OTL logfile created on: 5/11/2014 7:12:14 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\alysher\Desktop
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
3.25 Gb Total Physical Memory | 1.27 Gb Available Physical Memory | 39.02% Memory free
6.50 Gb Paging File | 4.24 Gb Available in Paging File | 65.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 465.76 Gb Total Space | 77.45 Gb Free Space | 16.63% Space Free | Partition Type: NTFS
Drive D: | 298.09 Gb Total Space | 100.90 Gb Free Space | 33.85% Space Free | Partition Type: NTFS
Drive E: | 573.04 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Computer Name: NEO-LAPTOP | User Name: alysher | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014/05/11 19:08:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\alysher\Desktop\OTL.exe
PRC - [2014/05/11 18:45:22 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2014/05/11 17:31:09 | 000,370,176 | ---- | M] (The Privoxy team - www.privoxy.org) -- C:\Program Files\MSR\Privoxy\privoxy.exe
PRC - [2014/05/02 03:50:16 | 003,873,704 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2014/05/02 03:50:16 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/05/01 22:47:57 | 009,351,728 | ---- | M] (Blizzard Entertainment) -- C:\Program Files\Battle.net\Battle.net.4511\Battle.net.exe
PRC - [2014/04/25 10:03:52 | 022,415,552 | ---- | M] (Google) -- C:\Program Files\Google\Drive\googledrivesync.exe
PRC - [2014/04/25 05:56:12 | 012,971,328 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer.exe
PRC - [2014/04/25 05:56:12 | 005,024,576 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014/04/25 05:42:00 | 000,238,400 | ---- | M] (TeamViewer GmbH) -- C:\Program Files\TeamViewer\Version9\tv_w32.exe
PRC - [2014/04/23 18:52:18 | 000,016,384 | ---- | M] () -- C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe
PRC - [2014/04/17 21:07:28 | 004,672,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\alysher\AppData\Local\Akamai\netsession_win.exe
PRC - [2014/04/16 15:26:17 | 008,896,048 | ---- | M] (Blizzard Entertainment) -- C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
PRC - [2014/04/03 09:49:12 | 001,809,720 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
PRC - [2014/04/03 09:49:12 | 000,857,912 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
PRC - [2014/04/03 09:49:06 | 006,963,512 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
PRC - [2014/02/08 13:11:48 | 000,941,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
PRC - [2014/02/08 13:11:47 | 001,819,936 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
PRC - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/12/09 22:15:27 | 002,279,712 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2013/12/09 22:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2013/12/09 22:14:51 | 014,658,848 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
PRC - [2013/11/15 10:24:50 | 000,137,528 | ---- | M] (Motorola Mobility LLC) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2013/11/14 20:18:02 | 000,698,680 | ---- | M] (Motorola Mobility LLC) -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2013/10/08 14:22:04 | 000,794,272 | ---- | M] () -- C:\Users\alysher\Google Drive\Core Temp.exe
PRC - [2013/08/01 20:52:57 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2013/07/21 03:05:33 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2013/07/03 17:39:22 | 001,028,896 | ---- | M] (NVIDIA Corporation) -- C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
PRC - [2013/05/16 18:27:12 | 008,151,040 | ---- | M] () -- C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe
PRC - [2013/04/22 10:46:42 | 001,054,320 | ---- | M] () -- C:\Program Files\PdaNet for Android\PdaNetPC.exe
PRC - [2013/03/29 17:07:22 | 002,081,792 | ---- | M] (CHENGDU YIWO Tech Development Co., Ltd) -- C:\Program Files\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe
PRC - [2012/10/24 12:39:00 | 000,454,656 | ---- | M] (Wowhead) -- C:\Users\alysher\Downloads\Wowhead_Client.exe
PRC - [2012/10/14 17:19:22 | 002,713,672 | ---- | M] (PortableApps.com) -- C:\PortableApps\PortableApps.com\PortableAppsPlatform.exe
PRC - [2012/09/07 11:42:32 | 004,958,720 | ---- | M] (Sentelic Corporation) -- C:\Program Files\FSP\FspUip.exe
PRC - [2011/09/02 17:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe
PRC - [2011/03/31 16:08:14 | 000,080,896 | ---- | M] () -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
PRC - [2011/02/25 01:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/02/14 09:55:16 | 000,043,520 | R--- | M] () -- C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
PRC - [2010/10/08 14:06:04 | 002,482,176 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files\System Control Manager\MGSysCtrl.exe
PRC - [2010/09/28 17:00:06 | 000,056,952 | ---- | M] (Ipswitch) -- C:\Program Files\Ipswitch\WS_FTP 12\WsftpCOMHelper.exe
PRC - [2009/08/10 15:59:50 | 000,178,720 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe
PRC - [2009/08/10 15:59:48 | 000,387,616 | ---- | M] () -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe
PRC - [2009/07/13 21:14:17 | 000,008,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\dinotify.exe
PRC - [2009/07/09 15:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) -- C:\Program Files\System Control Manager\MSIService.exe
PRC - [2009/02/23 19:43:12 | 000,576,000 | ---- | M] (MagicISO, Inc.) -- C:\Program Files\MagicDisc\MagicDisc.exe
========== Modules (No Company Name) ==========
MOD - [2014/05/11 18:45:22 | 003,839,088 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2014/05/09 21:56:58 | 001,159,680 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\_ssl.pyd
MOD - [2014/05/09 21:56:58 | 000,805,888 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\wx._gdi_.pyd
MOD - [2014/05/09 21:56:58 | 000,110,080 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\PyWinTypes27.dll
MOD - [2014/05/09 21:56:58 | 000,027,136 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\_multiprocessing.pyd
MOD - [2014/05/09 21:56:57 | 001,175,040 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\wx._core_.pyd
MOD - [2014/05/09 21:56:57 | 001,062,400 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\wx._controls_.pyd
MOD - [2014/05/09 21:56:57 | 000,811,008 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\wx._windows_.pyd
MOD - [2014/05/09 21:56:57 | 000,713,216 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\_hashlib.pyd
MOD - [2014/05/09 21:56:57 | 000,686,080 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\unicodedata.pyd
MOD - [2014/05/09 21:56:57 | 000,557,056 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\pysqlite2._sqlite.pyd
MOD - [2014/05/09 21:56:57 | 000,525,640 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\windows._lib_cacheinvalidation.pyd
MOD - [2014/05/09 21:56:57 | 000,364,544 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\pythoncom27.dll
MOD - [2014/05/09 21:56:57 | 000,320,512 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\win32com.shell.shell.pyd
MOD - [2014/05/09 21:56:57 | 000,167,936 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\win32gui.pyd
MOD - [2014/05/09 21:56:57 | 000,128,512 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\_elementtree.pyd
MOD - [2014/05/09 21:56:57 | 000,127,488 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\pyexpat.pyd
MOD - [2014/05/09 21:56:57 | 000,119,808 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\win32file.pyd
MOD - [2014/05/09 21:56:57 | 000,108,544 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\win32security.pyd
MOD - [2014/05/09 21:56:57 | 000,098,816 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\win32api.pyd
MOD - [2014/05/09 21:56:57 | 000,087,552 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\_ctypes.pyd
MOD - [2014/05/09 21:56:57 | 000,070,656 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\wx._html2.pyd
MOD - [2014/05/09 21:56:57 | 000,045,568 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\_socket.pyd
MOD - [2014/05/09 21:56:57 | 000,038,912 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\win32inet.pyd
MOD - [2014/05/09 21:56:57 | 000,035,840 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\win32process.pyd
MOD - [2014/05/09 21:56:57 | 000,025,600 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\win32pdh.pyd
MOD - [2014/05/09 21:56:57 | 000,024,064 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\win32pipe.pyd
MOD - [2014/05/09 21:56:57 | 000,022,528 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\win32ts.pyd
MOD - [2014/05/09 21:56:57 | 000,018,432 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\win32event.pyd
MOD - [2014/05/09 21:56:57 | 000,017,408 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\win32profile.pyd
MOD - [2014/05/09 21:56:57 | 000,010,240 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\select.pyd
MOD - [2014/05/09 21:56:56 | 000,735,232 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\wx._misc_.pyd
MOD - [2014/05/09 21:56:56 | 000,122,368 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\wx._wizard.pyd
MOD - [2014/05/09 21:56:56 | 000,078,336 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\wx._animate.pyd
MOD - [2014/05/09 21:56:56 | 000,011,264 | ---- | M] () -- C:\Users\alysher\AppData\Local\Temp\_MEI46482\win32crypt.pyd
MOD - [2014/05/01 22:47:54 | 000,739,840 | ---- | M] () -- C:\Program Files\Battle.net\Battle.net.4511\libGLESv2.dll
MOD - [2014/05/01 22:47:53 | 026,118,656 | ---- | M] () -- C:\Program Files\Battle.net\Battle.net.4511\libcef.dll
MOD - [2014/05/01 22:47:53 | 000,130,048 | ---- | M] () -- C:\Program Files\Battle.net\Battle.net.4511\libEGL.dll
MOD - [2014/02/14 04:07:28 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2014/01/24 01:55:52 | 000,007,680 | ---- | M] () -- C:\Users\alysher\AppData\Local\Microsoft\Windows Sidebar\Gadgets\SystemMonitorII.gadget\SystemInfo.dll
MOD - [2014/01/24 01:55:52 | 000,006,144 | ---- | M] () -- C:\Users\alysher\AppData\Local\Microsoft\Windows Sidebar\Gadgets\SystemMonitorII.gadget\CoreTempReader.dll
MOD - [2014/01/24 01:55:51 | 000,008,704 | ---- | M] () -- C:\Users\alysher\AppData\Local\Microsoft\Windows Sidebar\Gadgets\SystemMonitorII.gadget\GetCoreTempInfoNET.dll
MOD - [2014/01/20 14:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/01/20 14:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2013/10/21 19:19:37 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013/10/08 14:22:04 | 000,794,272 | ---- | M] () -- C:\Users\alysher\Google Drive\Core Temp.exe
MOD - [2013/09/05 00:14:10 | 004,300,456 | ---- | M] () -- C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2013/06/27 01:42:44 | 000,257,536 | ---- | M] () -- C:\Program Files\GitExtensions\GitExtensionsShellEx32.dll
MOD - [2013/04/22 10:46:42 | 001,054,320 | ---- | M] () -- C:\Program Files\PdaNet for Android\PdaNetPC.exe
MOD - [2012/09/07 11:42:20 | 000,034,816 | ---- | M] () -- C:\Program Files\FSP\KbdHook.dll
MOD - [2012/09/07 11:21:20 | 000,055,808 | ---- | M] () -- C:\Program Files\FSP\FspLib.dll
MOD - [2012/08/04 22:14:12 | 000,166,400 | ---- | M] () -- C:\Program Files\KDiff3\diff_ext_for_kdiff3.dll
MOD - [2011/02/14 09:55:16 | 000,043,520 | R--- | M] () -- C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/09/28 16:56:32 | 006,551,672 | ---- | M] () -- C:\Program Files\Ipswitch\WS_FTP 12\res0409.dll
MOD - [2010/09/28 16:53:26 | 000,948,496 | ---- | M] () -- C:\Program Files\Ipswitch\WS_FTP 12\libeay32.dll
MOD - [2010/09/28 16:53:26 | 000,153,360 | ---- | M] () -- C:\Program Files\Ipswitch\WS_FTP 12\ssleay32.dll
========== Services (SafeList) ==========
SRV - [2014/05/11 18:45:22 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/05/02 03:50:16 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2014/04/29 21:24:40 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/04/25 05:56:12 | 005,024,576 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014/04/23 18:52:18 | 000,016,384 | ---- | M] () [Auto | Running] -- C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe -- (System Update kb70007)
SRV - [2014/04/03 09:49:12 | 001,809,720 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/04/03 09:49:12 | 000,857,912 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/03/06 03:38:10 | 000,108,032 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014/01/24 20:05:54 | 000,477,960 | ---- | M] (BitRaider, LLC) [On_Demand | Stopped] -- C:\ProgramData\BitRaider\BRSptSvc.exe -- (BRSptSvc)
SRV - [2013/12/21 02:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/12/19 00:41:02 | 030,814,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Office\Office14\GROOVE.EXE -- (Microsoft SharePoint Workspace Audit Service)
SRV - [2013/12/09 22:14:56 | 001,494,304 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2013/12/09 22:14:51 | 014,658,848 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV - [2013/11/15 10:24:50 | 000,137,528 | ---- | M] (Motorola Mobility LLC) [Auto | Running] -- C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2013/10/23 09:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013/07/21 03:16:03 | 001,343,400 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2013/05/27 00:57:27 | 000,680,960 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/05/16 18:27:12 | 008,151,040 | ---- | M] () [Auto | Running] -- C:\Program Files\MySQL\MySQL Server 5.5\bin\mysqld.exe -- (MySQL)
SRV - [2011/09/02 17:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Program Files\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2011/03/31 16:08:14 | 000,080,896 | ---- | M] () [Auto | Running] -- C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe -- (PassThru Service)
SRV - [2009/08/10 15:59:50 | 000,178,720 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe -- (nSvcIp)
SRV - [2009/08/10 15:59:48 | 000,387,616 | ---- | M] () [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe -- (ForceWare Intelligent Application Manager (IAM)
SRV - [2009/07/13 21:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/09 15:54:42 | 000,160,768 | ---- | M] (Micro-Star International Co., Ltd.) [Auto | Running] -- C:\Program Files\System Control Manager\MSIService.exe -- (Micro Star SCM)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbmodem.sys -- (USBModem)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbdiag.sys -- (UsbDiag)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\lgusbbus.sys -- (usbbus)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\qcusbser.sys -- (qcusbser)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\qcusbnet.sys -- (qcusbnet)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motport.sys -- (motport)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\motccgpfl.sys -- (motccgpfl)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\C771VSP.sys -- (C771VSP)
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\C771BUS.sys -- (C771BUS)
DRV - File not found [Kernel | On_Demand | Running] -- C:\Users\alysher\AppData\Local\Temp\ALSysIO.sys -- (ALSysIO)
DRV - [2014/05/11 18:43:41 | 000,107,736 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\MBAMSwissArmy.sys -- (MBAMSwissArmy)
DRV - [2014/05/02 03:50:20 | 000,180,632 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2014/05/02 03:50:20 | 000,067,776 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswstm.sys -- (aswStm)
DRV - [2014/05/02 03:50:19 | 000,776,976 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2014/05/02 03:50:19 | 000,411,552 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\System32\drivers\aswsp.sys -- (aswSP)
DRV - [2014/05/02 03:50:19 | 000,081,768 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\System32\drivers\aswRdr2.sys -- (aswRdr)
DRV - [2014/05/02 03:50:19 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\System32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2014/05/02 03:50:19 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2014/05/02 03:50:19 | 000,024,184 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\System32\drivers\aswHwid.sys -- (aswHwid)
DRV - [2014/04/03 09:51:14 | 000,051,416 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV - [2014/04/03 09:50:56 | 000,023,256 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2014/02/08 14:27:20 | 010,180,896 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2014/01/24 20:50:42 | 000,064,808 | ---- | M] (BitRaider) [File_System | On_Demand | Stopped] -- C:\ProgramData\BitRaider\BRDriver.sys -- (BRDriver)
DRV - [2014/01/22 09:52:12 | 000,184,192 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudserd.sys -- (ssudserd)
DRV - [2014/01/22 09:52:12 | 000,184,192 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2014/01/22 09:52:12 | 000,088,576 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2013/12/05 04:42:30 | 000,034,080 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvvad32v.sys -- (nvvad_WaveExtensible)
DRV - [2013/11/28 09:38:19 | 000,162,592 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvhda32v.sys -- (NVHDA)
DRV - [2013/07/04 16:38:20 | 000,188,176 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxDrv.sys -- (VBoxDrv)
DRV - [2013/07/04 16:37:08 | 000,115,984 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetFlt.sys -- (VBoxNetFlt)
DRV - [2013/07/04 16:37:08 | 000,104,720 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV - [2013/07/04 16:37:08 | 000,094,480 | ---- | M] (Oracle Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\VBoxUSBMon.sys -- (VBoxUSBMon)
DRV - [2013/07/04 16:37:08 | 000,084,752 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VBoxUSB.sys -- (VBoxUSB)
DRV - [2013/06/28 11:44:00 | 000,027,776 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetmodem.sys -- (ANDNetModem)
DRV - [2013/04/18 16:11:52 | 000,025,856 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetadb.sys -- (andnetadb)
DRV - [2013/04/18 16:09:22 | 000,023,168 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandnetdiag.sys -- (AndNetDiag)
DRV - [2013/03/26 16:16:08 | 000,026,240 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motoandroid.sys -- (motandroidusb)
DRV - [2013/03/20 10:51:12 | 000,006,272 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motfilt.sys -- (BTCFilterService)
DRV - [2013/03/20 10:49:32 | 000,011,264 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motusbdevice.sys -- (motusbdevice)
DRV - [2013/03/19 18:25:44 | 000,023,936 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\Motousbnet.sys -- (Motousbnet)
DRV - [2013/03/19 18:25:34 | 000,024,960 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2013/03/19 18:25:28 | 000,021,376 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2013/03/19 16:38:36 | 000,042,752 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motodrv.sys -- (MotDev)
DRV - [2013/03/07 09:49:20 | 000,014,920 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\epmntdrv.sys -- (epmntdrv)
DRV - [2013/03/07 09:49:20 | 000,009,160 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\EuGdiDrv.sys -- (EuGdiDrv)
DRV - [2013/02/11 23:32:45 | 000,015,872 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\usb80236.sys -- (usbrndis6)
DRV - [2012/09/07 11:11:36 | 000,055,808 | ---- | M] (Sentelic Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\fspad_win732.sys -- (fspad_win732)
DRV - [2012/08/23 10:44:32 | 000,014,848 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV - [2012/08/23 10:41:34 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV - [2012/08/23 10:40:25 | 000,049,664 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV - [2012/06/27 04:37:56 | 000,136,808 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2012/06/27 04:37:56 | 000,132,424 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdm.sys -- (sscdmdm)
DRV - [2012/06/27 04:37:56 | 000,121,064 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2012/06/27 04:37:56 | 000,114,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2012/06/27 04:37:56 | 000,110,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdserd.sys -- (sscdserd)
DRV - [2012/06/27 04:37:56 | 000,104,648 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdbus.sys -- (sscdbus)
DRV - [2012/06/27 04:37:56 | 000,074,752 | ---- | M] (Schunid) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\mbtusbser.sys -- (sshpmdm)
DRV - [2012/06/27 04:37:56 | 000,021,504 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VIA_USB_MODEM.sys -- (ViaUsbModemDriver)
DRV - [2012/06/27 04:37:56 | 000,016,128 | ---- | M] (Via Telecom, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\VIA_USB_ETS.sys -- (VIA_USB_ETS)
DRV - [2012/06/27 04:37:56 | 000,014,920 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV - [2012/06/27 04:37:56 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2012/06/08 17:08:52 | 000,006,656 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2012/03/02 09:02:00 | 000,025,088 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandmodem.sys -- (ANDModem)
DRV - [2012/03/02 09:02:00 | 000,020,736 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lganddiag.sys -- (AndDiag)
DRV - [2012/03/02 09:02:00 | 000,020,096 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandgps.sys -- (AndGps)
DRV - [2012/03/02 09:02:00 | 000,014,336 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\lgandbus.sys -- (Andbus)
DRV - [2011/11/25 01:26:04 | 000,013,440 | ---- | M] (June Fabrics Technology Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\pneteth.sys -- (pneteth)
DRV - [2011/06/27 01:37:12 | 002,191,872 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\athr.sys -- (athr)
DRV - [2011/05/13 03:21:04 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010/11/20 17:29:03 | 000,035,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2010/08/12 12:07:48 | 000,298,216 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvmf6232.sys -- (NVNET)
DRV - [2010/06/23 10:24:56 | 000,023,040 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\htcnprot.sys -- (htcnprot)
DRV - [2009/10/27 03:01:06 | 000,105,984 | ---- | M] (QUALCOMM Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\HtcVComV32.sys -- (HtcVCom32)
DRV - [2009/10/26 15:54:24 | 000,025,088 | ---- | M] (HTC, Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ANDROIDUSB.sys -- (HTCAND32)
DRV - [2009/08/04 17:43:40 | 000,213,024 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\nvstor32.sys -- (nvstor32)
DRV - [2009/07/13 19:52:10 | 000,014,336 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\vwifimp.sys -- (vwifimp)
DRV - [2009/07/13 19:51:29 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\BTHPRINT.SYS -- (BTHprint)
DRV - [2009/07/13 18:02:52 | 000,347,264 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\nvm62x32.sys -- (NVENETFD)
DRV - [2009/06/29 00:36:36 | 000,017,920 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvsmu.sys -- (nvsmu)
DRV - [2009/02/24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2009/02/12 16:11:24 | 000,022,312 | ---- | M] (EldoS Corporation) [Kernel | System | Running] -- C:\Windows\System32\drivers\rsdrv.sys -- (ElRawDisk)
DRV - [2007/09/13 00:09:48 | 000,021,024 | ---- | M] (Beijing WiseGrup.,Ltd (gamepad.yeah.net)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\xpad.sys -- (XPAD)
DRV - [2006/09/28 15:32:14 | 000,009,472 | ---- | M] (June Fabrics Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\pnetmdm.sys -- (pnetmdm)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 70 07 2F 7B BA 85 CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0FB87B84-9C0C-4C78-A26B-CB35DD6E6B7D}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...IE11SR<br /> IE - HKCU\..\SearchScopes\{0FB87B84-9C0C-4C78-A26B-CB35DD6E6B7D}: "URL" = https://www.google.c...Terms}<br /> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*;
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:8118;https=127.0.0.1:8118
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "https://www.google.com/"
FF - prefs.js..extensions.enabledAddons: %7BD249FD00-4DF9-11D9-9FDC-0080481ADA61%7D:1.6.3
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:9.0.2018.95
FF - prefs.js..extensions.enabledAddons: %7BFBF6D7FB-F305-4445-BB3D-FEF66579A033%7D:5.0.1
FF - prefs.js..extensions.enabledAddons: %7B097d3191-e6fa-4728-9826-b533d755359d%7D:0.7.22
FF - prefs.js..extensions.enabledAddons: s3download%40statusbar:2.11
FF - prefs.js..extensions.enabledAddons: %7B4c7097f7-08f2-4ef2-9b9f-f95fa4cbb064%7D:1.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 8118
FF - prefs.js..network.proxy.ssl: "127.0.0.1"
FF - prefs.js..network.proxy.ssl_port: 8118
FF - prefs.js..network.proxy.type: 1
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3522.0110: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\alysher\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2014/05/02 03:50:21 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins
[2013/08/18 22:24:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\alysher\AppData\Roaming\Mozilla\Extensions
[2014/05/11 18:49:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\alysher\AppData\Roaming\Mozilla\Firefox\Profiles\nxft0yq4.default\extensions
[2014/05/11 18:48:00 | 000,341,954 | ---- | M] () (No name found) -- C:\Users\alysher\AppData\Roaming\Mozilla\Firefox\Profiles\nxft0yq4.default\extensions\[email protected]
[2014/05/11 18:48:00 | 000,452,396 | ---- | M] () (No name found) -- C:\Users\alysher\AppData\Roaming\Mozilla\Firefox\Profiles\nxft0yq4.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}.xpi
[2014/05/11 18:49:27 | 000,049,303 | ---- | M] () (No name found) -- C:\Users\alysher\AppData\Roaming\Mozilla\Firefox\Profiles\nxft0yq4.default\extensions\{4c7097f7-08f2-4ef2-9b9f-f95fa4cbb064}.xpi
[2013/09/03 22:43:04 | 000,065,236 | ---- | M] () (No name found) -- C:\Users\alysher\AppData\Roaming\Mozilla\Firefox\Profiles\nxft0yq4.default\extensions\{D249FD00-4DF9-11D9-9FDC-0080481ADA61}.xpi
[2014/05/11 18:48:00 | 000,060,249 | ---- | M] () (No name found) -- C:\Users\alysher\AppData\Roaming\Mozilla\Firefox\Profiles\nxft0yq4.default\extensions\{FBF6D7FB-F305-4445-BB3D-FEF66579A033}.xpi
[2014/05/11 18:45:13 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
[2014/05/11 18:45:25 | 000,000,000 | ---D | M] (Default) -- C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/05/02 03:50:21 | 000,000,000 | ---D | M] (avast! Online Security) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
O1 HOSTS File: ([2014/04/16 16:09:41 | 000,000,833 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [BCSSync] C:\Program Files\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [EaseUS EPM tray] C:\Program Files\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe (CHENGDU YIWO Tech Development Co., Ltd)
O4 - HKLM..\Run: [fspuip] C:\Program Files\FSP\FspUip.exe (Sentelic Corporation)
O4 - HKLM..\Run: [MGSysCtrl] C:\Program Files\System Control Manager\MGSysCtrl.exe (Micro-Star International Co., Ltd.)
O4 - HKLM..\Run: [NvBackend] C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [Nvtmru] C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe (NVIDIA Corporation)
O4 - HKLM..\Run: [ShadowPlay] C:\Windows\System32\nvspcap.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [VMM Mode Selection] C:\Program Files\HTC\ModeSelection\VMMModeSelection.exe ()
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\alysher\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [Battle.net] "C:\Program Files\Battle.net\Battle.net Launcher.exe" --autostarted File not found
O4 - HKCU..\Run: [Facebook Update] C:\Users\alysher\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [Wowhead_Client] C:\Users\alysher\Downloads\Wowhead_Client.exe (Wowhead)
O4 - Startup: C:\Users\alysher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
O4 - Startup: C:\Users\alysher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
O4 - Startup: C:\Users\alysher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk = C:\Program Files\PdaNet for Android\PdaNetPC.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: + &Download Express: download this file - C:\Program Files\Download Express\add_url.htm ()
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI458A~1\Office15\EXCEL.EXE/3000 File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nvLsp.dll (NVIDIA)
O13 - gopher Prefix: missing
O16 - DPF: {3D6F2DBA-F4E5-40A6-8725-E99BC96CC23A} http://192.168.1.66/speco_control.cab (UMS_AX_Ctrl Class)
O16 - DPF: {A6B11FA9-502E-44BE-8D0F-BC76CE036AE4} http://192.168.1.66/...o_webviewer.cab (SPECO_WebViewer Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{3D5137A6-E3F5-4205-8B2F-9B30C0D1C782}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CBE59437-DB88-49D0-A528-4A6F3E12505E}: DhcpNameServer = 192.168.42.129
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 17:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O32 - AutoRun File - [2013/11/17 15:09:33 | 000,000,059 | ---- | M] () - C:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2013/11/16 21:17:14 | 000,000,059 | ---- | M] () - D:\autorun.inf -- [ NTFS ]
O32 - AutoRun File - [2010/03/14 19:00:31 | 000,000,046 | R--- | M] () - E:\autorun.inf -- [ CDFS ]
O33 - MountPoints2\{1eae0584-087a-11e3-a65d-08002700004d}\Shell - "" = AutoRun
O33 - MountPoints2\{1eae0584-087a-11e3-a65d-08002700004d}\Shell\AutoRun\command - "" = G:\VZW_Software_upgrade_assistant_installer.exe
O33 - MountPoints2\{23fa8900-14e3-11e3-ad5c-08002700004d}\Shell - "" = AutoRun
O33 - MountPoints2\{23fa8900-14e3-11e3-ad5c-08002700004d}\Shell\AutoRun\command - "" = F:\TL-Bootstrap.exe
O33 - MountPoints2\{23fa8909-14e3-11e3-ad5c-08002700004d}\Shell - "" = AutoRun
O33 - MountPoints2\{23fa8909-14e3-11e3-ad5c-08002700004d}\Shell\AutoRun\command - "" = G:\TL-Bootstrap.exe
O33 - MountPoints2\{5c8d3f79-5c73-11e3-a6d0-0021857ce048}\Shell - "" = AutoRun
O33 - MountPoints2\{5c8d3f79-5c73-11e3-a6d0-0021857ce048}\Shell\AutoRun\command - "" = G:\TL-Bootstrap.exe
O33 - MountPoints2\{681d1035-1114-11e3-aa04-08002700004d}\Shell - "" = AutoRun
O33 - MountPoints2\{681d1035-1114-11e3-aa04-08002700004d}\Shell\AutoRun\command - "" = G:\TL-Bootstrap.exe
O33 - MountPoints2\{681d1052-1114-11e3-aa04-08002700004d}\Shell - "" = AutoRun
O33 - MountPoints2\{681d1052-1114-11e3-aa04-08002700004d}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL F:\TL-Bootstrap.exe
O33 - MountPoints2\{9166d002-67ff-11e3-8021-0021857ce048}\Shell - "" = AutoRun
O33 - MountPoints2\{9166d002-67ff-11e3-8021-0021857ce048}\Shell\AutoRun\command - "" = G:\LGAutoRun.exe
O33 - MountPoints2\{a0126b2f-f1e2-11e2-865f-8456d03ebaff}\Shell - "" = AutoRun
O33 - MountPoints2\{a0126b2f-f1e2-11e2-865f-8456d03ebaff}\Shell\AutoRun\command - "" = E:\JMSETUP.EXE -- [1994/10/01 04:31:28 | 000,054,176 | R--- | M] (Presto Studios & Sanctuary Woods)
O33 - MountPoints2\{c77123cd-25e7-11e3-a13f-08002700004d}\Shell - "" = AutoRun
O33 - MountPoints2\{c77123cd-25e7-11e3-a13f-08002700004d}\Shell\AutoRun\command - "" = G:\TL-Bootstrap.exe
O33 - MountPoints2\{d836e790-14c0-11e3-8933-40618619494b}\Shell - "" = AutoRun
O33 - MountPoints2\{d836e790-14c0-11e3-8933-40618619494b}\Shell\AutoRun\command - "" = F:\TL-Bootstrap.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2014/05/11 19:08:34 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\alysher\Desktop\OTL.exe
[2014/05/11 18:45:12 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2014/05/09 03:18:32 | 000,000,000 | ---D | C] -- C:\FRST
[2014/05/09 03:18:07 | 001,053,184 | ---- | C] (Farbar) -- C:\Users\alysher\Desktop\FRST.exe
[2014/05/03 01:56:11 | 000,000,000 | ---D | C] -- C:\Windows\Microsoft
[2014/05/03 01:56:04 | 000,000,000 | ---D | C] -- C:\Program Files\MSR
[2014/05/03 01:55:42 | 000,000,000 | ---D | C] -- C:\Users\alysher\AppData\Local\41
[2014/05/02 03:50:19 | 000,043,152 | ---- | C] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/05/01 20:36:49 | 000,000,000 | ---D | C] -- C:\Users\alysher\AppData\Local\D01_MicroApps
[2014/05/01 20:35:22 | 000,000,000 | ---D | C] -- C:\Users\alysher\AppData\Roaming\Boot Animation Factory
[2014/05/01 20:35:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D01 MicroApps
[2014/05/01 20:35:13 | 000,000,000 | ---D | C] -- C:\Program Files\D01 MicroApps
[2014/04/30 00:48:54 | 000,000,000 | --SD | C] -- C:\Windows\System32\CompatTel
[2014/04/24 01:18:51 | 000,000,000 | ---D | C] -- C:\Users\alysher\Desktop\jokes
[2014/04/18 06:19:30 | 000,107,736 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/04/18 06:18:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/04/18 06:18:09 | 000,073,432 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamchameleon.sys
[2014/04/18 06:18:09 | 000,051,416 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mwac.sys
[2014/04/18 06:18:08 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes Anti-Malware
[2014/04/13 15:18:26 | 000,000,000 | -HSD | C] -- C:\found.001
[2014/04/11 20:27:46 | 000,000,000 | -HSD | C] -- C:\found.000
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2014/05/11 19:11:23 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/05/11 19:08:37 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\alysher\Desktop\OTL.exe
[2014/05/11 18:43:41 | 000,107,736 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\MBAMSwissArmy.sys
[2014/05/11 18:41:16 | 000,027,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/05/11 18:41:16 | 000,027,744 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/05/11 18:32:23 | 000,027,351 | ---- | M] () -- C:\Users\alysher\Desktop\bookmarks-2014-05-11.json
[2014/05/11 18:24:20 | 000,000,888 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/05/11 18:06:04 | 000,000,936 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3586769609-3811868919-1413454730-1001UA.job
[2014/05/11 17:38:42 | 000,000,914 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3586769609-3811868919-1413454730-1001Core.job
[2014/05/11 17:37:31 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/05/11 17:30:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/05/09 22:00:37 | 000,662,634 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2014/05/09 22:00:37 | 000,122,470 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2014/05/09 21:56:24 | 000,000,374 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts.ics
[2014/05/09 21:54:49 | 2616,643,584 | -HS- | M] () -- C:\hiberfil.sys
[2014/05/09 21:54:48 | 441,438,617 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2014/05/09 03:18:08 | 001,053,184 | ---- | M] (Farbar) -- C:\Users\alysher\Desktop\FRST.exe
[2014/05/05 21:54:03 | 000,001,048 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 9.lnk
[2014/05/03 19:54:11 | 000,000,600 | ---- | M] () -- C:\Users\alysher\AppData\Local\PUTTY.RND
[2014/05/02 03:50:53 | 000,002,047 | ---- | M] () -- C:\Users\Public\Desktop\avast! Free Antivirus.lnk
[2014/05/02 03:50:20 | 000,180,632 | ---- | M] () -- C:\Windows\System32\drivers\aswVmm.sys
[2014/05/02 03:50:20 | 000,067,776 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswstm.sys
[2014/05/02 03:50:19 | 000,776,976 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswSnx.sys
[2014/05/02 03:50:19 | 000,411,552 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswsp.sys
[2014/05/02 03:50:19 | 000,271,264 | ---- | M] (AVAST Software) -- C:\Windows\System32\aswBoot.exe
[2014/05/02 03:50:19 | 000,081,768 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswRdr2.sys
[2014/05/02 03:50:19 | 000,067,824 | ---- | M] (AVAST Software) -- C:\Windows\System32\drivers\aswMonFlt.sys
[2014/05/02 03:50:19 | 000,049,944 | ---- | M] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2014/05/02 03:50:19 | 000,043,152 | ---- | M] (AVAST Software) -- C:\Windows\avastSS.scr
[2014/05/02 03:50:19 | 000,024,184 | ---- | M] () -- C:\Windows\System32\drivers\aswHwid.sys
[2014/05/02 00:00:12 | 003,753,285 | ---- | M] () -- C:\Users\alysher\Desktop\ext2explore-2.2.71.zip
[2014/05/01 23:58:59 | 002,355,807 | ---- | M] () -- C:\Users\alysher\Desktop\ext4_unpacker_exe.zip
[2014/05/01 20:35:14 | 000,002,791 | ---- | M] () -- C:\Users\Public\Desktop\Boot Animation Factory.lnk
[2014/04/23 23:49:29 | 004,767,052 | ---- | M] () -- C:\Users\alysher\Desktop\QuickStartGuide_Gateway_1.0_A_A.zip
[2014/04/18 06:18:16 | 000,001,064 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/04/18 06:08:21 | 000,002,585 | ---- | M] () -- C:\Users\Public\Desktop\RSD Lite.lnk
[2014/04/16 16:09:41 | 000,000,833 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
[1 C:\Program Files\*.tmp files -> C:\Program Files\*.tmp -> ]
========== Files Created - No Company Name ==========
[2023/10/21 17:45:55 | 000,000,260 | ---- | C] () -- C:\Users\alysher\Desktop\10.key
[2014/05/11 18:32:23 | 000,027,351 | ---- | C] () -- C:\Users\alysher\Desktop\bookmarks-2014-05-11.json
[2014/05/03 19:54:11 | 000,000,600 | ---- | C] () -- C:\Users\alysher\AppData\Local\PUTTY.RND
[2014/05/02 03:50:24 | 000,024,184 | ---- | C] () -- C:\Windows\System32\drivers\aswHwid.sys
[2014/05/02 00:00:09 | 003,753,285 | ---- | C] () -- C:\Users\alysher\Desktop\ext2explore-2.2.71.zip
[2014/05/01 23:59:04 | 002,355,807 | ---- | C] () -- C:\Users\alysher\Desktop\ext4_unpacker_exe.zip
[2014/05/01 20:35:14 | 000,002,791 | ---- | C] () -- C:\Users\Public\Desktop\Boot Animation Factory.lnk
[2014/04/23 23:49:25 | 004,767,052 | ---- | C] () -- C:\Users\alysher\Desktop\QuickStartGuide_Gateway_1.0_A_A.zip
[2014/04/18 06:08:21 | 000,002,597 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RSD Lite.lnk
[2014/04/18 06:08:21 | 000,002,585 | ---- | C] () -- C:\Users\Public\Desktop\RSD Lite.lnk
[2014/04/09 21:44:13 | 002,499,656 | ---- | C] () -- C:\Windows\System32\BootMan.exe
[2014/04/09 21:44:13 | 000,087,112 | ---- | C] () -- C:\Windows\System32\setupempdrv03.exe
[2014/04/09 21:44:13 | 000,019,840 | ---- | C] () -- C:\Windows\System32\EuEpmGdi.dll
[2014/04/09 21:44:13 | 000,014,920 | ---- | C] () -- C:\Windows\System32\epmntdrv.sys
[2014/04/09 21:44:13 | 000,009,160 | ---- | C] () -- C:\Windows\System32\EuGdiDrv.sys
[2014/03/13 04:44:46 | 000,000,469 | ---- | C] () -- C:\Users\alysher\AppData\Roaming\Weather Monitor_Settings.ini
[2014/03/05 16:10:24 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/02/17 05:25:06 | 000,000,000 | ---- | C] () -- C:\Windows\PowerReg.dat
[2014/02/06 00:04:43 | 000,000,889 | ---- | C] () -- C:\Users\alysher\AppData\Local\recently-used.xbel
[2014/01/24 03:06:01 | 000,000,121 | ---- | C] () -- C:\Users\alysher\AppData\Roaming\System Monitor II_UptimeRecord.ini
[2014/01/24 01:52:50 | 000,002,006 | ---- | C] () -- C:\Users\alysher\AppData\Roaming\System Monitor II_CPU0_Settings.ini
[2014/01/22 19:23:32 | 000,000,506 | ---- | C] () -- C:\Windows\SIERRA.INI
[2014/01/22 18:00:12 | 000,061,440 | ---- | C] () -- C:\Windows\diabunin.exe
[2014/01/22 17:13:15 | 000,086,528 | ---- | C] () -- C:\Windows\bnetunin.exe
[2013/12/09 16:25:17 | 000,000,791 | ---- | C] () -- C:\Windows\EFXP.ini
[2013/12/03 23:42:29 | 000,000,685 | ---- | C] () -- C:\Windows\EF2.INI
[2013/12/03 22:25:30 | 000,000,782 | ---- | C] () -- C:\Windows\EF.ini
[2013/11/13 18:40:34 | 000,000,021 | ---- | C] () -- C:\Windows\SPECO_~1.INI
[2013/09/11 02:31:47 | 000,000,028 | ---- | C] () -- C:\Windows\ODBC.INI
[2013/09/11 02:31:46 | 000,000,210 | ---- | C] () -- C:\Windows\ODBCINST.INI
[2013/09/11 01:02:22 | 000,004,138 | ---- | C] () -- C:\ProgramData\ngqoeocq.huh
[2013/09/11 00:51:13 | 000,005,086 | ---- | C] () -- C:\ProgramData\zscupymp.kxv
[2013/08/05 14:19:58 | 000,178,688 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2013/07/22 14:40:22 | 000,021,504 | ---- | C] () -- C:\Windows\System32\drivers\VIA_USB_MODEM.sys
[2013/07/20 23:43:32 | 000,180,632 | ---- | C] () -- C:\Windows\System32\drivers\aswVmm.sys
[2013/07/20 23:43:31 | 000,049,944 | ---- | C] () -- C:\Windows\System32\drivers\aswRvrt.sys
[2013/07/20 21:23:57 | 000,011,164 | ---- | C] () -- C:\Windows\System32\drivers\nvphy.bin
[2013/07/09 23:01:30 | 000,000,447 | ---- | C] () -- C:\Users\alysher\.gitconfig
========== ZeroAccess Check ==========
[2009/07/14 00:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 21:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 17:29:20 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009/07/13 21:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2014/03/11 05:24:48 | 000,000,000 | ---D | M] -- C:\Users\alysher\AppData\Roaming\AnvSoft
[2014/02/22 14:38:12 | 000,000,000 | ---D | M] -- C:\Users\alysher\AppData\Roaming\Audacity
[2013/10/21 19:23:07 | 000,000,000 | ---D | M] -- C:\Users\alysher\AppData\Roaming\AVAST Software
[2014/02/19 12:28:18 | 000,000,000 | ---D | M] -- C:\Users\alysher\AppData\Roaming\Battle.net
[2014/05/02 22:00:32 | 000,000,000 | ---D | M] -- C:\Users\alysher\AppData\Roaming\Boot Animation Factory
[2013/10/08 08:03:39 | 000,000,000 | ---D | M] -- C:\Users\alysher\AppData\Roaming\calibre
[2013/07/30 23:46:44 | 000,000,000 | ---D | M] -- C:\Users\alysher\AppData\Roaming\Curse Advertising
[2013/09/17 13:19:56 | 000,000,000 | ---D | M] -- C:\Users\alysher\AppData\Roaming\Downloaded Installations
[2013/07/25 02:35:12 | 000,000,000 | ---D | M] -- C:\Users\alysher\AppData\Roaming\GitExtensions
[2014/04/08 03:28:09 | 000,000,000 | ---D | M] -- C:\Users\alysher\AppData\Roaming\Greenshot
[2014/03/11 05:36:36 | 000,000,000 | ---D | M] -- C:\Users\alysher\AppData\Roaming\HandBrake
[2013/07/25 02:29:59 | 000,000,000 | ---D | M] -- C:\Users\alysher\AppData\Roaming\HeidiSQL
[2014/02/21 02:20:28 | 000,000,000 | ---D | M] -- C:\Users\alysher\AppData\Roaming\ImgBurn
[2014/02/06 02:50:01 | 000,000,000 | ---D | M] -- C:\Users\alysher\AppData\Roaming\Mael
[2013/07/24 12:49:22 | 000,000,000 | ---D | M] -- C:\Users\alysher\AppData\Roaming\MetaProducts
[2013/07/26 22:52:40 | 000,000,000 | ---D | M] -- C:\Users\alysher\AppData\Roaming\Motorola
[2013/07/26 22:55:12 | 000,000,000 | ---D | M] -- C:\Users\alysher\AppData\Roaming\Motorola Mobility
[2013/07/31 20:46:27 | 000,000,000 | ---D | M] -- C:\Users\alysher\AppData\Roaming\redsn0w
[2013/11/14 18:06:21 | 000,000,000 | ---D | M] -- C:\Users\alysher\AppData\Roaming\TeamViewer
[2014/05/09 03:13:24 | 000,000,000 | ---D | M] -- C:\Users\alysher\AppData\Roaming\uTorrent
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 133 bytes -> C:\ProgramData\TEMP:C76EDAC3
< End of report >