\drivers\VerifierExt.sys A026EDEAA5EECAE0B08E2748B616D4BD C:\Windows\System32\drivers\vhdmp.sys 52E483A3701A5A61A75A06993720347D C:\Windows\System32\drivers\viaide.sys 06D38968028E9AB19DE9B618C7B6D199 C:\Windows\System32\drivers\Vid.sys 3CE922E34DB12D9F3C0EA856BC09687C C:\Windows\System32\drivers\vmbus.sys C6305BDFC4F7CE51F72BB072C03D4ACE C:\Windows\System32\drivers\VMBusHID.sys DA40BEA0A863CE768C940CA9723BF81F C:\Windows\System32\drivers\vmbusr.sys 68F8C26DEA2D42E8DEC0778943433C80 C:\Windows\System32\drivers\vmci.sys BE8E5E5D53ACF71D4E8E686B68C99B04 C:\Windows\system32\DRIVERS\vmnetadapter.sys 18AA5F4A3B1204AD00045EE5AD39BCDB C:\Windows\system32\DRIVERS\vmnetbridge.sys 04CD4347CD9E8C40F78AD51F7FF426D0 C:\Windows\system32\drivers\vmnetuserif.sys 50160AC31D1820C10BEE0D26707298E0 C:\Windows\System32\drivers\vmusb.sys 3770822B78B9866C36DBE231F8B9FA36 C:\Windows\system32\drivers\vmx86.sys 11CAB5305913D3510854A2BD6D5ED1FB C:\Windows\System32\drivers\volmgr.sys 55D7D963DE85162F1C49721E502F9744 C:\Windows\System32\drivers\volmgrx.sys CCB9E901F7254BF96D28EB1B0E5329B7 C:\Windows\System32\drivers\volsnap.sys 4BB9BC49DEE1A319EC58274A7BBED663 C:\Windows\System32\drivers\vpci.sys 01355C98B5C3ED1EC446743CDA848FCE C:\Windows\System32\drivers\vpcivsp.sys ADBE96C33D1A5BB1BBAF90B4BC84F523 C:\Windows\System32\drivers\vsmraid.sys 4539F45F9F4C9757A86A56C949421E07 C:\Windows\System32\drivers\vsock.sys CB4D2E3C5E8BFA3CF6AFFF6DDC6CC70D C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys E7CE8988B98202A5CF429CA358D26CC5 C:\Windows\System32\drivers\vstxraid.sys 0849B7260F26FE05EA56DED0672E2F4B C:\Windows\System32\drivers\vwifibus.sys BE970C369E43B509C1EDA2B8FA7CECB0 C:\Windows\System32\drivers\wacompen.sys 0910AB9ED404C1434E2D0376C2AD5D8B C:\Windows\system32\drivers\WdBoot.sys F5D4FA3E1F4879C361FFF3855259D2C2 C:\Windows\System32\drivers\Wdf01000.sys CB6C63FF8342B467E2EF76E98D5B934D C:\Windows\system32\drivers\WdFilter.sys 019CC610AD95FF47EAD7C08B7A683B96 C:\Windows\System32\Drivers\WdNisDrv.sys 6CC1BB8F6851A262E2E824F0E92D5EEF C:\Windows\System32\DRIVERS\wfplwfs.sys BFBE1C5F57FE7A885673A1962D5532B7 C:\Windows\System32\drivers\wimmount.sys 867BCC69ED9C31C501465EB0E8BA9DFA C:\Windows\system32\DRIVERS\WinUsb.sys AC263C2F66405589528995AA41040599 C:\Windows\System32\drivers\wmiacpi.sys 2834D9D3B4F554A39C72F00EA3F0E128 C:\Windows\System32\Drivers\Wof.sys 7FC5667DF73D4B04AA457CC3A4180E09 C:\Windows\System32\DRIVERS\wpcfltr.sys 182561A14F2E93E81E66FE3700D17A5A C:\Windows\System32\drivers\WpdUpFltr.sys 9F2904B55F6CECCD1A8D986B5CE2609A C:\Windows\system32\drivers\ws2ifsl.sys AE072B0339D0A18E455DC21666CAD572 C:\Windows\System32\drivers\WudfPf.sys 2FEAE33E9B2B56104596E1BA444405A9 C:\Windows\System32\drivers\WUDFRd.sys 19240C13F526125554B5370566F21A0A C:\Windows\system32\DRIVERS\WUDFRd.sys 19240C13F526125554B5370566F21A0A C:\Windows\system32\DRIVERS\WUDFRd.sys 19240C13F526125554B5370566F21A0A C:\Windows\system32\DRIVERS\WUDFRd.sys 19240C13F526125554B5370566F21A0A ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-19 06:48 - 2014-08-19 06:49 - 00105177 _____ () C:\Users\Woei Shyang\Downloads\FRST.txt 2014-08-19 06:48 - 2014-08-19 06:48 - 00000000 ____D () C:\FRST 2014-08-19 06:47 - 2014-08-19 06:47 - 02101760 _____ (Farbar) C:\Users\Woei Shyang\Downloads\FRST64.exe 2014-08-18 09:27 - 2014-08-18 09:27 - 00086686 _____ () C:\Users\Woei Shyang\Downloads\Extras.Txt 2014-08-18 09:26 - 2014-08-18 09:26 - 00183894 _____ () C:\Users\Woei Shyang\Downloads\OTL.Txt 2014-08-17 18:23 - 2014-08-17 18:23 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-08-16 12:24 - 2014-08-16 12:24 - 00043696 _____ () C:\Users\Woei Shyang\Downloads\contagion_english-562922.zip 2014-08-16 08:34 - 2014-08-16 08:34 - 00000000 ___DL () C:\Windows\system32\sru 2014-08-15 21:32 - 2014-08-15 21:32 - 00029511 _____ () C:\Users\Woei Shyang\Downloads\0f04098cfbbcf2a0b704ccb431e8d5dd9c20c579.zip 2014-08-15 11:39 - 2014-08-15 11:39 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Woei Shyang\Downloads\rkill.exe 2014-08-15 11:38 - 2014-08-15 11:39 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Woei Shyang\Downloads\tdsskiller.exe 2014-08-15 11:36 - 2014-08-15 11:48 - 00002890 _____ () C:\Users\Woei Shyang\Desktop\unhide.txt 2014-08-15 11:35 - 2014-08-15 11:35 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\Woei Shyang\Downloads\unhide.exe 2014-08-15 11:31 - 2014-08-15 11:31 - 05571320 _____ (Swearware) C:\Users\Woei Shyang\Downloads\ComboFix.exe 2014-08-15 11:24 - 2014-08-15 12:16 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-15 11:24 - 2014-08-15 11:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-08-15 11:24 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-08-15 11:24 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-08-15 11:24 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-08-15 11:23 - 2014-08-15 11:24 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Woei Shyang\Downloads\mbam-setup-2.0.2.1012.exe 2014-08-15 10:06 - 2014-08-15 10:06 - 01121208 _____ () C:\Users\Woei Shyang\Downloads\ProcessMonitor.zip 2014-08-13 14:16 - 2014-08-13 14:16 - 22202592 _____ (腾讯科技(深圳)有限公司) C:\Users\Woei Shyang\Downloads\weiyun_windows_2.2.0.1154 (1).exe 2014-08-13 14:13 - 2014-08-19 06:37 - 00000000 ____D () C:\Program Files (x86)\Tencent 2014-08-13 14:13 - 2014-08-18 09:14 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\Tencent 2014-08-13 14:13 - 2014-08-13 14:13 - 22202592 _____ (腾讯科技(深圳)有限公司) C:\Users\Woei Shyang\Downloads\weiyun_windows_2.2.0.1154.exe 2014-08-13 14:13 - 2014-08-13 14:13 - 12570536 _____ (腾讯科技(深圳)有限公司) C:\Users\Woei Shyang\Downloads\weiyun_sync_2.0.0.532.exe 2014-08-13 14:10 - 2014-08-13 14:10 - 00561688 _____ (Tencent) C:\Users\Woei Shyang\Downloads\WeiYunWebKitPlugin.exe 2014-08-13 14:10 - 2014-08-13 14:10 - 00000000 ____D () C:\Program Files (x86)\QQMailPlugin 2014-08-13 13:31 - 2014-08-13 13:31 - 00000000 ____D () C:\Program Files\FolderSize 2014-08-13 13:29 - 2014-08-13 13:29 - 00294912 _____ () C:\Users\Woei Shyang\Downloads\FolderSize-2.6-x64.msi 2014-08-12 22:04 - 2014-08-12 22:04 - 00003380 _____ () C:\Windows\System32\Tasks\Intel_C_CVDA334000JX2403GN 2014-08-12 19:22 - 2014-08-12 19:22 - 00045231 _____ () C:\Users\Woei Shyang\Downloads\captain-america-the-winter-soldier_english-957682.zip 2014-08-12 06:20 - 2014-08-12 06:20 - 00602112 _____ (OldTimer Tools) C:\Users\Woei Shyang\Downloads\OTL.exe 2014-08-11 12:30 - 2014-08-11 12:30 - 07776256 _____ () C:\Users\Woei Shyang\Downloads\openrecovery-twrp-2.7.0.0-i9305(1).img 2014-08-11 11:25 - 2014-08-11 11:25 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll 2014-08-11 11:25 - 2014-08-11 11:25 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll 2014-08-11 11:25 - 2014-08-11 11:25 - 00000000 ____D () C:\usb_driver 2014-08-11 11:22 - 2014-08-11 11:39 - 00000000 ____D () C:\Users\Woei Shyang\Downloads\Heimdall Suite 2014-08-11 11:21 - 2014-08-11 11:22 - 10013808 _____ () C:\Users\Woei Shyang\Downloads\heimdall-suite-1.4.0-win32.zip 2014-08-11 11:11 - 2014-08-11 11:11 - 07776256 _____ () C:\Users\Woei Shyang\Downloads\openrecovery-twrp-2.7.0.0-i9305.img 2014-08-10 12:19 - 2014-08-10 12:19 - 00000000 ____D () C:\Program Files (x86)\MiniTool Partition Wizard Home Edition 8.1.1 2014-08-10 12:19 - 2013-09-30 16:26 - 03050808 _____ () C:\Windows\system32\pwNative.exe 2014-08-10 12:19 - 2013-09-30 16:26 - 00019152 ____N () C:\Windows\system32\pwdrvio.sys 2014-08-10 12:19 - 2013-09-30 16:26 - 00012504 ____N () C:\Windows\system32\pwdspio.sys 2014-08-10 12:18 - 2014-08-10 12:18 - 20772800 _____ (MiniTool Solution Ltd. ) C:\Users\Woei Shyang\Downloads\pwhe8.exe 2014-08-09 16:24 - 2014-08-09 16:24 - 00000000 ____D () C:\Program Files (x86)\LG Electronics 2014-08-09 16:24 - 2014-08-09 16:24 - 00000000 ____D () C:\LGE988 2014-08-09 16:24 - 2012-07-03 11:58 - 00031744 _____ (Google Inc) C:\Windows\system32\Drivers\lgandnetadb.sys 2014-08-09 16:24 - 2012-07-03 11:50 - 00036352 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetmodem64.sys 2014-08-09 16:24 - 2012-07-03 11:50 - 00029184 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetdiag64.sys 2014-08-09 16:24 - 2012-07-03 11:50 - 00029184 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetdiag264.sys 2014-08-09 16:24 - 2011-07-18 06:03 - 01919968 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01005.dll 2014-08-09 16:15 - 2014-08-09 16:15 - 00000000 ____D () C:\Users\Woei Shyang\.android 2014-08-09 16:14 - 2014-08-09 16:23 - 00002411 _____ () C:\Windows\SysWOW64\lgAxconfig.ini 2014-08-09 16:14 - 2011-05-06 10:37 - 00655872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr90.dll 2014-08-09 16:14 - 2011-05-06 10:37 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp90.dll 2014-08-09 16:14 - 2011-05-06 10:37 - 00224768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcm90.dll 2014-08-09 16:14 - 2006-04-30 05:33 - 00053248 _____ () C:\Windows\SysWOW64\CommonDL.dll 2014-08-09 16:14 - 2005-11-19 23:34 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4r.dll 2014-08-09 16:14 - 2005-09-29 22:39 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4a.dll 2014-08-09 16:14 - 2005-09-07 11:51 - 01233920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4.dll 2014-08-09 16:13 - 2014-08-09 16:13 - 00636571 _____ () C:\Users\Woei Shyang\Downloads\(MAC)LGUnitedMobile_Mac_Driver_Ver_4.9.zip 2014-08-09 16:13 - 2014-08-09 16:13 - 00261208 _____ (LG Electronics) C:\Users\Woei Shyang\Downloads\B2CAppSetup(1).exe 2014-08-09 16:11 - 2014-08-09 16:11 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2014-08-09 16:09 - 2014-08-09 16:09 - 00000000 ____D () C:\Users\Woei Shyang\Downloads\E988 2014-08-09 16:08 - 2014-08-09 16:08 - 01420041 _____ () C:\Users\Woei Shyang\Downloads\roottool.zip 2014-08-09 09:57 - 2014-08-09 09:58 - 71166269 _____ () C:\Users\Woei Shyang\Downloads\Black_Mesa_Soundtrack.zip 2014-08-06 18:15 - 2014-08-07 18:02 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\TaobaoProtect 2014-08-01 20:11 - 2014-08-01 20:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-08-01 19:35 - 2014-08-01 19:35 - 00165961 _____ () C:\Users\Woei Shyang\Downloads\full_of_resources_3_11.zip 2014-08-01 19:35 - 2014-08-01 19:35 - 00165961 _____ () C:\Users\Woei Shyang\Downloads\full_of_resources_3_11 (1).zip 2014-08-01 19:33 - 2014-08-01 19:33 - 00102834 _____ () C:\Users\Woei Shyang\Downloads\SmartMapV91.zip 2014-08-01 19:30 - 2014-08-01 19:30 - 02469508 _____ () C:\Users\Woei Shyang\Downloads\Civ4_Map_Scripts.zip 2014-07-31 21:02 - 2014-07-31 21:02 - 00050150 _____ () C:\Users\Woei Shyang\Downloads\perfectworld2.zip 2014-07-31 20:56 - 2014-07-31 20:56 - 00002675 _____ () C:\Users\Woei Shyang\Downloads\4f_1h_1sr.zip 2014-07-26 12:42 - 2014-07-26 12:42 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Local\My Games 2014-07-25 19:33 - 2014-07-25 19:33 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Manager 2014-07-25 19:32 - 2014-08-18 15:37 - 00000964 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1205358742-1771774525-369522282-1001UA.job 2014-07-25 19:32 - 2014-08-17 19:37 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1205358742-1771774525-369522282-1001Core.job 2014-07-25 19:32 - 2014-07-25 19:32 - 00895120 _____ (Google Inc.) C:\Users\Woei Shyang\Downloads\musicmanagerinstaller (1).exe 2014-07-25 19:32 - 2014-07-25 19:32 - 00003922 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1205358742-1771774525-369522282-1001UA 2014-07-25 19:32 - 2014-07-25 19:32 - 00003542 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1205358742-1771774525-369522282-1001Core 2014-07-25 07:29 - 2014-07-25 07:29 - 04756992 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll 2014-07-25 07:29 - 2014-07-25 07:29 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe 2014-07-25 07:29 - 2014-07-25 07:29 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll 2014-07-23 06:45 - 2014-07-23 06:46 - 393563883 _____ () C:\Users\Woei Shyang\Downloads\CleanROM-3.6.zip ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-19 06:49 - 2014-08-19 06:48 - 00105177 _____ () C:\Users\Woei Shyang\Downloads\FRST.txt 2014-08-19 06:49 - 2014-07-04 10:40 - 00121017 _____ () C:\Windows\system32\config\rules.rdb 2014-08-19 06:48 - 2014-08-19 06:48 - 00000000 ____D () C:\FRST 2014-08-19 06:47 - 2014-08-19 06:47 - 02101760 _____ (Farbar) C:\Users\Woei Shyang\Downloads\FRST64.exe 2014-08-19 06:47 - 2014-05-13 19:25 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-08-19 06:44 - 2014-05-05 16:05 - 01257966 _____ () C:\Windows\WindowsUpdate.log 2014-08-19 06:43 - 2014-05-05 16:11 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1205358742-1771774525-369522282-1001 2014-08-19 06:41 - 2014-05-05 16:16 - 00003978 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{406703F3-B299-4021-947F-1950D31BC8B9} 2014-08-19 06:40 - 2014-05-05 16:20 - 00000938 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-08-19 06:39 - 2014-05-05 18:00 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\Copy 2014-08-19 06:39 - 2014-05-05 16:43 - 00000000 ___RD () C:\Users\Woei Shyang\Dropbox 2014-08-19 06:38 - 2014-05-06 06:24 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\jEdit 2014-08-19 06:38 - 2014-05-05 17:10 - 00000000 ___DO () C:\Users\Woei Shyang\OneDrive 2014-08-19 06:38 - 2014-05-05 16:45 - 00000000 ___RD () C:\Users\Woei Shyang\Google Drive 2014-08-19 06:38 - 2014-05-05 16:37 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\.purple 2014-08-19 06:38 - 2014-05-05 16:22 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\Dropbox 2014-08-19 06:38 - 2014-05-05 16:20 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-08-19 06:37 - 2014-08-13 14:13 - 00000000 ____D () C:\Program Files (x86)\Tencent 2014-08-19 06:37 - 2014-05-05 16:20 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-08-19 06:37 - 2013-08-22 22:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-08-18 16:35 - 2014-07-04 13:23 - 00470698 _____ () C:\Windows\system32\config\afw_db.conf 2014-08-18 16:35 - 2014-07-04 13:23 - 00000796 _____ () C:\Windows\system32\config\afw_hm.conf 2014-08-18 16:35 - 2014-05-05 18:37 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\KeePass 2014-08-18 16:35 - 2013-08-22 21:25 - 00262144 ___SH () C:\Windows\system32\config\BBI 2014-08-18 15:37 - 2014-07-25 19:32 - 00000964 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1205358742-1771774525-369522282-1001UA.job 2014-08-18 09:27 - 2014-08-18 09:27 - 00086686 _____ () C:\Users\Woei Shyang\Downloads\Extras.Txt 2014-08-18 09:26 - 2014-08-18 09:26 - 00183894 _____ () C:\Users\Woei Shyang\Downloads\OTL.Txt 2014-08-18 09:18 - 2014-06-19 10:05 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\AgileBits 2014-08-18 09:14 - 2014-08-13 14:13 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\Tencent 2014-08-18 08:50 - 2014-03-18 17:54 - 00091458 _____ () C:\Windows\PFRO.log 2014-08-17 19:37 - 2014-07-25 19:32 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1205358742-1771774525-369522282-1001Core.job 2014-08-17 19:29 - 2014-05-05 18:14 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Local\Transmission Remote GUI 2014-08-17 18:23 - 2014-08-17 18:23 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-08-17 18:22 - 2014-07-17 15:10 - 00000000 ____D () C:\Program Files (x86)\AliWangWang 2014-08-16 12:24 - 2014-08-16 12:24 - 00043696 _____ () C:\Users\Woei Shyang\Downloads\contagion_english-562922.zip 2014-08-16 08:34 - 2014-08-16 08:34 - 00000000 ___DL () C:\Windows\system32\sru 2014-08-16 08:30 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\system32\winevt 2014-08-16 08:22 - 2014-05-05 17:39 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\VMware 2014-08-16 08:22 - 2014-05-05 17:39 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Local\VMware 2014-08-16 08:10 - 2014-05-06 08:15 - 00000600 _____ () C:\Users\Woei Shyang\AppData\Local\PUTTY.RND 2014-08-15 21:32 - 2014-08-15 21:32 - 00029511 _____ () C:\Users\Woei Shyang\Downloads\0f04098cfbbcf2a0b704ccb431e8d5dd9c20c579.zip 2014-08-15 16:37 - 2013-11-19 11:58 - 00850432 ___SH () C:\Users\Woei Shyang\Desktop\Thumbs.db 2014-08-15 12:16 - 2014-08-15 11:24 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-08-15 11:48 - 2014-08-15 11:36 - 00002890 _____ () C:\Users\Woei Shyang\Desktop\unhide.txt 2014-08-15 11:39 - 2014-08-15 11:39 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Woei Shyang\Downloads\rkill.exe 2014-08-15 11:39 - 2014-08-15 11:38 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Woei Shyang\Downloads\tdsskiller.exe 2014-08-15 11:35 - 2014-08-15 11:35 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\Woei Shyang\Downloads\unhide.exe 2014-08-15 11:31 - 2014-08-15 11:31 - 05571320 _____ (Swearware) C:\Users\Woei Shyang\Downloads\ComboFix.exe 2014-08-15 11:24 - 2014-08-15 11:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-08-15 11:24 - 2014-08-15 11:23 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Woei Shyang\Downloads\mbam-setup-2.0.2.1012.exe 2014-08-15 10:55 - 2013-08-22 22:46 - 00024980 _____ () C:\Windows\setupact.log 2014-08-15 10:06 - 2014-08-15 10:06 - 01121208 _____ () C:\Users\Woei Shyang\Downloads\ProcessMonitor.zip 2014-08-14 21:09 - 2014-05-05 18:01 - 00000000 ___RD () C:\Users\Woei Shyang\Copy 2014-08-14 18:07 - 2014-05-05 16:22 - 00001092 _____ () C:\Users\Woei Shyang\Desktop\Dropbox.lnk 2014-08-14 18:07 - 2014-05-05 16:22 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-08-14 05:57 - 2014-05-05 17:13 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\uTorrent 2014-08-14 05:52 - 2014-07-17 16:27 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\WWApk 2014-08-13 20:23 - 2014-02-24 06:21 - 00000000 ____D () C:\Users\Woei Shyang\dwhelper 2014-08-13 14:16 - 2014-08-13 14:16 - 22202592 _____ (腾讯科技(深圳)有限公司) C:\Users\Woei Shyang\Downloads\weiyun_windows_2.2.0.1154 (1).exe 2014-08-13 14:13 - 2014-08-13 14:13 - 22202592 _____ (腾讯科技(深圳)有限公司) C:\Users\Woei Shyang\Downloads\weiyun_windows_2.2.0.1154.exe 2014-08-13 14:13 - 2014-08-13 14:13 - 12570536 _____ (腾讯科技(深圳)有限公司) C:\Users\Woei Shyang\Downloads\weiyun_sync_2.0.0.532.exe 2014-08-13 14:10 - 2014-08-13 14:10 - 00561688 _____ (Tencent) C:\Users\Woei Shyang\Downloads\WeiYunWebKitPlugin.exe 2014-08-13 14:10 - 2014-08-13 14:10 - 00000000 ____D () C:\Program Files (x86)\QQMailPlugin 2014-08-13 13:31 - 2014-08-13 13:31 - 00000000 ____D () C:\Program Files\FolderSize 2014-08-13 13:29 - 2014-08-13 13:29 - 00294912 _____ () C:\Users\Woei Shyang\Downloads\FolderSize-2.6-x64.msi 2014-08-13 08:29 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\system32\FxsTmp 2014-08-12 22:04 - 2014-08-12 22:04 - 00003380 _____ () C:\Windows\System32\Tasks\Intel_C_CVDA334000JX2403GN 2014-08-12 19:22 - 2014-08-12 19:22 - 00045231 _____ () C:\Users\Woei Shyang\Downloads\captain-america-the-winter-soldier_english-957682.zip 2014-08-12 06:20 - 2014-08-12 06:20 - 00602112 _____ (OldTimer Tools) C:\Users\Woei Shyang\Downloads\OTL.exe 2014-08-11 12:30 - 2014-08-11 12:30 - 07776256 _____ () C:\Users\Woei Shyang\Downloads\openrecovery-twrp-2.7.0.0-i9305(1).img 2014-08-11 11:39 - 2014-08-11 11:22 - 00000000 ____D () C:\Users\Woei Shyang\Downloads\Heimdall Suite 2014-08-11 11:25 - 2014-08-11 11:25 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll 2014-08-11 11:25 - 2014-08-11 11:25 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll 2014-08-11 11:25 - 2014-08-11 11:25 - 00000000 ____D () C:\usb_driver 2014-08-11 11:22 - 2014-08-11 11:21 - 10013808 _____ () C:\Users\Woei Shyang\Downloads\heimdall-suite-1.4.0-win32.zip 2014-08-11 11:11 - 2014-08-11 11:11 - 07776256 _____ () C:\Users\Woei Shyang\Downloads\openrecovery-twrp-2.7.0.0-i9305.img 2014-08-10 12:19 - 2014-08-10 12:19 - 00000000 ____D () C:\Program Files (x86)\MiniTool Partition Wizard Home Edition 8.1.1 2014-08-10 12:18 - 2014-08-10 12:18 - 20772800 _____ (MiniTool Solution Ltd. ) C:\Users\Woei Shyang\Downloads\pwhe8.exe 2014-08-09 16:24 - 2014-08-09 16:24 - 00000000 ____D () C:\Program Files (x86)\LG Electronics 2014-08-09 16:24 - 2014-08-09 16:24 - 00000000 ____D () C:\LGE988 2014-08-09 16:24 - 2014-05-05 16:20 - 00000000 ____D () C:\Program Files (x86)\InstallShield Installation Information 2014-08-09 16:23 - 2014-08-09 16:14 - 00002411 _____ () C:\Windows\SysWOW64\lgAxconfig.ini 2014-08-09 16:15 - 2014-08-09 16:15 - 00000000 ____D () C:\Users\Woei Shyang\.android 2014-08-09 16:15 - 2014-05-05 16:05 - 00000000 ____D () C:\Users\Woei Shyang 2014-08-09 16:14 - 2013-09-23 21:05 - 00000843 _____ () C:\Users\Woei Shyang\Desktop\LGMobile Support Tool.lnk 2014-08-09 16:13 - 2014-08-09 16:13 - 00636571 _____ () C:\Users\Woei Shyang\Downloads\(MAC)LGUnitedMobile_Mac_Driver_Ver_4.9.zip 2014-08-09 16:13 - 2014-08-09 16:13 - 00261208 _____ (LG Electronics) C:\Users\Woei Shyang\Downloads\B2CAppSetup(1).exe 2014-08-09 16:11 - 2014-08-09 16:11 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2014-08-09 16:09 - 2014-08-09 16:09 - 00000000 ____D () C:\Users\Woei Shyang\Downloads\E988 2014-08-09 16:08 - 2014-08-09 16:08 - 01420041 _____ () C:\Users\Woei Shyang\Downloads\roottool.zip 2014-08-09 09:58 - 2014-08-09 09:57 - 71166269 _____ () C:\Users\Woei Shyang\Downloads\Black_Mesa_Soundtrack.zip 2014-08-07 18:02 - 2014-08-06 18:15 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\TaobaoProtect 2014-08-06 09:23 - 2014-05-05 16:06 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Local\Packages 2014-08-06 08:12 - 2014-05-08 20:11 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Local\alipay 2014-08-04 20:04 - 2014-05-05 16:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-08-01 20:11 - 2014-08-01 20:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-08-01 19:55 - 2014-02-24 02:08 - 00000000 ____D () C:\Users\Woei Shyang\Documents\My Games 2014-08-01 19:35 - 2014-08-01 19:35 - 00165961 _____ () C:\Users\Woei Shyang\Downloads\full_of_resources_3_11.zip 2014-08-01 19:35 - 2014-08-01 19:35 - 00165961 _____ () C:\Users\Woei Shyang\Downloads\full_of_resources_3_11 (1).zip 2014-08-01 19:33 - 2014-08-01 19:33 - 00102834 _____ () C:\Users\Woei Shyang\Downloads\SmartMapV91.zip 2014-08-01 19:30 - 2014-08-01 19:30 - 02469508 _____ () C:\Users\Woei Shyang\Downloads\Civ4_Map_Scripts.zip 2014-08-01 11:53 - 2014-05-14 09:41 - 00000000 ____D () C:\Program Files\paint.net 2014-07-31 21:02 - 2014-07-31 21:02 - 00050150 _____ () C:\Users\Woei Shyang\Downloads\perfectworld2.zip 2014-07-31 20:56 - 2014-07-31 20:56 - 00002675 _____ () C:\Users\Woei Shyang\Downloads\4f_1h_1sr.zip 2014-07-26 12:45 - 2014-07-18 09:31 - 00001296 _____ () C:\Users\Public\Desktop\Intel SSD Toolbox.lnk 2014-07-26 12:42 - 2014-07-26 12:42 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Local\My Games 2014-07-25 19:33 - 2014-07-25 19:33 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Manager 2014-07-25 19:33 - 2014-05-05 16:20 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Local\Google 2014-07-25 19:32 - 2014-07-25 19:32 - 00895120 _____ (Google Inc.) C:\Users\Woei Shyang\Downloads\musicmanagerinstaller (1).exe 2014-07-25 19:32 - 2014-07-25 19:32 - 00003922 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1205358742-1771774525-369522282-1001UA 2014-07-25 19:32 - 2014-07-25 19:32 - 00003542 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1205358742-1771774525-369522282-1001Core 2014-07-25 19:06 - 2014-05-06 06:26 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-07-25 19:06 - 2014-05-06 06:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-07-25 07:50 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\AppReadiness 2014-07-25 07:39 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\rescache 2014-07-25 07:30 - 2013-08-22 23:20 - 00000000 ____D () C:\Windows\CbsTemp 2014-07-25 07:29 - 2014-07-25 07:29 - 04756992 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll 2014-07-25 07:29 - 2014-07-25 07:29 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe 2014-07-25 07:29 - 2014-07-25 07:29 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll 2014-07-23 06:46 - 2014-07-23 06:45 - 393563883 _____ () C:\Users\Woei Shyang\Downloads\CleanROM-3.6.zip 2014-07-22 22:07 - 2014-05-08 21:51 - 00002446 _____ () C:\Users\Woei Shyang\_viminfo Some content of TEMP: ==================== C:\Users\Woei Shyang\AppData\Local\Temp\1Password-4.0.0.499.exe C:\Users\Woei Shyang\AppData\Local\Temp\1Password-4.0.1.503.exe C:\Users\Woei Shyang\AppData\Local\Temp\avgnt.exe C:\Users\Woei Shyang\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7tx364.dll C:\Users\Woei Shyang\AppData\Local\Temp\Foxit Reader Updater.exe C:\Users\Woei Shyang\AppData\Local\Temp\LMkRstPt.exe C:\Users\Woei Shyang\AppData\Local\Temp\op_install32.dll C:\Users\Woei Shyang\AppData\Local\Temp\Procmon64.exe C:\Users\Woei Shyang\AppData\Local\Temp\xmlUpdater.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== BCD ================================ Windows Boot Manager -------------------- identifier {bootmgr} device partition=\Device\HarddiskVolume2 description Windows Boot Manager locale en-US inherit {globalsettings} integrityservices Enable default {3262bbf0-aed4-11e3-9820-adf3f2beb556} resumeobject {3262bbef-aed4-11e3-9820-adf3f2beb556} displayorder {current} toolsdisplayorder {memdiag} timeout 30 Windows Boot Loader ------------------- identifier {current} device partition=C: path \Windows\system32\winload.exe description Windows 8.1 locale en-US inherit {bootloadersettings} recoverysequence {3262bbf1-aed4-11e3-9820-adf3f2beb556} integrityservices Enable recoveryenabled Yes allowedinmemorysettings 0x15000075 osdevice partition=C: systemroot \Windows resumeobject {3262bbed-aed4-11e3-9820-adf3f2beb556} nx OptIn bootmenupolicy Standard Windows Boot Loader ------------------- identifier {3262bbf1-aed4-11e3-9820-adf3f2beb556} device ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{3262bbf2-aed4-11e3-9820-adf3f2beb556} path \windows\system32\winload.exe description Windows Recovery Environment locale en-us inherit {bootloadersettings} displaymessage Recovery displaymessageoverride Recovery osdevice ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{3262bbf2-aed4-11e3-9820-adf3f2beb556} systemroot \windows nx OptIn bootmenupolicy Standard winpe Yes Resume from Hibernate --------------------- identifier {3262bbed-aed4-11e3-9820-adf3f2beb556} device partition=C: path \Windows\system32\winresume.exe description Windows Resume Application locale en-US inherit {resumeloadersettings} recoverysequence {3262bbf1-aed4-11e3-9820-adf3f2beb556} recoveryenabled Yes allowedinmemorysettings 0x15000075 filedevice partition=C: filepath \hiberfil.sys bootmenupolicy Standard debugoptionenabled No Windows Memory Tester --------------------- identifier {memdiag} device partition=\Device\HarddiskVolume2 path \boot\memtest.exe description Windows Memory Diagnostic locale en-US inherit {globalsettings} badmemoryaccess Yes EMS Settings ------------ identifier {emssettings} bootems No Debugger Settings ----------------- identifier {dbgsettings} debugtype Serial debugport 1 baudrate 115200 RAM Defects ----------- identifier {badmemory} Global Settings --------------- identifier {globalsettings} inherit {dbgsettings} {emssettings} {badmemory} Boot Loader Settings -------------------- identifier {bootloadersettings} inherit {globalsettings} {hypervisorsettings} Hypervisor Settings ------------------- identifier {hypervisorsettings} hypervisordebugtype Serial hypervisordebugport 1 hypervisorbaudrate 115200 Resume Loader Settings ---------------------- identifier {resumeloadersettings} inherit {globalsettings} Device options -------------- identifier {3262bbf2-aed4-11e3-9820-adf3f2beb556} description Windows Recovery ramdisksdidevice partition=C: ramdisksdipath \Recovery\WindowsRE\boot.sdi LastRegBack: 2014-08-18 09:12 ==================== End Of Log ============================