Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer acting weird lately, suspect must be some malware [Closed]

Started by wshyang , Aug 17 2014 07:27 PM

  • This topic is locked This topic is locked

#1
wshyang
Posted 17 August 2014 - 07:27 PM

wshyang

    New Member

  • Member
  • Pip
  • 2 posts

Lately my computer has been popping up a lot of UAC prompts at random times for no reason. I've did a scan with Avira and MBAM and found nothing.

 

Attaching a list generated by OTL here in hopes that someone might spot something amiss.

 

Thanks and much appreciated guys :(

 


OTL logfile created on: 8/18/2014 9:17:15 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\username\Downloads
64bit- Professional  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
15.99 Gb Total Physical Memory | 11.24 Gb Available Physical Memory | 70.28% Memory free
18.37 Gb Paging File | 12.26 Gb Available in Paging File | 66.77% Paging File free
Paging file location(s): d:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 223.23 Gb Total Space | 186.37 Gb Free Space | 83.49% Space Free | Partition Type: NTFS
Drive D: | 2794.52 Gb Total Space | 1572.53 Gb Free Space | 56.27% Space Free | Partition Type: NTFS
 
Computer Name: username-DESKTOP | User Name: username | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/08/12 06:20:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\users\username\Downloads\OTL.exe
PRC - [2014/08/07 11:20:57 | 000,860,488 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/08/04 20:09:53 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2014/08/04 20:09:50 | 000,751,184 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2014/08/04 20:09:50 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2014/07/30 08:22:10 | 036,414,496 | ---- | M] (Dropbox, Inc.) -- C:\users\username\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014/07/10 10:43:10 | 003,675,920 | ---- | M] (AgileBits) -- C:\Program Files (x86)\1Password 4\Agile1pAgent.exe
PRC - [2014/07/10 10:42:48 | 006,183,696 | ---- | M] (AgileBits) -- C:\Program Files (x86)\1Password 4\1Password.exe
PRC - [2014/06/27 14:20:02 | 024,477,056 | ---- | M] (Google) -- C:\Program Files (x86)\Google\Drive\googledrivesync.exe
PRC - [2014/06/26 11:35:07 | 000,230,792 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
PRC - [2014/05/16 05:38:02 | 007,631,872 | ---- | M] (Google Inc.) -- C:\users\username\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
PRC - [2014/04/15 18:34:02 | 000,180,304 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
PRC - [2014/04/15 18:34:02 | 000,122,448 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
PRC - [2014/04/14 16:41:38 | 000,359,128 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2014/04/14 16:41:38 | 000,112,856 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
PRC - [2014/04/14 16:41:30 | 000,437,976 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2014/04/14 15:44:50 | 000,086,744 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
PRC - [2014/02/03 08:20:04 | 000,060,216 | ---- | M] (The Pidgin developer community) -- C:\Program Files (x86)\Pidgin\pidgin.exe
PRC - [2013/10/24 06:39:14 | 001,017,224 | ---- | M] (Flux Software LLC) -- C:\users\username\AppData\Local\FluxSoftware\Flux\flux.exe
PRC - [2013/08/06 18:12:20 | 000,147,456 | ---- | M] (Simon Tatham) -- C:\Program Files (x86)\PuTTY\pageant.exe
PRC - [2013/06/17 17:42:31 | 002,569,216 | ---- | M] () -- D:\xampp\xampp-control.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/08/18 08:51:27 | 000,043,008 | ---- | M] () -- c:\users\username\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp61_n7u.dll
MOD - [2014/08/18 08:51:04 | 001,175,040 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\wx._core_.pyd
MOD - [2014/08/18 08:51:04 | 001,160,704 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\_ssl.pyd
MOD - [2014/08/18 08:51:04 | 001,062,400 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\wx._controls_.pyd
MOD - [2014/08/18 08:51:04 | 000,811,008 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\wx._windows_.pyd
MOD - [2014/08/18 08:51:04 | 000,805,888 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\wx._gdi_.pyd
MOD - [2014/08/18 08:51:04 | 000,735,232 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\wx._misc_.pyd
MOD - [2014/08/18 08:51:04 | 000,713,216 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\_hashlib.pyd
MOD - [2014/08/18 08:51:04 | 000,686,080 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\unicodedata.pyd
MOD - [2014/08/18 08:51:04 | 000,557,056 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\pysqlite2._sqlite.pyd
MOD - [2014/08/18 08:51:04 | 000,525,640 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\windows._lib_cacheinvalidation.pyd
MOD - [2014/08/18 08:51:04 | 000,364,544 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\pythoncom27.dll
MOD - [2014/08/18 08:51:04 | 000,320,512 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\win32com.shell.shell.pyd
MOD - [2014/08/18 08:51:04 | 000,167,936 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\win32gui.pyd
MOD - [2014/08/18 08:51:04 | 000,128,512 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\_elementtree.pyd
MOD - [2014/08/18 08:51:04 | 000,127,488 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\pyexpat.pyd
MOD - [2014/08/18 08:51:04 | 000,122,368 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\wx._wizard.pyd
MOD - [2014/08/18 08:51:04 | 000,119,808 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\win32file.pyd
MOD - [2014/08/18 08:51:04 | 000,110,080 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\PyWinTypes27.dll
MOD - [2014/08/18 08:51:04 | 000,108,544 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\win32security.pyd
MOD - [2014/08/18 08:51:04 | 000,098,816 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\win32api.pyd
MOD - [2014/08/18 08:51:04 | 000,087,552 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\_ctypes.pyd
MOD - [2014/08/18 08:51:04 | 000,078,336 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\wx._animate.pyd
MOD - [2014/08/18 08:51:04 | 000,070,656 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\wx._html2.pyd
MOD - [2014/08/18 08:51:04 | 000,045,568 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\_socket.pyd
MOD - [2014/08/18 08:51:04 | 000,038,912 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\win32inet.pyd
MOD - [2014/08/18 08:51:04 | 000,027,136 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\_multiprocessing.pyd
MOD - [2014/08/18 08:51:04 | 000,025,600 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\win32pdh.pyd
MOD - [2014/08/18 08:51:04 | 000,024,064 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\win32pipe.pyd
MOD - [2014/08/18 08:51:04 | 000,022,528 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\win32ts.pyd
MOD - [2014/08/18 08:51:04 | 000,018,432 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\win32event.pyd
MOD - [2014/08/18 08:51:04 | 000,017,408 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\win32profile.pyd
MOD - [2014/08/18 08:51:04 | 000,011,264 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\win32crypt.pyd
MOD - [2014/08/18 08:51:04 | 000,010,240 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\select.pyd
MOD - [2014/08/18 08:51:04 | 000,007,168 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\hashobjs_ext.pyd
MOD - [2014/08/18 08:51:03 | 000,035,840 | ---- | M] () -- C:\users\username\AppData\Local\Temp\_MEI58362\win32process.pyd
MOD - [2014/08/07 11:20:55 | 000,353,096 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppgooglenaclpluginchrome.dll
MOD - [2014/08/07 11:20:54 | 014,669,128 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll
MOD - [2014/08/07 11:20:53 | 008,537,928 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
MOD - [2014/08/07 11:20:49 | 000,718,152 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
MOD - [2014/08/07 11:20:47 | 000,126,280 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
MOD - [2014/08/07 11:20:46 | 001,732,936 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
MOD - [2014/07/30 08:20:20 | 003,610,624 | ---- | M] () -- C:\users\username\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2014/05/16 05:24:36 | 000,344,064 | ---- | M] () -- C:\users\username\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
MOD - [2014/05/16 05:21:24 | 000,253,440 | ---- | M] () -- C:\users\username\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
MOD - [2014/05/16 05:20:58 | 000,231,936 | ---- | M] () -- C:\users\username\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
MOD - [2014/05/16 05:20:54 | 000,117,248 | ---- | M] () -- C:\users\username\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
MOD - [2014/05/05 16:21:38 | 000,216,992 | ---- | M] () -- C:\Program Files (x86)\Pidgin\Gtk\bin\libpng14-14.dll
MOD - [2014/05/05 16:21:38 | 000,100,352 | ---- | M] () -- C:\Program Files (x86)\Pidgin\Gtk\bin\zlib1.dll
MOD - [2014/05/05 16:21:38 | 000,090,496 | ---- | M] () -- C:\Program Files (x86)\Pidgin\Gtk\lib\gtk-2.0\2.10.0\engines\libwimp.dll
MOD - [2014/05/05 16:21:37 | 000,904,525 | ---- | M] () -- C:\Program Files (x86)\Pidgin\Gtk\bin\libcairo-2.dll
MOD - [2014/05/05 16:21:37 | 000,553,382 | ---- | M] () -- C:\Program Files (x86)\Pidgin\Gtk\bin\freetype6.dll
MOD - [2014/05/05 16:21:37 | 000,279,059 | ---- | M] () -- C:\Program Files (x86)\Pidgin\Gtk\bin\libfontconfig-1.dll
MOD - [2014/05/05 16:21:37 | 000,177,586 | ---- | M] () -- C:\Program Files (x86)\Pidgin\Gtk\bin\libexpat-1.dll
MOD - [2014/04/15 18:34:00 | 000,138,320 | ---- | M] () -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
MOD - [2014/04/15 18:33:56 | 000,049,744 | ---- | M] () -- C:\users\username\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
MOD - [2014/02/12 20:58:32 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/02/12 20:58:10 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/02/03 08:19:54 | 000,069,575 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\spellchk.dll
MOD - [2014/02/03 08:19:54 | 000,055,804 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libsimple.dll
MOD - [2014/02/03 08:19:54 | 000,047,391 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\log_reader.dll
MOD - [2014/02/03 08:19:54 | 000,044,494 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\xmppdisco.dll
MOD - [2014/02/03 08:19:54 | 000,037,191 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\xmppconsole.dll
MOD - [2014/02/03 08:19:54 | 000,032,020 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\ticker.dll
MOD - [2014/02/03 08:19:54 | 000,030,771 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\winprefs.dll
MOD - [2014/02/03 08:19:54 | 000,030,353 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\themeedit.dll
MOD - [2014/02/03 08:19:54 | 000,029,791 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\win2ktrans.dll
MOD - [2014/02/03 08:19:54 | 000,029,256 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\pidginrc.dll
MOD - [2014/02/03 08:19:54 | 000,029,225 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\notify.dll
MOD - [2014/02/03 08:19:54 | 000,028,276 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\ssl-nss.dll
MOD - [2014/02/03 08:19:54 | 000,023,851 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\timestamp_format.dll
MOD - [2014/02/03 08:19:54 | 000,022,832 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libyahoo.dll
MOD - [2014/02/03 08:19:54 | 000,021,795 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\markerline.dll
MOD - [2014/02/03 08:19:54 | 000,021,337 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libxmpp.dll
MOD - [2014/02/03 08:19:54 | 000,019,793 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libyahoojp.dll
MOD - [2014/02/03 08:19:54 | 000,018,399 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\timestamp.dll
MOD - [2014/02/03 08:19:54 | 000,017,023 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\offlinemsg.dll
MOD - [2014/02/03 08:19:54 | 000,015,978 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\statenotify.dll
MOD - [2014/02/03 08:19:54 | 000,015,429 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\relnot.dll
MOD - [2014/02/03 08:19:54 | 000,015,380 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\psychic.dll
MOD - [2014/02/03 08:19:54 | 000,015,045 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\sendbutton.dll
MOD - [2014/02/03 08:19:54 | 000,013,456 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\newline.dll
MOD - [2014/02/03 08:19:54 | 000,012,004 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\ssl.dll
MOD - [2014/02/03 08:19:52 | 000,416,065 | ---- | M] () -- C:\Program Files (x86)\Pidgin\libjabber.dll
MOD - [2014/02/03 08:19:52 | 000,373,657 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libmsn.dll
MOD - [2014/02/03 08:19:52 | 000,310,443 | ---- | M] () -- C:\Program Files (x86)\Pidgin\liboscar.dll
MOD - [2014/02/03 08:19:52 | 000,237,138 | ---- | M] () -- C:\Program Files (x86)\Pidgin\libymsg.dll
MOD - [2014/02/03 08:19:52 | 000,201,726 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libgg.dll
MOD - [2014/02/03 08:19:52 | 000,171,090 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libsilc.dll
MOD - [2014/02/03 08:19:52 | 000,150,086 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libmxit.dll
MOD - [2014/02/03 08:19:52 | 000,123,540 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libnovell.dll
MOD - [2014/02/03 08:19:52 | 000,116,583 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libsametime.dll
MOD - [2014/02/03 08:19:52 | 000,106,712 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libirc.dll
MOD - [2014/02/03 08:19:52 | 000,106,670 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libmyspace.dll
MOD - [2014/02/03 08:19:52 | 000,092,285 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libbonjour.dll
MOD - [2014/02/03 08:19:52 | 000,024,924 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\convcolors.dll
MOD - [2014/02/03 08:19:52 | 000,020,997 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\autoaccept.dll
MOD - [2014/02/03 08:19:52 | 000,019,043 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\idle.dll
MOD - [2014/02/03 08:19:52 | 000,018,882 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\history.dll
MOD - [2014/02/03 08:19:52 | 000,018,555 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\joinpart.dll
MOD - [2014/02/03 08:19:52 | 000,016,005 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libicq.dll
MOD - [2014/02/03 08:19:52 | 000,015,702 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\extplacement.dll
MOD - [2014/02/03 08:19:52 | 000,015,074 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\libaim.dll
MOD - [2014/02/03 08:19:52 | 000,014,147 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\gtkbuddynote.dll
MOD - [2014/02/03 08:19:52 | 000,013,253 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\buddynote.dll
MOD - [2014/02/03 08:19:52 | 000,012,865 | ---- | M] () -- C:\Program Files (x86)\Pidgin\plugins\iconaway.dll
MOD - [2014/02/03 08:19:42 | 000,671,031 | ---- | M] () -- C:\Program Files (x86)\Pidgin\exchndl.dll
MOD - [2014/02/03 08:19:42 | 000,475,580 | ---- | M] () -- C:\Program Files (x86)\Pidgin\spellcheck\libgtkspell-0.dll
MOD - [2014/02/03 08:19:42 | 000,036,878 | ---- | M] () -- C:\Program Files (x86)\Pidgin\libssp-0.dll
MOD - [2014/02/03 08:18:58 | 000,486,400 | ---- | M] () -- C:\Program Files (x86)\Pidgin\sqlite3.dll
MOD - [2014/02/03 08:18:52 | 002,097,721 | ---- | M] () -- C:\Program Files (x86)\Pidgin\libsilc-1-1-2.dll
MOD - [2014/02/03 08:18:52 | 000,818,985 | ---- | M] () -- C:\Program Files (x86)\Pidgin\libsilcclient-1-1-3.dll
MOD - [2014/02/03 08:18:52 | 000,152,852 | ---- | M] () -- C:\Program Files (x86)\Pidgin\libmeanwhile-1.dll
MOD - [2014/02/03 08:18:46 | 001,274,655 | ---- | M] () -- C:\Program Files (x86)\Pidgin\libxml2-2.dll
MOD - [2014/02/03 08:18:46 | 000,190,464 | ---- | M] () -- C:\Program Files (x86)\Pidgin\libsasl.dll
MOD - [2014/02/03 08:18:46 | 000,140,288 | ---- | M] () -- C:\Program Files (x86)\Pidgin\sasl2\saslDIGESTMD5.dll
MOD - [2014/02/03 08:18:46 | 000,115,712 | ---- | M] () -- C:\Program Files (x86)\Pidgin\sasl2\saslCRAMMD5.dll
MOD - [2014/02/03 08:18:46 | 000,102,912 | ---- | M] () -- C:\Program Files (x86)\Pidgin\sasl2\saslPLAIN.dll
MOD - [2014/02/03 08:18:46 | 000,102,912 | ---- | M] () -- C:\Program Files (x86)\Pidgin\sasl2\saslLOGIN.dll
MOD - [2014/02/03 08:18:46 | 000,102,400 | ---- | M] () -- C:\Program Files (x86)\Pidgin\sasl2\saslANONYMOUS.dll
MOD - [2013/12/11 05:06:52 | 000,026,624 | ---- | M] () -- C:\users\username\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll
MOD - [2013/12/11 05:06:42 | 010,683,392 | ---- | M] () -- C:\users\username\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
MOD - [2013/12/11 05:06:40 | 001,681,408 | ---- | M] () -- C:\users\username\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
MOD - [2013/12/11 05:06:38 | 007,741,952 | ---- | M] () -- C:\users\username\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
MOD - [2013/12/11 05:06:36 | 002,248,192 | ---- | M] () -- C:\users\username\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
MOD - [2013/08/24 03:01:44 | 025,100,288 | ---- | M] () -- C:\users\username\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/08/22 13:27:39 | 000,762,720 | ---- | M] () -- C:\Windows\SysWOW64\Speech\Engines\TTS\MSTTSEngine.dll
MOD - [2013/08/22 10:13:46 | 000,392,192 | ---- | M] () -- C:\Windows\SysWOW64\Speech\Engines\TTS\MSTTSLoc.dll
MOD - [2013/06/17 17:42:31 | 002,569,216 | ---- | M] () -- D:\xampp\xampp-control.exe
MOD - [2012/11/21 12:20:16 | 000,376,832 | ---- | M] () -- C:\Program Files (x86)\1Password 4\js3215R.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/06/19 09:29:24 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/06/19 09:25:38 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/06/19 09:25:36 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/06/19 09:25:36 | 000,201,216 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/06/10 00:52:30 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2014/05/15 10:24:50 | 000,347,880 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/05/15 10:24:50 | 000,023,824 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/04/30 16:33:52 | 000,337,776 | ---- | M] (arvato digital services llc) [Auto | Running] -- c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2_x64)
SRV:64bit: - [2014/03/25 06:50:50 | 000,357,144 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\LogiShrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2014/03/18 18:15:02 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/03/18 18:15:02 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2014/03/18 18:14:55 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/03/18 18:14:54 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/03/18 18:14:53 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/03/18 18:14:49 | 000,399,872 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/03/18 18:14:49 | 000,269,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/03/18 18:14:48 | 000,282,112 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/03/18 17:46:02 | 000,183,296 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV:64bit: - [2014/03/18 17:46:02 | 000,090,464 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\SysNative\KeyboardFilterSvc.dll -- (MsKeyboardFilter)
SRV:64bit: - [2014/03/08 13:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 15:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/02/24 11:35:56 | 003,402,016 | ---- | M] (Agnitum Ltd.) [Auto | Running] -- C:\Program Files\Agnitum\Outpost Firewall Pro\acs.exe -- (acssrv)
SRV:64bit: - [2013/08/22 20:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013/08/22 19:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 19:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 19:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 19:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 19:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 18:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 18:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 18:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 18:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 18:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 18:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 18:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 18:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 18:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 17:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 17:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 17:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 17:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 17:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 17:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 17:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 17:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013/02/13 00:36:28 | 000,163,840 | ---- | M] (Brio) [Auto | Running] -- C:\Program Files\FolderSize\FolderSizeSvc.exe -- (FolderSize)
SRV - [2014/08/04 20:09:53 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2014/08/04 20:09:51 | 001,021,520 | ---- | M] (Avira Operations GmbH & Co. KG) [Disabled | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe -- (AntiVirWebService)
SRV - [2014/08/04 20:09:50 | 000,430,160 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2014/08/01 20:11:57 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/07/16 10:28:18 | 000,542,912 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/07/09 06:47:09 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/06/19 09:25:35 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/04/15 18:34:02 | 000,122,448 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe -- (Avira.OE.ServiceHost)
SRV - [2014/04/14 16:41:38 | 000,359,128 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2014/04/14 16:41:30 | 000,437,976 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2014/04/14 16:04:22 | 014,407,384 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe -- (VMwareHostd)
SRV - [2014/04/14 15:44:50 | 000,086,744 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe -- (VMAuthdService)
SRV - [2014/02/27 18:40:46 | 000,906,432 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2013/08/22 20:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013/08/22 11:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 10:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/06/24 20:39:48 | 000,117,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2014/06/19 09:25:34 | 000,384,856 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/06/19 09:23:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/06/10 00:52:30 | 013,209,088 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2014/06/10 00:52:30 | 000,626,688 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2014/06/08 08:12:56 | 000,130,584 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2014/05/15 10:24:51 | 000,257,880 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/05/15 10:24:51 | 000,035,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/05/15 10:24:50 | 000,123,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/04/14 16:41:38 | 000,031,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2014/04/14 16:41:22 | 000,064,728 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2014/04/14 16:40:42 | 000,046,160 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2014/04/14 16:40:42 | 000,020,560 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2014/03/20 11:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/19 08:24:40 | 000,059,160 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2014/03/19 08:24:38 | 000,076,568 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2014/03/19 08:24:36 | 000,013,080 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2014/03/19 08:24:34 | 000,077,592 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2014/03/18 18:14:54 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/03/18 18:14:50 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2014/03/18 18:14:50 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/03/18 18:14:37 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2014/03/18 18:14:36 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2014/03/18 18:14:36 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/03/18 18:14:35 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/03/18 18:14:35 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/03/18 18:14:35 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/03/18 18:14:35 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2014/03/18 18:14:35 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2014/03/18 18:14:35 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/03/18 17:46:04 | 000,022,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\kbldfltr.sys -- (kbldfltr)
DRV:64bit: - [2014/03/18 17:46:02 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/03/18 17:45:53 | 000,220,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Vid.sys -- (Vid)
DRV:64bit: - [2014/03/18 17:45:53 | 000,129,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmbusr.sys -- (vmbusr)
DRV:64bit: - [2014/03/18 17:45:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\storvsp.sys -- (storvsp)
DRV:64bit: - [2014/03/18 17:45:53 | 000,065,536 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpcivsp.sys -- (vpcivsp)
DRV:64bit: - [2014/03/18 17:45:53 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2014/03/13 20:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/09 04:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/03/09 04:35:45 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/02/27 18:40:32 | 000,054,464 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2014/02/27 18:40:28 | 000,051,904 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmusb.sys -- (vmusb)
DRV:64bit: - [2014/02/25 11:41:28 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2014/02/04 10:31:14 | 000,470,224 | ---- | M] (Agnitum Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\afwcore.sys -- (afwcore)
DRV:64bit: - [2013/12/20 11:18:54 | 001,324,992 | ---- | M] (Agnitum Ltd.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\SandBox64.sys -- (SandBox)
DRV:64bit: - [2013/12/11 11:09:46 | 002,735,616 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cmudaxp.sys -- (cmudaxp)
DRV:64bit: - [2013/10/08 18:21:10 | 000,073,296 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsock.sys -- (vsock)
DRV:64bit: - [2013/10/08 18:21:06 | 000,085,584 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2013/09/30 16:26:50 | 000,019,152 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2013/09/30 16:26:48 | 000,012,504 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2013/08/22 21:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 21:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 20:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 20:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 20:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 20:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 20:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 20:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 20:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 20:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 20:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 20:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 20:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 20:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 20:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 20:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 20:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 20:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 20:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 20:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 20:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 20:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 20:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 20:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 20:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 20:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 20:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 20:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 20:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 19:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 19:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 19:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 19:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 19:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 19:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 19:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 19:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 19:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 19:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 19:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 19:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 19:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 19:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 19:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 19:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 19:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 19:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 19:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 19:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013/08/22 19:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 19:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 16:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/13 07:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 08:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/31 02:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/26 03:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/18 22:45:26 | 000,460,288 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1i63x64.sys -- (e1iexpress)
DRV:64bit: - [2013/03/18 16:51:08 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/10/16 16:18:34 | 000,040,544 | ---- | M] (Agnitum Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\afw.sys -- (afw)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/03 11:58:00 | 000,031,744 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetadb.sys -- (andnetadb)
DRV:64bit: - [2012/07/03 11:50:00 | 000,036,352 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetmodem64.sys -- (ANDNetModem)
DRV:64bit: - [2012/07/03 11:50:00 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag264.sys -- (AndNetDiag2)
DRV:64bit: - [2012/07/03 11:50:00 | 000,029,184 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lgandnetdiag64.sys -- (AndNetDiag)
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://123.taobao.com/?wangwang/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.xin.msn.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-SG
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 30 1D C1 5F 3A 68 CF 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {2856449D-6D33-472A-BFE6-C5F6F11151DC}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{2856449D-6D33-472A-BFE6-C5F6F11151DC}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: keefox%40chris.tomlinson:1.4.2
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.23
FF - prefs.js..extensions.enabledAddons: isreaditlater%40ideashower.com:3.0.5
FF - prefs.js..extensions.enabledAddons: html5notifications%40paxal.net:1.2.4
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - prefs.js..network.proxy.socks: "localhost"
FF - prefs.js..network.proxy.socks_port: 1080
FF - prefs.js..network.proxy.socks_version: 4
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.5.2: C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.5.2: C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tencent.com/nptxftnWebKit,version=1.0.0.1: C:\Program Files (x86)\QQMailPlugin\nptxftnWebKit.dll (Tencent Technology (Shenzhen) Company Limited)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@alibaba.com/npAliSSOLogin;version=1.0: C:\Program Files (x86)\AliWangWang\8.00.34C\npAliSSOLogin.dll File not found
FF - HKCU\Software\MozillaPlugins\@alibaba.com/npwangwang;version=1.0: C:\Program Files (x86)\AliWangWang\8.00.34C\npwangwang.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\username\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\username\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F003DA68-8256-4b37-A6C4-350FA04494DF}: C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014/06/19 08:05:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/08/17 18:22:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/08/17 18:22:23 | 000,000,000 | ---D | M]
 
[2014/05/05 18:41:41 | 000,000,000 | ---D | M] (No name found) -- C:\users\username\AppData\Roaming\Mozilla\Extensions
[2014/08/10 08:38:51 | 000,000,000 | ---D | M] (No name found) -- C:\users\username\AppData\Roaming\Mozilla\Firefox\Profiles\uy7mx9xt.default\extensions
[2014/08/10 08:38:51 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\users\username\AppData\Roaming\Mozilla\Firefox\Profiles\uy7mx9xt.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014/08/10 08:38:51 | 000,000,000 | ---D | M] (Pocket) -- C:\users\username\AppData\Roaming\Mozilla\Firefox\Profiles\uy7mx9xt.default\extensions\[email protected]
[2014/06/27 20:36:17 | 000,000,000 | ---D | M] (KeeFox) -- C:\users\username\AppData\Roaming\Mozilla\Firefox\Profiles\uy7mx9xt.default\extensions\[email protected]
[2014/08/10 08:38:51 | 000,048,516 | ---- | M] () (No name found) -- C:\users\username\AppData\Roaming\Mozilla\Firefox\Profiles\uy7mx9xt.default\extensions\[email protected]
[2014/08/10 06:45:22 | 000,125,559 | ---- | M] () (No name found) -- C:\users\username\AppData\Roaming\Mozilla\Firefox\Profiles\uy7mx9xt.default\extensions\[email protected]
[2014/08/01 20:11:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/08/01 20:11:58 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - default_search_provider:  ()
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - homepage: http://www.google.com/
CHR - plugin: Error reading preferences file
CHR - Extension: Entanglement Web App = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd\3.4.9_0\
CHR - Extension: Awesome Screenshot: Capture & Annotate = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.7.11_0\
CHR - Extension: Google Docs = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: 1Password: Password Manager and Secure Wallet = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjjhallfgjeglblehebfpbcfeobpgk\4.2.4.90_0\
CHR - Extension: Google Drive = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_1\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_1\
CHR - Extension: YouTube = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_1\
CHR - Extension: Firebug Lite for Google Chromeâ„¢ = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench\1.4.0.11967_0\
CHR - Extension: Adblock Plus = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.3_0\
CHR - Extension: Google Search = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_1\
CHR - Extension: Tampermonkey = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.8.52_0\
CHR - Extension: Logitech Smooth Scrolling = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk\6.65.62_0\
CHR - Extension: Proxy SwitchySharp = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\1.10.4_0\
CHR - Extension: Autocomplete = on = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecpgkdflcnofdbbkiggklcfmgbnbabhh\1.0_0\
CHR - Extension: Tab Wrangler = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\egnjhciaieeiiohknchakcodbpgjnchh\3.1_0\
CHR - Extension: Gmail Offline = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.20_0\
CHR - Extension: HTTPS Everywhere = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp\2014.6.26_0\
CHR - Extension: The Camelizer - Amazon Price Tracker = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo\2.4.2_0\
CHR - Extension: Save to Google Drive = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne\2.1.1_0\
CHR - Extension: TweetDeck by Twitter = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.8.7_0\
CHR - Extension: Eye Dropper = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka\0.3.6_0\
CHR - Extension: Bitly | Unleash the power of the link = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic\2.0.132_0\
CHR - Extension: Kindle Cloud Reader = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd\1.7.0.1_0\
CHR - Extension: Disconnect = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo\5.18.14_0\
CHR - Extension: eBay Search Alert = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmgddmdmhifhklhbhconpaehgbkaphcd\1.0.2_0\
CHR - Extension: Window Resizer = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkelicaakdanhinjdeammmilcgefonfh\1.9.0.5_0\
CHR - Extension: Codenvy IDE = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\lefigjbiimiemfhjmibbgemkpenelmag\2.4.1_0\
CHR - Extension: Ultimate User Agent Switcher, URL sniffer = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljfpjnehmoiabkefmnjegmpdddgcdnpo\0.9.3.6_0\
CHR - Extension: Poppit! = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi\3.1_0\
CHR - Extension: View Link in Google Cache = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbphmmfbemkijojeojbkecbgmpiamnlk\1.0_0\
CHR - Extension: Save to Pocket = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj\1.9.2_0\
CHR - Extension: Google Wallet = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_1\
CHR - Extension: imo free video calls and text = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocaebkdojpikfmhmnekiflipcicedobi\1.4.2_0\
CHR - Extension: Checker Plus for Gmailâ„¢ = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj\17.2.6_0\
CHR - Extension: chromeIPass = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\ompiailgknfdndiefoaoiligalphfdae\2.6.7_0\
CHR - Extension: Evernote Web Clipper = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc\6.2.4_0\
CHR - Extension: Gmail = C:\users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2013/08/22 21:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (1Password) - {037C06D5-3893-49E8-9AC0-41F7524AFBF5} - C:\Program Files (x86)\1Password 4\x64\Agile1pIE4.dll (AgileBits)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (1Password) - {037C06D5-3893-49E8-9AC0-41F7524AFBF5} - C:\Program Files (x86)\1Password 4\x86\Agile1pIE4.dll (AgileBits)
O2 - BHO: (Logitech SetPoint) - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [jEdit Server] C:\Program Files\jEdit\jedit.exe (Contributors)
O4:64bit: - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4:64bit: - HKLM..\Run: [OutpostMonitor] C:\Program Files\Agnitum\Outpost Firewall Pro\op_mon.exe (Agnitum Ltd.)
O4 - HKLM..\Run: [Agile1pAgent] C:\Program Files (x86)\1Password 4\Agile1pAgent.exe (AgileBits)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [Avira Systray] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [KeePass 2 PreLoad] C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vmware-tray.exe] C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe (VMware, Inc.)
O4 - HKCU..\Run: [Copy] C:\Users\username\AppData\Roaming\Copy\CopyAgent.exe (Barracuda Networks, Inc.)
O4 - HKCU..\Run: [f.lux] C:\Users\username\AppData\Local\FluxSoftware\Flux\flux.exe (Flux Software LLC)
O4 - HKCU..\Run: [Folder Size] C:\Program Files\FolderSize\FolderSize.exe (Brio)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKCU..\Run: [MusicManager] C:\Users\username\AppData\Local\Programs\Google\MusicManager\MusicManager.exe (Google Inc.)
O4 - HKCU..\Run: [Pidgin] C:\Program Files (x86)\Pidgin\pidgin.exe (The Pidgin developer community)
O4 - Startup: C:\Users\username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\users\username\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KeePass.exe - Shortcut.lnk = C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
O4 - Startup: C:\Users\username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pageant - Shortcut.lnk = C:\Program Files (x86)\PuTTY\pageant.exe (Simon Tatham)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: DisallowRun = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 1 = ipmgui.exe
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\DisallowRun: 2 = avnotify.exe
O9:64bit: - Extra Button: 1Password - {35BA58F0-BE4F-4DB5-B6D7-4A593C4B7951} - C:\Program Files (x86)\1Password 4\x64\Agile1pIE4.dll (AgileBits)
O9:64bit: - Extra 'Tools' menuitem : 1Password - {35BA58F0-BE4F-4DB5-B6D7-4A593C4B7951} - C:\Program Files (x86)\1Password 4\x64\Agile1pIE4.dll (AgileBits)
O9:64bit: - Extra Button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar.dll (Agnitum Ltd.)
O9 - Extra Button: 1Password - {35BA58F0-BE4F-4DB5-B6D7-4A593C4B7951} - C:\Program Files (x86)\1Password 4\x86\Agile1pIE4.dll (AgileBits)
O9 - Extra 'Tools' menuitem : 1Password - {35BA58F0-BE4F-4DB5-B6D7-4A593C4B7951} - C:\Program Files (x86)\1Password 4\x86\Agile1pIE4.dll (AgileBits)
O9 - Extra Button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar32.dll (Agnitum Ltd.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1B9846E5-3BFD-4E0D-A215-502A796485B2}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O20:64bit: - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hoo~1.dll) - c:\Program Files\Agnitum\Outpost Firewall Pro\wl_hook64.dll (Agnitum Ltd.)
O20 - AppInit_DLLs: (c:\progra~1\agnitum\outpos~1\wl_hook.dll) - c:\Program Files\Agnitum\Outpost Firewall Pro\wl_hook.dll (Agnitum Ltd.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\System32\Userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (bj.dll) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\LogiShrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/08/17 18:23:08 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2014/08/16 08:34:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\sru
[2014/08/16 08:34:14 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot2
[2014/08/16 08:34:09 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\catroot
[2014/08/15 11:24:50 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/08/15 11:24:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/08/15 11:24:24 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/08/15 11:24:24 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/08/15 11:24:24 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/08/15 11:24:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/08/15 11:24:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/08/15 11:04:55 | 000,000,000 | ---D | C] -- C:\ProgramData
[2014/08/15 11:02:41 | 000,000,000 | ---D | C] -- C:\ProgramData\VMware
[2014/08/15 11:02:41 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft
[2014/08/15 11:02:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Protexis64
[2014/08/15 11:02:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2014/08/15 11:02:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014/08/15 11:02:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2014/08/15 11:02:25 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[2014/08/15 11:02:25 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
[2014/08/15 11:02:25 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
[2014/08/15 11:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XAMPP
[2014/08/15 11:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2014/08/15 11:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware
[2014/08/15 11:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vim 7.4
[2014/08/15 11:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2014/08/15 11:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Transmission Remote GUI
[2014/08/15 11:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeraCopy
[2014/08/15 11:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2014/08/15 11:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PuTTY
[2014/08/15 11:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
[2014/08/15 11:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
[2014/08/15 11:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MiniTool Partition Wizard Home Edition 8.1.1
[2014/08/15 11:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2014/08/15 11:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2014/08/15 11:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014/08/15 11:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2014/08/15 11:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LGMobile Support Tool
[2014/08/15 11:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jEdit
[2014/08/15 11:02:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
[2014/08/15 11:02:24 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014/08/15 11:02:24 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[2014/08/15 11:02:24 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014/08/15 11:02:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/08/15 11:02:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/08/15 11:02:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2014/08/15 11:02:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2014/08/15 11:02:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/08/15 11:02:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Git
[2014/08/15 11:02:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
[2014/08/15 11:02:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[2014/08/15 11:02:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X7 (64-bit)
[2014/08/15 11:02:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Combined Community Codec Pack
[2014/08/15 11:02:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Printer Uninstaller
[2014/08/15 11:02:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2014/08/15 11:02:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
[2014/08/15 11:02:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Agnitum
[2014/08/15 11:02:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1Password
[2014/08/15 11:00:13 | 000,000,000 | --SD | C] -- C:\ProgramData\Microsoft
[2014/08/15 11:00:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Logitech
[2014/08/15 11:00:08 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2014/08/15 11:00:08 | 000,000,000 | ---D | C] -- C:\ProgramData\LGMOBILEAX
[2014/08/15 11:00:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel® Update Manager
[2014/08/15 11:00:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2014/08/15 11:00:08 | 000,000,000 | ---D | C] -- C:\ProgramData\CorelDRAW Graphics Suite X7 x64
[2014/08/15 11:00:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Corel
[2014/08/15 11:00:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2014/08/15 11:00:02 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014/08/15 11:00:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2014/08/15 11:00:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2014/08/15 11:00:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Agnitum
[2014/08/15 11:00:01 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/08/13 14:14:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Tencent
[2014/08/13 14:13:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tencent
[2014/08/13 14:13:38 | 000,000,000 | ---D | C] -- C:\Users\username\AppData\Roaming\Tencent
[2014/08/13 14:10:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QQMailPlugin
[2014/08/13 13:31:01 | 000,000,000 | ---D | C] -- C:\Program Files\FolderSize
[2014/08/11 11:25:10 | 000,000,000 | ---D | C] -- C:\usb_driver
[2014/08/10 12:19:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MiniTool Partition Wizard Home Edition 8.1.1
[2014/08/09 16:24:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LG Electronics
[2014/08/09 16:24:10 | 000,000,000 | ---D | C] -- C:\LGE988
[2014/08/09 16:15:43 | 000,000,000 | ---D | C] -- C:\Users\username\.android
[2014/08/06 18:15:24 | 000,000,000 | ---D | C] -- C:\Users\username\AppData\Roaming\TaobaoProtect
[2014/08/01 20:11:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/07/26 12:42:49 | 000,000,000 | ---D | C] -- C:\Users\username\AppData\Local\My Games
[2014/07/25 19:33:07 | 000,000,000 | ---D | C] -- C:\Users\username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Manager
 
========== Files - Modified Within 30 Days ==========
 
[2014/08/18 08:52:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/08/18 08:50:45 | 000,000,934 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/08/18 08:50:22 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/08/17 22:47:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/08/17 22:40:00 | 000,000,938 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/08/17 22:37:00 | 000,000,964 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1205358742-1771774525-369522282-1001UA.job
[2014/08/17 19:37:01 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1205358742-1771774525-369522282-1001Core.job
[2014/08/16 08:10:10 | 000,000,600 | ---- | M] () -- C:\Users\username\AppData\Local\PUTTY.RND
[2014/08/15 12:22:18 | 000,737,176 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/08/15 12:22:18 | 000,140,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/08/15 12:16:41 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/08/14 18:08:08 | 000,001,112 | ---- | M] () -- C:\Users\username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/08/14 18:07:52 | 000,001,092 | ---- | M] () -- C:\Users\username\Desktop\Dropbox.lnk
[2014/08/11 11:30:19 | 000,000,398 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2014/08/09 16:23:43 | 000,002,411 | ---- | M] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2014/08/09 16:14:34 | 000,000,843 | ---- | M] () -- C:\Users\username\Desktop\LGMobile Support Tool.lnk
[2014/08/09 16:11:54 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2014/07/26 12:45:00 | 000,001,296 | ---- | M] () -- C:\Users\Public\Desktop\Intel SSD Toolbox.lnk
[2014/07/24 22:43:01 | 000,001,552 | ---- | M] () -- C:\Users\username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pageant - Shortcut.lnk
[2014/07/24 13:24:05 | 000,000,129 | ---- | M] () -- C:\Users\username\.gitconfig
[2014/07/22 22:07:19 | 000,002,446 | ---- | M] () -- C:\Users\username\_viminfo
 
========== Files Created - No Company Name ==========
 
[2014/08/11 11:25:17 | 000,000,398 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/08/10 12:19:33 | 003,050,808 | ---- | C] () -- C:\Windows\SysNative\pwNative.exe
[2014/08/10 12:19:33 | 000,019,152 | ---- | C] () -- C:\Windows\SysNative\pwdrvio.sys
[2014/08/10 12:19:33 | 000,012,504 | ---- | C] () -- C:\Windows\SysNative\pwdspio.sys
[2014/08/09 16:14:27 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2014/08/09 16:14:27 | 000,002,411 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2014/08/09 16:11:54 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2014/07/25 19:32:55 | 000,000,964 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1205358742-1771774525-369522282-1001UA.job
[2014/07/25 19:32:55 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1205358742-1771774525-369522282-1001Core.job
[2014/07/24 13:24:05 | 000,000,129 | ---- | C] () -- C:\Users\username\.gitconfig
[2014/07/05 13:04:33 | 000,001,000 | RHS- | C] () -- C:\Users\username\ntuser.pol
[2014/06/10 00:52:18 | 000,123,392 | ---- | C] () -- C:\Windows\SysWow64\amdhdl32.dll
[2014/05/12 14:04:32 | 000,000,192 | ---- | C] () -- C:\Users\username\.bash_history
[2014/05/09 11:36:24 | 000,000,600 | ---- | C] () -- C:\Users\username\AppData\Roaming\winscp.rnd
[2014/05/08 21:51:05 | 000,002,446 | ---- | C] () -- C:\Users\username\_viminfo
[2014/05/08 20:10:47 | 000,001,078 | ---- | C] () -- C:\Users\username\AppData\Roaming\base64.cer
[2014/05/06 08:15:31 | 000,000,600 | ---- | C] () -- C:\Users\username\AppData\Local\PUTTY.RND
[2014/05/05 17:33:16 | 000,827,226 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/05/05 16:19:41 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2014/03/18 18:15:05 | 000,002,255 | ---- | C] () -- C:\Windows\SysWow64\WimBootCompress.ini
[2014/03/18 18:14:37 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013/12/13 10:23:56 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013/12/13 10:23:54 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013/12/13 10:23:46 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2013/12/13 10:23:24 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013/12/13 10:23:24 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013/08/22 23:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013/08/22 23:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013/08/22 22:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013/08/22 15:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013/08/22 11:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2013/08/22 07:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013/08/22 07:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/19 09:25:36 | 021,268,952 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/19 09:25:37 | 018,755,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 17:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 10:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 17:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/08/18 08:51:21 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\.purple
[2014/05/05 17:26:04 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\Agile Web Solutions
[2014/08/18 09:18:30 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\AgileBits
[2014/08/18 08:52:16 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\Copy
[2014/08/18 08:51:47 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\Dropbox
[2014/05/07 08:06:14 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\EPSON
[2014/07/03 12:03:31 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\EurekaLog
[2014/05/05 16:21:04 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\foobar2000
[2014/06/19 10:12:05 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\Foxit Software
[2014/08/18 08:51:04 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\jEdit
[2014/08/17 23:26:39 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\KeePass
[2014/05/13 19:42:37 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\MPC-HC
[2014/05/09 08:27:12 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\Notepad++
[2014/05/05 16:21:29 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\pdfforge
[2014/05/05 18:20:46 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\Sublime Text 2
[2014/08/07 18:02:40 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\TaobaoProtect
[2014/08/18 09:14:55 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\Tencent
[2014/05/05 17:44:30 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\TeraCopy
[2014/08/14 05:57:23 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\uTorrent
[2014/08/14 05:52:27 | 000,000,000 | ---D | M] -- C:\Users\username\AppData\Roaming\WWApk
 
========== Purity Check ==========
 
 
 
========== Files - Unicode (All) ==========
[2014/08/15 11:02:25 | 000,000,000 | ---D | C](C:\ProgramData\Microsoft\Windows\Start Menu\Programs\????) -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件
[2014/03/17 09:24:22 | 000,383,690 | ---- | M] ()(C:\Users\username\Desktop\?? - ???.pdf) -- C:\Users\username\Desktop\注册 - 支付宝.pdf
[2014/03/17 09:24:22 | 000,383,690 | ---- | C] ()(C:\Users\username\Desktop\?? - ???.pdf) -- C:\Users\username\Desktop\注册 - 支付宝.pdf
[2014/02/24 02:09:40 | 000,000,000 | ---D | C](C:\Users\username\Documents\????) -- C:\Users\username\Documents\微云传输
[2014/02/24 02:02:15 | 000,000,000 | ---D | C](C:\Users\username\Desktop\T5??????_V1.0.196_20130124) -- C:\Users\username\Desktop\T5导入导出工具_V1.0.196_20130124
[2014/01/05 11:49:29 | 000,000,000 | ---D | M](C:\Users\username\Documents\????) -- C:\Users\username\Documents\微云传输
[2013/11/25 23:22:59 | 000,000,000 | ---D | M](C:\Users\username\Desktop\T5??????_V1.0.196_20130124) -- C:\Users\username\Desktop\T5导入导出工具_V1.0.196_20130124
 
========== Hard Links - Junction Points - Mount Points - Symbolic Links ==========
[C:\Windows\Logs] -> D:\WinLogs -> Junction
[C:\Windows\SoftwareDistribution] -> D:\Temp\SoftwareDistribution -> Junction
[C:\Windows\Temp] -> D:\Temp -> Junction
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 220 bytes -> C:\Users\username\SkyDrive:ms-properties
@Alternate Data Stream - 220 bytes -> C:\Users\username\OneDrive:ms-properties
 
< End of report >
 

Edited by wshyang, 17 August 2014 - 07:28 PM.

  • 0

Advertisements

#2
Machiavelli
Posted 18 August 2014 - 11:49 AM

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts
Hello and Welcome to GeeksToGo wshyang,

my Name is Machiavelli and I will assist you with your problem.  :alarm:  The fixes are specific to your problem and should only be used for the issue on your machine!  :alarm: 
 
I'm in the 'Malware Staff Team' and will provide you with advice:
To remove Malware on a computer can be very complicated. Malware (malicious software) is able to hide and so I may not be able to find it so easily. In order to remove Malware from you Computer, you need to follow my instructions carefully. Don't be worried if you don't know what to do. just ask me! Please stay in contact with me until the problem is fixed.
 
You must reply to posts within days. If you haven't replied within 4 days your topic will be closed. If you go away for some time please let me know. Communication is an important part here! If you are unsure about something - STOP - and ask me. No need to be afraid of asking - better ask than doing a mistake. Mistakes can lead to an unbootable PC! I would recommend to follow the topic by clicking on the Follow this topic button - you will get notified when I have replied to your topic.
 

:alarm: Below are a few tips  :alarm:
  • Removing Malware is usually very difficult.
    We need to search and analyse a lot of files. As this is done in our free time, please be patient especially if I don't answer every day!
  • Please follow these instructions
    If you don't follow the instructions your computer may crash. If you fix your PC by yourself, this can be very risky!
  • Please stay in contact with me until your problem is resolved
    As Malware may not be totally removed in one session or in one day, please stay in contact with me until the problem is resolved.
  • Please don't run any other tools without consulting with me as this can complicate finding and removing all Malware
    Don't run any tools while I'm fixing your PC. That is counter productive and again, will only complicate finding and removing all Malware!
  • Read my post completely
    If you don't do so, you may make mistakes that could result in your System crashing by your own actions!
 

Please download FRST (by Farbar) from the link below and save it to your Desktop.

Download Mirror #1

If you are unsure whether you have 32-Bit or 64-Bit Windows, see here
  • Disable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.
  • Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • When the disclaimer appears, click Yes.
  • Click Scan to start FRST.
  • When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.

  • 0

#3
wshyang
Posted 18 August 2014 - 04:52 PM

wshyang

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Hi Machiavelli,
 
Thanks for your help :)
 
I've attached the files you've asked for here.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by Woei Shyang (administrator) on WSHYANG-DESKTOP on 19-08-2014 06:48:45
Running from C:\users\Woei Shyang\Downloads
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Agnitum Ltd.) C:\Program Files\Agnitum\Outpost Firewall Pro\acs.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Brio) C:\Program Files\FolderSize\FolderSizeSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(CANON INC.) C:\Windows\System32\CNAB4RPD.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Oracle Corporation) C:\Program Files\Java\jdk1.8.0_05\jre\bin\javaw.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Agnitum Ltd.) C:\Program Files\Agnitum\Outpost Firewall Pro\op_mon.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Barracuda Networks, Inc.) D:\users\Woei Shyang\AppData\Roaming\Copy\CopyAgent.exe
(The Pidgin developer community) C:\Program Files (x86)\Pidgin\pidgin.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Flux Software LLC) D:\users\Woei Shyang\AppData\Local\FluxSoftware\Flux\flux.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) D:\users\Woei Shyang\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(Brio) C:\Program Files\FolderSize\FolderSize.exe
(Dropbox, Inc.) D:\users\Woei Shyang\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Simon Tatham) C:\Program Files (x86)\PuTTY\pageant.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AgileBits) C:\Program Files (x86)\1Password 4\Agile1pAgent.exe
(Firaxis Games) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization IV Beyond the Sword\Beyond the Sword\Civ4BeyondSword.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office15\OUTLOOK.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [jEdit Server] => C:\Program Files\jEdit\jedit.exe [42496 2013-07-29] (Contributors)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-20] (Logitech, Inc.)
HKLM\...\Run: [OutpostMonitor] => C:\Program Files\Agnitum\Outpost Firewall Pro\op_mon.exe [4735312 2014-02-24] (Agnitum Ltd.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [180304 2014-04-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [vmware-tray.exe] => C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe [112856 2014-04-14] (VMware, Inc.)
HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [2099200 2014-04-13] (Dominik Reichl)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-04-23] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [Agile1pAgent] => C:\Program Files (x86)\1Password 4\Agile1pAgent.exe [3675920 2014-07-10] (AgileBits)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\.DEFAULT\...\Run: [Copy] => C:\Users\Woei Shyang\AppData\Roaming\Copy\CopyAgent.exe [15367824 2014-08-04] (Barracuda Networks, Inc.)
HKU\S-1-5-21-1205358742-1771774525-369522282-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24477056 2014-06-27] (Google)
HKU\S-1-5-21-1205358742-1771774525-369522282-1001\...\Run: [Copy] => C:\Users\Woei Shyang\AppData\Roaming\Copy\CopyAgent.exe [15367824 2014-08-04] (Barracuda Networks, Inc.)
HKU\S-1-5-21-1205358742-1771774525-369522282-1001\...\Run: [Pidgin] => C:\Program Files (x86)\Pidgin\pidgin.exe [60216 2014-02-03] (The Pidgin developer community)
HKU\S-1-5-21-1205358742-1771774525-369522282-1001\...\Run: [f.lux] => C:\Users\Woei Shyang\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-1205358742-1771774525-369522282-1001\...\Run: [Google Update] => C:\Users\Woei Shyang\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-07-25] (Google Inc.)
HKU\S-1-5-21-1205358742-1771774525-369522282-1001\...\Run: [MusicManager] => C:\Users\Woei Shyang\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7631872 2014-05-16] (Google Inc.)
HKU\S-1-5-21-1205358742-1771774525-369522282-1001\...\Run: [Folder Size] => C:\Program Files\FolderSize\FolderSize.exe [169472 2013-02-13] (Brio)
HKU\S-1-5-21-1205358742-1771774525-369522282-1001\...\Policies\Explorer\DisallowRun: [1] ipmgui.exe
HKU\S-1-5-21-1205358742-1771774525-369522282-1001\...\Policies\Explorer\DisallowRun: [2] avnotify.exe
HKU\S-1-5-21-1205358742-1771774525-369522282-1001\...\Policies\Explorer: [DisallowRun] 1
AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hoo~1.dll => c:\Program Files\Agnitum\Outpost Firewall Pro\wl_hook64.dll [1126216 2014-02-24] (Agnitum Ltd.)
AppInit_DLLs-x32: c:\progra~1\agnitum\outpos~1\wl_hook.dll => c:\Program Files\Agnitum\Outpost Firewall Pro\wl_hook.dll [837304 2014-02-24] (Agnitum Ltd.)
Startup: C:\Users\Woei Shyang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\users\Woei Shyang\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Woei Shyang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\KeePass.exe - Shortcut.lnk
ShortcutTarget: KeePass.exe - Shortcut.lnk -> C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe (Dominik Reichl)
Startup: C:\Users\Woei Shyang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pageant - Shortcut.lnk
ShortcutTarget: pageant - Shortcut.lnk -> C:\Program Files (x86)\PuTTY\pageant.exe (Simon Tatham)
ShellIconOverlayIdentifiers: 1aCopyShExtError -> {83BEA36E-7680-4598-A4DF-994426F6E78D} => C:\users\Woei Shyang\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: 2aCopyShExtSynced -> {845B7388-6F85-4F32-9FD5-F02DC7882B89} => C:\users\Woei Shyang\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: 3aCopyShExtSyncing -> {F6378A7A-F753-449B-AE1B-997A96132E61} => C:\users\Woei Shyang\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: 4aCopyShExtSyncingProg1 -> {3A511828-777D-46F8-82F4-5B530C1B3D9E} => C:\users\Woei Shyang\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: 5aCopyShExtSyncingProg2 -> {C8C88204-5B14-40EC-BA72-8AEBC762047E} => C:\users\Woei Shyang\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: 6aCopyShExtSyncingProg3 -> {ACFF45C3-3EEB-4351-86C2-6696BA264239} => C:\users\Woei Shyang\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: 7aCopyShExtSyncingProg4 -> {29AF997F-488B-46F0-AE78-7146F1B89CC3} => C:\users\Woei Shyang\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: 8aCopyShExtSyncingProg5 -> {03F9AD29-1C78-4B66-8890-B177B5430C53} => C:\users\Woei Shyang\AppData\Roaming\Copy\overlay\CopyShExt.dll (Barracuda Networks, Inc.)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woei Shyang\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woei Shyang\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woei Shyang\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woei Shyang\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woei Shyang\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woei Shyang\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Woei Shyang\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://123.taobao.com/?wangwang/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.xin.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x301DC15F3A68CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-SG
BHO: 1Password -> {037C06D5-3893-49E8-9AC0-41F7524AFBF5} -> C:\Program Files (x86)\1Password 4\x64\Agile1pIE4.dll (AgileBits)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: 1Password -> {037C06D5-3893-49E8-9AC0-41F7524AFBF5} -> C:\Program Files (x86)\1Password 4\x86\Agile1pIE4.dll (AgileBits)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Woei Shyang\AppData\Roaming\Mozilla\Firefox\Profiles\uy7mx9xt.default
FF NetworkProxy: "socks", "localhost"
FF NetworkProxy: "socks_port", 1080
FF NetworkProxy: "socks_version", 4
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tencent.com/nptxftnWebKit,version=1.0.0.1 -> C:\Program Files (x86)\QQMailPlugin\nptxftnWebKit.dll (Tencent Technology (Shenzhen) Company Limited)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @alibaba.com/npAliSSOLogin;version=1.0 -> C:\Program Files (x86)\AliWangWang\8.00.34C\npAliSSOLogin.dll No File
FF Plugin HKCU: @alibaba.com/npwangwang;version=1.0 -> C:\Program Files (x86)\AliWangWang\8.00.34C\npwangwang.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Woei Shyang\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Woei Shyang\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Extension: Pocket - C:\Users\Woei Shyang\AppData\Roaming\Mozilla\Firefox\Profiles\uy7mx9xt.default\Extensions\[email protected] [2014-08-10]
FF Extension: KeeFox - C:\Users\Woei Shyang\AppData\Roaming\Mozilla\Firefox\Profiles\uy7mx9xt.default\Extensions\[email protected] [2014-06-27]
FF Extension: DownloadHelper - C:\Users\Woei Shyang\AppData\Roaming\Mozilla\Firefox\Profiles\uy7mx9xt.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-08-10]
FF Extension: HTML5 Notifications - C:\Users\Woei Shyang\AppData\Roaming\Mozilla\Firefox\Profiles\uy7mx9xt.default\Extensions\[email protected] [2014-08-10]
FF Extension: 1Password - C:\Users\Woei Shyang\AppData\Roaming\Mozilla\Firefox\Profiles\uy7mx9xt.default\Extensions\[email protected] [2014-08-10]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-06-19]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR DefaultSuggestURL: {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Extension: (Entanglement Web App) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2014-08-18]
CHR Extension: (Awesome Screenshot: Capture & Annotate) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2014-08-18]
CHR Extension: (Google Docs) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-18]
CHR Extension: (1Password: Password Manager and Secure Wallet) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\aomjjhallfgjeglblehebfpbcfeobpgk [2014-08-18]
CHR Extension: (Google Drive) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-05]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-19]
CHR Extension: (YouTube) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-05]
CHR Extension: (Firebug Lite for Google Chrome™) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmagokdooijbeehmkpknfglimnifench [2014-08-18]
CHR Extension: (Adblock Plus) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-18]
CHR Extension: (Google Search) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-05]
CHR Extension: (Tampermonkey) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-08-18]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-08-18]
CHR Extension: (Proxy SwitchySharp) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm [2014-08-18]
CHR Extension: (Autocomplete = on) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecpgkdflcnofdbbkiggklcfmgbnbabhh [2014-08-18]
CHR Extension: (Tab Wrangler) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\egnjhciaieeiiohknchakcodbpgjnchh [2014-08-18]
CHR Extension: (Gmail Offline) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2014-08-18]
CHR Extension: (HTTPS Everywhere) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2014-08-18]
CHR Extension: (The Camelizer - Amazon Price Tracker) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghnomdcacenbmilgjigehppbamfndblo [2014-08-18]
CHR Extension: (Save to Google Drive) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2014-08-18]
CHR Extension: (TweetDeck by Twitter) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2014-08-18]
CHR Extension: (Eye Dropper) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmdcmlfkchdmnmnmheododdhjedfccka [2014-08-18]
CHR Extension: (Bitly | Unleash the power of the link) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic [2014-08-18]
CHR Extension: (Kindle Cloud Reader) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2014-08-18]
CHR Extension: (Disconnect) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo [2014-08-18]
CHR Extension: (eBay Search Alert) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmgddmdmhifhklhbhconpaehgbkaphcd [2014-08-18]
CHR Extension: (Window Resizer) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\kkelicaakdanhinjdeammmilcgefonfh [2014-08-18]
CHR Extension: (Codenvy IDE) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\lefigjbiimiemfhjmibbgemkpenelmag [2014-08-18]
CHR Extension: (Ultimate User Agent Switcher, URL sniffer) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljfpjnehmoiabkefmnjegmpdddgcdnpo [2014-08-18]
CHR Extension: (Poppit!) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2014-08-18]
CHR Extension: (View Link in Google Cache) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbphmmfbemkijojeojbkecbgmpiamnlk [2014-08-18]
CHR Extension: (Save to Pocket) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2014-08-18]
CHR Extension: (Google Wallet) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-05]
CHR Extension: (imo free video calls and text) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocaebkdojpikfmhmnekiflipcicedobi [2014-08-18]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2014-08-18]
CHR Extension: (chromeIPass) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\ompiailgknfdndiefoaoiligalphfdae [2014-08-18]
CHR Extension: (Evernote Web Clipper) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2014-08-18]
CHR Extension: (Gmail) - C:\Users\Woei Shyang\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-05]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 acssrv; C:\Program Files\Agnitum\Outpost Firewall Pro\acs.exe [3402016 2014-02-24] (Agnitum Ltd.) [File not signed]
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [262320 2014-07-09] (Adobe Systems Incorporated) [File not signed]
R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [208896 2014-03-18] (Microsoft Corporation) [File not signed]
S3 ALG; C:\Windows\System32\alg.exe [92672 2013-08-22] (Microsoft Corporation) [File not signed]
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [239616 2014-06-10] (AMD) [File not signed]
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-08-04] (Avira Operations GmbH & Co. KG) [File not signed]
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-08-04] (Avira Operations GmbH & Co. KG) [File not signed]
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1021520 2014-08-04] (Avira Operations GmbH & Co. KG) [File not signed]
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [37888 2013-08-22] (Microsoft Corporation) [File not signed]
R3 Appinfo; C:\Windows\System32\appinfo.dll [109568 2014-03-18] (Microsoft Corporation) [File not signed]
R2 Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336 2014-02-12] (Apple Inc.) [File not signed]
S3 AppMgmt; C:\Windows\System32\appmgmts.dll [183296 2014-03-18] (Microsoft Corporation) [File not signed]
S3 AppMgmt; C:\Windows\SysWOW64\appmgmts.dll [151040 2014-03-18] (Microsoft Corporation) [File not signed]
S3 AppReadiness; C:\Windows\system32\AppReadiness.dll [530944 2014-03-18] (Microsoft Corporation) [File not signed]
S3 AppXSvc; C:\Windows\system32\appxdeploymentserver.dll [1306624 2014-03-08] (Microsoft Corporation) [File not signed]
R2 AudioEndpointBuilder; C:\Windows\System32\AudioEndpointBuilder.dll [201216 2014-06-19] (Microsoft Corporation) [File not signed]
R2 Audiosrv; C:\Windows\System32\Audiosrv.dll [834048 2014-06-19] (Microsoft Corporation) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [122448 2014-04-15] (Avira Operations GmbH & Co. KG) [File not signed]
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [109568 2014-03-18] (Microsoft Corporation) [File not signed]
S3 BDESVC; C:\Windows\System32\bdesvc.dll [339456 2014-07-02] (Microsoft Corporation) [File not signed]
R2 BFE; C:\Windows\System32\bfe.dll [827392 2014-07-02] (Microsoft Corporation) [File not signed]
R2 BITS; C:\Windows\System32\qmgr.dll [1017856 2013-08-22] (Microsoft Corporation) [File not signed]
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-30] (Apple Inc.) [File not signed]
R2 BrokerInfrastructure; C:\Windows\System32\bisrv.dll [269824 2014-03-18] (Microsoft Corporation) [File not signed]
R3 Browser; C:\Windows\System32\browser.dll [134144 2013-08-22] (Microsoft Corporation) [File not signed]
R3 bthserv; C:\Windows\system32\bthserv.dll [92160 2013-08-22] (Microsoft Corporation) [File not signed]
S3 CertPropSvc; C:\Windows\System32\certprop.dll [155136 2013-08-22] (Microsoft Corporation) [File not signed]
S3 COMSysApp; C:\Windows\system32\dllhost.exe [19296 2013-08-22] (Microsoft Corporation) [File not signed]
S3 COMSysApp; C:\Windows\SysWOW64\dllhost.exe [17760 2013-08-22] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [129536 2013-08-22] (Microsoft Corporation) [File not signed]
S3 CscService; C:\Windows\System32\cscsvc.dll [778240 2014-03-18] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [753664 2014-03-18] (Microsoft Corporation) [File not signed]
S3 defragsvc; C:\Windows\System32\defragsvc.dll [449536 2014-06-19] (Microsoft Corporation) [File not signed]
R2 DeviceAssociationService; C:\Windows\system32\das.dll [399872 2014-03-18] (Microsoft Corporation) [File not signed]
S3 DeviceInstall; C:\Windows\system32\umpnpmgr.dll [115200 2014-03-06] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [353280 2014-07-02] (Microsoft Corporation) [File not signed]
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [254464 2014-03-04] (Microsoft Corporation) [File not signed]
S3 dot3svc; C:\Windows\System32\dot3svc.dll [258560 2013-08-22] (Microsoft Corporation) [File not signed]
R2 DPS; C:\Windows\system32\dps.dll [170496 2013-08-22] (Microsoft Corporation) [File not signed]
S3 DsmSvc; C:\Windows\System32\DeviceSetupManager.dll [201728 2013-08-22] (Microsoft Corporation) [File not signed]
S3 Eaphost; C:\Windows\System32\eapsvc.dll [107008 2013-08-22] (Microsoft Corporation) [File not signed]
S3 EFS; C:\Windows\system32\efssvc.dll [40448 2013-08-22] (Microsoft Corporation) [File not signed]
R2 EventLog; C:\Windows\System32\wevtsvc.dll [1669632 2013-08-22] (Microsoft Corporation) [File not signed]
R2 EventSystem; C:\Windows\system32\es.dll [468992 2013-08-22] (Microsoft Corporation) [File not signed]
S3 Fax; C:\Windows\system32\fxssvc.exe [655360 2013-08-22] (Microsoft Corporation) [File not signed]
R3 fdPHost; C:\Windows\system32\fdPHost.dll [21504 2013-08-22] (Microsoft Corporation) [File not signed]
R3 FDResPub; C:\Windows\system32\fdrespub.dll [33280 2013-08-22] (Microsoft Corporation) [File not signed]
S3 fhsvc; C:\Windows\system32\fhsvc.dll [118272 2013-08-22] (Microsoft Corporation) [File not signed]
R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-13] (Brio) [File not signed]
R2 FontCache; C:\Windows\system32\FntCache.dll [1345536 2014-06-19] (Microsoft Corporation) [File not signed]
S3 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [43696 2013-08-03] (Microsoft Corporation) [File not signed]
S2 gpsvc; C:\Windows\System32\gpsvc.dll [1308160 2014-06-19] (Microsoft Corporation) [File not signed]
S2 gupdate; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2014-05-05] (Google Inc.) [File not signed]
S3 gupdatem; C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2014-05-05] (Google Inc.) [File not signed]
R3 hidserv; C:\Windows\system32\hidserv.dll [32256 2013-08-22] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [97792 2013-08-22] (Microsoft Corporation) [File not signed]
R3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [261632 2013-08-22] (Microsoft Corporation) [File not signed]
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [405504 2014-03-18] (Microsoft Corporation) [File not signed]
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [111616 2014-06-19] (Microsoft Corporation) [File not signed]
R2 IKEEXT; C:\Windows\System32\ikeext.dll [1063424 2014-07-02] (Microsoft Corporation) [File not signed]
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [903168 2014-03-18] (Microsoft Corporation) [File not signed]
R3 iPod Service; C:\Program Files\iPod\bin\iPodService.exe [641352 2014-05-26] (Apple Inc.) [File not signed]
R3 KeyIso; C:\Windows\system32\keyiso.dll [59392 2013-08-22] (Microsoft Corporation) [File not signed]
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [357888 2013-08-22] (Microsoft Corporation) [File not signed]
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [323072 2014-06-19] (Microsoft Corporation) [File not signed]
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [284160 2013-08-22] (Microsoft Corporation) [File not signed]
S3 LBTServ; C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe [357144 2014-03-25] (Logitech, Inc.) [File not signed]
S3 lfsvc; C:\Windows\System32\GeofenceMonitorService.dll [491520 2014-06-19] (Microsoft Corporation) [File not signed]
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [269824 2013-08-22] (Microsoft Corporation) [File not signed]
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [24576 2013-08-22] (Microsoft Corporation) [File not signed]
R2 LSM; C:\Windows\System32\lsm.dll [710656 2014-03-18] (Microsoft Corporation) [File not signed]
R2 MMCSS; C:\Windows\system32\mmcss.dll [70656 2013-08-22] (Microsoft Corporation) [File not signed]
S3 MozillaMaintenance; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [119408 2014-08-01] (Mozilla Foundation) [File not signed]
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [878080 2013-08-22] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\Windows\System32\msdtc.exe [142848 2013-08-22] (Microsoft Corporation) [File not signed]
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [150528 2013-08-22] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\System32\msiexec.exe [62464 2013-08-22] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [55808 2013-08-22] (Microsoft Corporation) [File not signed]
S4 MsKeyboardFilter; C:\Windows\System32\KeyboardFilterSvc.dll [90464 2014-03-18] (Microsoft Corporation) [File not signed]
S3 napagent; C:\Windows\system32\qagentRT.dll [435200 2013-08-22] (Microsoft Corporation) [File not signed]
S3 NcaSvc; C:\Windows\System32\ncasvc.dll [164352 2013-08-22] (Microsoft Corporation) [File not signed]
R3 NcbService; C:\Windows\System32\ncbservice.dll [151040 2013-08-22] (Microsoft Corporation) [File not signed]
R3 NcdAutoSetup; C:\Windows\System32\NcdAutoSetup.dll [73728 2013-08-22] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\Windows\system32\netlogon.dll [834560 2014-03-06] (Microsoft Corporation) [File not signed]
S3 Netman; C:\Windows\System32\netman.dll [254976 2013-08-22] (Microsoft Corporation) [File not signed]
R3 netprofm; C:\Windows\System32\netprofmsvc.dll [525312 2013-08-22] (Microsoft Corporation) [File not signed]
S4 NetTcpPortSharing; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [139856 2013-08-10] (Microsoft Corporation) [File not signed]
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [387584 2013-08-22] (Microsoft Corporation) [File not signed]
R2 nsi; C:\Windows\system32\nsisvc.dll [29184 2013-08-22] (Microsoft Corporation) [File not signed]
S3 ose; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [150600 2014-01-23] (Microsoft Corporation) [File not signed]
R3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [376320 2014-03-18] (Microsoft Corporation) [File not signed]
R3 p2psvc; C:\Windows\system32\p2psvc.dll [433664 2013-08-22] (Microsoft Corporation) [File not signed]
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [471552 2014-03-18] (Microsoft Corporation) [File not signed]
S3 PeerDistSvc; C:\Windows\system32\peerdistsvc.dll [2176000 2014-03-18] (Microsoft Corporation) [File not signed]
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [21504 2013-08-22] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\system32\pla.dll [1443840 2013-08-22] (Microsoft Corporation) [File not signed]
R3 PlugPlay; C:\Windows\system32\umpnpmgr.dll [115200 2014-03-06] (Microsoft Corporation) [File not signed]
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25600 2013-08-22] (Microsoft Corporation) [File not signed]
R3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [376320 2014-03-18] (Microsoft Corporation) [File not signed]
R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [403456 2013-08-22] (Microsoft Corporation) [File not signed]
R2 Power; C:\Windows\system32\umpo.dll [79360 2013-08-22] (Microsoft Corporation) [File not signed]
S3 PrintNotify; C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll [2899968 2013-08-22] (Microsoft Corporation) [File not signed]
R2 ProfSvc; C:\Windows\system32\profsvc.dll [220160 2014-03-04] (Microsoft Corporation) [File not signed]
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc) [File not signed]
S3 QWAVE; C:\Windows\system32\qwave.dll [297472 2013-08-22] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\Windows\System32\rasauto.dll [101376 2013-08-22] (Microsoft Corporation) [File not signed]
S3 RasMan; C:\Windows\System32\rasmans.dll [534528 2014-03-18] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [223744 2013-08-22] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [177664 2013-08-22] (Microsoft Corporation) [File not signed]
S4 RemoteRegistry; C:\Windows\system32\regsvc.dll [164864 2013-08-22] (Microsoft Corporation) [File not signed]
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [79872 2013-08-22] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2013-08-22] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\Windows\system32\rpcss.dll [753664 2014-03-18] (Microsoft Corporation) [File not signed]
R2 SamSs; C:\Windows\system32\lsass.exe [45008 2013-08-22] (Microsoft Corporation) [File not signed]
S4 SCardSvr; C:\Windows\System32\SCardSvr.dll [188416 2013-08-22] (Microsoft Corporation) [File not signed]
S3 ScDeviceEnum; C:\Windows\System32\ScDeviceEnum.dll [130560 2013-08-22] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\Windows\system32\schedsvc.dll [1214976 2014-03-18] (Microsoft Corporation) [File not signed]
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [155136 2013-08-22] (Microsoft Corporation) [File not signed]
S3 seclogon; C:\Windows\system32\seclogon.dll [30720 2013-08-22] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\System32\sens.dll [71680 2013-08-22] (Microsoft Corporation) [File not signed]
R3 SensrSvc; C:\Windows\system32\sensrsvc.dll [220672 2014-03-18] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\system32\sessenv.dll [324096 2014-03-06] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [280576 2014-03-06] (Microsoft Corporation) [File not signed]
S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [433664 2014-03-18] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [629760 2013-08-22] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [564736 2013-08-22] (Microsoft Corporation) [File not signed]
S3 smphost; C:\Windows\System32\smphost.dll [13312 2013-08-22] (Microsoft Corporation) [File not signed]
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14848 2013-08-22] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\Windows\System32\spoolsv.exe [798208 2013-08-22] (Microsoft Corporation) [File not signed]
S2 sppsvc; C:\Windows\system32\sppsvc.exe [6353960 2014-03-18] (Microsoft Corporation) [File not signed]
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [239616 2013-08-22] (Microsoft Corporation) [File not signed]
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [144384 2013-08-22] (Microsoft Corporation) [File not signed]
R3 Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [833728 2014-08-14] (Valve Corporation) [File not signed]
R2 stisvc; C:\Windows\System32\wiaservc.dll [634368 2013-08-22] (Microsoft Corporation) [File not signed]
S3 StorSvc; C:\Windows\system32\storsvc.dll [19968 2013-08-22] (Microsoft Corporation) [File not signed]
S3 svsvc; C:\Windows\system32\svsvc.dll [13312 2013-08-22] (Microsoft Corporation) [File not signed]
S3 swprv; C:\Windows\System32\swprv.dll [718336 2014-06-19] (Microsoft Corporation) [File not signed]
R2 SysMain; C:\Windows\system32\sysmain.dll [1192448 2014-03-18] (Microsoft Corporation) [File not signed]
R2 SystemEventsBroker; C:\Windows\System32\SystemEventsBrokerServer.dll [282112 2014-03-18] (Microsoft Corporation) [File not signed]
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [147456 2013-08-22] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [306688 2013-08-22] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [248320 2013-08-22] (Microsoft Corporation) [File not signed]
S3 TermService; C:\Windows\System32\termsrv.dll [1018880 2014-07-09] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [50688 2013-08-22] (Microsoft Corporation) [File not signed]
S3 THREADORDER; C:\Windows\system32\mmcss.dll [70656 2013-08-22] (Microsoft Corporation) [File not signed]
R3 TimeBroker; C:\Windows\System32\TimeBrokerServer.dll [245760 2013-08-22] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\Windows\System32\trkwks.dll [122368 2013-08-22] (Microsoft Corporation) [File not signed]
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [99840 2014-03-18] (Microsoft Corporation) [File not signed]
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2013-08-22] (Microsoft Corporation) [File not signed]
S3 UmRdpService; C:\Windows\System32\umrdp.dll [289280 2014-03-18] (Microsoft Corporation) [File not signed]
R3 upnphost; C:\Windows\System32\upnphost.dll [436224 2013-08-22] (Microsoft Corporation) [File not signed]
R3 VaultSvc; C:\Windows\System32\vaultsvc.dll [248832 2013-08-22] (Microsoft Corporation) [File not signed]
S3 vds; C:\Windows\System32\vds.exe [1283584 2014-03-18] (Microsoft Corporation) [File not signed]
R2 VMAuthdService; C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe [86744 2014-04-14] (VMware, Inc.) [File not signed]
S3 vmicguestinterface; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation) [File not signed]
S3 vmicheartbeat; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation) [File not signed]
S3 vmickvpexchange; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation) [File not signed]
S3 vmicrdv; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation) [File not signed]
S3 vmicshutdown; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation) [File not signed]
S3 vmictimesync; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation) [File not signed]
S3 vmicvss; C:\Windows\System32\ICSvc.dll [517120 2013-08-22] (Microsoft Corporation) [File not signed]
R2 VMnetDHCP; C:\Windows\SysWOW64\vmnetdhcp.exe [359128 2014-04-14] (VMware, Inc.) [File not signed]
R2 VMUSBArbService; C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe [906432 2014-02-27] (VMware, Inc.) [File not signed]
R2 VMware NAT Service; C:\Windows\SysWOW64\vmnat.exe [437976 2014-04-14] (VMware, Inc.) [File not signed]
S4 VMwareHostd; C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe [14407384 2014-04-14] () [File not signed]
S3 VSS; C:\Windows\system32\vssvc.exe [1436160 2014-06-19] (Microsoft Corporation) [File not signed]
S3 W32Time; C:\Windows\system32\w32time.dll [404480 2013-08-22] (Microsoft Corporation) [File not signed]
S3 wbengine; C:\Windows\system32\wbengine.exe [1543680 2014-03-18] (Microsoft Corporation) [File not signed]
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [453632 2014-03-18] (Microsoft Corporation) [File not signed]
R2 Wcmsvc; C:\Windows\System32\wcmsvc.dll [366080 2014-03-18] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [459776 2014-03-18] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [41984 2013-08-22] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [91136 2013-08-22] (Microsoft Corporation) [File not signed]
S3 WdiSystemHost; C:\Windows\system32\wdi.dll [91136 2013-08-22] (Microsoft Corporation) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-05-15] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\System32\webclnt.dll [226816 2014-07-02] (Microsoft Corporation) [File not signed]
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [215040 2013-08-22] (Microsoft Corporation) [File not signed]
S3 WEPHOSTSVC; C:\Windows\system32\wephostsvc.dll [24576 2013-08-22] (Microsoft Corporation) [File not signed]
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [81408 2014-03-18] (Microsoft Corporation) [File not signed]
R3 WerSvc; C:\Windows\System32\WerSvc.dll [107008 2014-03-18] (Microsoft Corporation) [File not signed]
S3 WiaRpc; C:\Windows\System32\wiarpc.dll [66048 2013-08-22] (Microsoft Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-05-15] (Microsoft Corporation) [File not signed]
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [786432 2013-08-22] (Microsoft Corporation) [File not signed]
R2 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [220672 2013-08-22] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2479616 2014-03-06] (Microsoft Corporation) [File not signed]
S3 WlanSvc; C:\Windows\System32\wlansvc.dll [1527296 2014-06-19] (Microsoft Corporation) [File not signed]
R3 wlidsvc; C:\Windows\system32\wlidsvc.dll [1576960 2014-03-18] (Microsoft Corporation) [File not signed]
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [195072 2013-08-22] (Microsoft Corporation) [File not signed]
R2 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1403392 2014-03-18] (Microsoft Corporation) [File not signed]
S3 workfolderssvc; C:\Windows\system32\workfolderssvc.dll [1584128 2014-06-19] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2013-08-22] (Microsoft Corporation) [File not signed]
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [84480 2013-08-22] (Microsoft Corporation) [File not signed]
R2 wscsvc; C:\Windows\System32\wscsvc.dll [135168 2014-06-19] (Microsoft Corporation) [File not signed]
R2 WSearch; C:\Windows\system32\SearchIndexer.exe [845824 2014-03-18] (Microsoft Corporation) [File not signed]
R2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [658432 2014-03-18] (Microsoft Corporation) [File not signed]
S3 WSService; C:\Windows\System32\WSService.dll [3394384 2014-03-18] (Microsoft Corporation) [File not signed]
S3 wuauserv; C:\Windows\system32\wuaueng.dll [3463680 2014-07-09] (Microsoft Corporation) [File not signed]
R3 wudfsvc; C:\Windows\System32\WUDFSvc.dll [100352 2013-08-22] (Microsoft Corporation) [File not signed]
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [510464 2013-08-22] (Microsoft Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 1394ohci; C:\Windows\System32\drivers\1394ohci.sys [231424 2013-08-22] (Microsoft Corporation) [File not signed]
S0 3ware; C:\Windows\System32\drivers\3ware.sys [108896 2013-08-22] (LSI) [File not signed]
R0 ACPI; C:\Windows\System32\drivers\ACPI.sys [539992 2014-03-18] (Microsoft Corporation) [File not signed]
R0 acpiex; C:\Windows\System32\Drivers\acpiex.sys [79712 2013-08-22] (Microsoft Corporation) [File not signed]
S3 acpipagr; C:\Windows\System32\drivers\acpipagr.sys [10240 2013-08-22] (Microsoft Corporation) [File not signed]
S3 AcpiPmi; C:\Windows\System32\drivers\acpipmi.sys [12288 2013-08-22] (Microsoft Corporation) [File not signed]
S3 acpitime; C:\Windows\System32\drivers\acpitime.sys [10752 2013-08-22] (Microsoft Corporation) [File not signed]
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra) [File not signed]
R1 AFD; C:\Windows\system32\drivers\afd.sys [563200 2014-07-09] (Microsoft Corporation) [File not signed]
R1 afw; C:\Windows\system32\DRIVERS\afw.sys [40544 2012-10-16] (Agnitum Ltd.) [File not signed]
R3 afwcore; C:\Windows\System32\drivers\afwcore.sys [470224 2014-02-04] (Agnitum Ltd.) [File not signed]
S0 agp440; C:\Windows\System32\drivers\agp440.sys [62304 2013-08-22] (Microsoft Corporation) [File not signed]
R1 ahcache; C:\Windows\System32\DRIVERS\ahcache.sys [76800 2013-08-22] (Microsoft Corporation) [File not signed]
S3 AmdK8; C:\Windows\System32\drivers\amdk8.sys [95744 2013-08-22] (Microsoft Corporation) [File not signed]
R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [13209088 2014-06-10] (Advanced Micro Devices, Inc.) [File not signed]
R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [626688 2014-06-10] (Advanced Micro Devices, Inc.) [File not signed]
S3 AmdPPM; C:\Windows\System32\drivers\amdppm.sys [98816 2013-08-22] (Microsoft Corporation) [File not signed]
S0 amdsata; C:\Windows\System32\drivers\amdsata.sys [79200 2013-08-22] (Advanced Micro Devices) [File not signed]
S0 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [259424 2013-08-22] (AMD Technologies Inc.) [File not signed]
S0 amdxata; C:\Windows\System32\drivers\amdxata.sys [25952 2013-08-22] (Advanced Micro Devices) [File not signed]
S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2012-07-03] (Google Inc) [File not signed]
S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.) [File not signed]
S3 AndNetDiag2; C:\Windows\system32\DRIVERS\lgandnetdiag264.sys [29184 2012-07-03] (LG Electronics Inc.) [File not signed]
S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.) [File not signed]
S3 AppID; C:\Windows\system32\drivers\appid.sys [83456 2014-03-18] (Microsoft Corporation) [File not signed]
S0 arcsas; C:\Windows\System32\drivers\arcsas.sys [114016 2013-08-22] (PMC-Sierra, Inc.) [File not signed]
R0 atapi; C:\Windows\System32\drivers\atapi.sys [26464 2013-08-22] (Microsoft Corporation) [File not signed]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-06-24] (Avira Operations GmbH & Co. KG) [File not signed]
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [130584 2014-06-08] (Avira Operations GmbH & Co. KG) [File not signed]
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG) [File not signed]
S0 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [531296 2013-08-22] (Broadcom Corporation) [File not signed]
R1 BasicDisplay; C:\Windows\System32\drivers\BasicDisplay.sys [50688 2013-08-22] (Microsoft Corporation) [File not signed]
R1 BasicRender; C:\Windows\System32\drivers\BasicRender.sys [33280 2014-03-18] (Microsoft Corporation) [File not signed]
U5 BattC; C:\Windows\System32\Drivers\BattC.sys [35168 2013-08-22] (Microsoft Corporation) [File not signed]
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows ® Win 7 DDK provider) [File not signed]
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [7680 2013-08-22] (Microsoft Corporation) [File not signed]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [102912 2013-08-22] (Microsoft Corporation) [File not signed]
S3 BthAvrcpTg; C:\Windows\System32\drivers\BthAvrcpTg.sys [36992 2013-08-22] (Microsoft Corporation) [File not signed]
R3 BthEnum; C:\Windows\System32\drivers\BthEnum.sys [53248 2013-08-22] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [57856 2013-08-22] (Microsoft Corporation) [File not signed]
S3 bthhfhid; C:\Windows\System32\drivers\BthHFHid.sys [30720 2013-08-22] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [64000 2014-03-18] (Microsoft Corporation) [File not signed]
R3 BthPan; C:\Windows\system32\DRIVERS\bthpan.sys [118272 2013-08-22] (Microsoft Corporation) [File not signed]
S3 BTHPORT; C:\Windows\System32\Drivers\BTHport.sys [1200128 2014-06-19] (Microsoft Corporation) [File not signed]
R3 BTHUSB; C:\Windows\System32\Drivers\BTHUSB.sys [81920 2014-03-18] (Microsoft Corporation) [File not signed]
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [88576 2013-08-22] (Microsoft Corporation) [File not signed]
S1 cdrom; C:\Windows\System32\drivers\cdrom.sys [164352 2013-08-22] (Microsoft Corporation) [File not signed]
S3 circlass; C:\Windows\System32\drivers\circlass.sys [44032 2013-08-22] (Microsoft Corporation) [File not signed]
R0 CLFS; C:\Windows\System32\drivers\CLFS.sys [376152 2014-03-20] (Microsoft Corporation) [File not signed]
S3 CmBatt; C:\Windows\System32\drivers\CmBatt.sys [25472 2013-08-22] (Microsoft Corporation) [File not signed]
R3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2013-12-11] (C-Media Inc) [File not signed]
R0 CNG; C:\Windows\System32\Drivers\cng.sys [565576 2014-07-09] (Microsoft Corporation) [File not signed]
R3 CompositeBus; C:\Windows\System32\drivers\CompositeBus.sys [36352 2013-08-22] (Microsoft Corporation) [File not signed]
R3 condrv; C:\Windows\System32\drivers\condrv.sys [43008 2013-08-22] (Microsoft Corporation) [File not signed]
R1 CSC; C:\Windows\System32\drivers\csc.sys [559616 2014-03-18] (Microsoft Corporation) [File not signed]
S1 dam; C:\Windows\System32\drivers\dam.sys [57696 2013-08-22] (Microsoft Corporation) [File not signed]
R1 Dfsc; C:\Windows\System32\Drivers\dfsc.sys [134144 2014-03-06] (Microsoft Corporation) [File not signed]
R0 disk; C:\Windows\System32\drivers\disk.sys [100192 2013-08-22] (Microsoft Corporation) [File not signed]
S3 dmvsc; C:\Windows\System32\drivers\dmvsc.sys [29696 2013-08-22] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\Windows\system32\drivers\drmkaud.sys [14560 2013-08-22] (Microsoft Corporation) [File not signed]
R3 DXGKrnl; C:\Windows\System32\drivers\dxgkrnl.sys [1557848 2014-03-06] (Microsoft Corporation) [File not signed]
R3 e1iexpress; C:\Windows\system32\DRIVERS\e1i63x64.sys [460288 2013-06-18] (Intel Corporation) [File not signed]
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) [File not signed]
S0 EhStorClass; C:\Windows\System32\drivers\EhStorClass.sys [82784 2013-08-22] (Microsoft Corporation) [File not signed]
S0 EhStorTcgDrv; C:\Windows\System32\drivers\EhStorTcgDrv.sys [114016 2013-08-22] (Microsoft Corporation) [File not signed]
S3 ErrDev; C:\Windows\System32\drivers\errdev.sys [10240 2013-08-22] (Microsoft Corporation) [File not signed]
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [200704 2013-08-22] (Microsoft Corporation) [File not signed]
S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [217952 2013-08-22] (Microsoft Corporation) [File not signed]
S3 fdc; C:\Windows\System32\drivers\fdc.sys [30720 2013-08-22] (Microsoft Corporation) [File not signed]
R0 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [79192 2014-03-18] (Microsoft Corporation) [File not signed]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34816 2013-08-22] (Microsoft Corporation) [File not signed]
S3 flpydisk; C:\Windows\System32\drivers\flpydisk.sys [25088 2013-08-22] (Microsoft Corporation) [File not signed]
R0 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [360792 2014-06-19] (Microsoft Corporation) [File not signed]
S3 FsDepends; C:\Windows\System32\drivers\FsDepends.sys [56672 2013-08-22] (Microsoft Corporation) [File not signed]
U0 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [30048 2013-08-22] (Microsoft Corporation) [File not signed]
R0 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [589656 2014-06-19] (Microsoft Corporation) [File not signed]
S3 FxPPM; C:\Windows\System32\drivers\fxppm.sys [27136 2013-08-22] (Microsoft Corporation) [File not signed]
S0 gagp30kx; C:\Windows\System32\drivers\gagp30kx.sys [65888 2013-08-22] (Microsoft Corporation) [File not signed]
S3 GEARAspiWDM; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.) [File not signed]
S3 gencounter; C:\Windows\System32\drivers\vmgencounter.sys [11264 2013-08-22] (Microsoft Corporation) [File not signed]
S3 GPIOClx0101; C:\Windows\System32\Drivers\msgpioclx.sys [146776 2014-03-18] (Microsoft Corporation) [File not signed]
R2 hcmon; C:\Windows\system32\drivers\hcmon.sys [54464 2014-02-27] (VMware, Inc.) [File not signed]
R3 HdAudAddService; C:\Windows\system32\drivers\HdAudio.sys [395776 2013-08-22] (Microsoft Corporation) [File not signed]
R3 HDAudBus; C:\Windows\System32\drivers\HDAudBus.sys [77312 2014-06-19] (Microsoft Corporation) [File not signed]
S3 HidBatt; C:\Windows\System32\drivers\HidBatt.sys [26624 2013-08-22] (Microsoft Corporation) [File not signed]
S3 HidBth; C:\Windows\System32\drivers\hidbth.sys [96768 2013-08-22] (Microsoft Corporation) [File not signed]
S3 hidi2c; C:\Windows\System32\drivers\hidi2c.sys [41472 2013-08-22] (Microsoft Corporation) [File not signed]
S3 HidIr; C:\Windows\System32\drivers\hidir.sys [45568 2013-08-22] (Microsoft Corporation) [File not signed]
R3 HidUsb; C:\Windows\System32\drivers\hidusb.sys [33280 2014-03-06] (Microsoft Corporation) [File not signed]
S0 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [64352 2013-08-22] (Hewlett-Packard Company) [File not signed]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [994136 2014-03-18] (Microsoft Corporation) [File not signed]
S0 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [24416 2013-08-22] (Microsoft Corporation) [File not signed]
S3 hyperkbd; C:\Windows\System32\drivers\hyperkbd.sys [13824 2013-08-22] (Microsoft Corporation) [File not signed]
S3 HyperVideo; C:\Windows\system32\DRIVERS\HyperVideo.sys [22016 2013-08-22] (Microsoft Corporation) [File not signed]
S3 i8042prt; C:\Windows\System32\drivers\i8042prt.sys [107520 2013-08-22] (Microsoft Corporation) [File not signed]
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-31] (Intel Corporation) [File not signed]
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-26] (Intel Corporation) [File not signed]
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation) [File not signed]
S0 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [412000 2013-08-22] (Intel Corporation) [File not signed]
S0 intelide; C:\Windows\System32\drivers\intelide.sys [18272 2013-08-22] (Microsoft Corporation) [File not signed]
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-03-18] (Microsoft Corporation) [File not signed]
R3 intelppm; C:\Windows\System32\drivers\intelppm.sys [98816 2013-08-22] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [84992 2013-08-22] (Microsoft Corporation) [File not signed]
S3 IPMIDRV; C:\Windows\System32\drivers\IPMIDrv.sys [79360 2014-03-06] (Microsoft Corporation) [File not signed]
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [142848 2014-03-18] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2013-08-22] (Microsoft Corporation) [File not signed]
S0 isapnp; C:\Windows\System32\drivers\isapnp.sys [21856 2013-08-22] (Microsoft Corporation) [File not signed]
S3 iScsiPrt; C:\Windows\System32\drivers\msiscsi.sys [275800 2014-06-19] (Microsoft Corporation) [File not signed]
R3 kbdclass; C:\Windows\System32\drivers\kbdclass.sys [58208 2013-08-22] (Microsoft Corporation) [File not signed]
R3 kbdhid; C:\Windows\System32\drivers\kbdhid.sys [32256 2013-08-22] (Microsoft Corporation) [File not signed]
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2014-03-18] (Microsoft Corporation) [File not signed]
R3 kdnic; C:\Windows\system32\DRIVERS\kdnic.sys [19456 2013-08-22] (Microsoft Corporation) [File not signed]
R0 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [101208 2014-03-18] (Microsoft Corporation) [File not signed]
R0 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [180056 2014-03-09] (Microsoft Corporation) [File not signed]
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [21248 2013-08-22] (Microsoft Corporation) [File not signed]
R3 LEqdUsb; C:\Windows\system32\DRIVERS\LEqdUsb.Sys [77592 2014-03-19] (Logitech, Inc.) [File not signed]
R3 LHidEqd; C:\Windows\system32\DRIVERS\LHidEqd.Sys [13080 2014-03-19] (Logitech, Inc.) [File not signed]
R3 LHidFilt; C:\Windows\system32\DRIVERS\LHidFilt.Sys [76568 2014-03-19] (Logitech, Inc.) [File not signed]
R2 lltdio; C:\Windows\system32\DRIVERS\lltdio.sys [59392 2013-08-22] (Microsoft Corporation) [File not signed]
R3 LMouFilt; C:\Windows\system32\DRIVERS\LMouFilt.Sys [59160 2014-03-19] (Logitech, Inc.) [File not signed]
S0 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [109408 2013-08-22] (LSI Corporation) [File not signed]
S0 LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys [93536 2013-08-22] (LSI Corporation) [File not signed]
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation) [File not signed]
S0 LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [82784 2013-08-22] (LSI Corporation) [File not signed]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [124416 2014-03-18] (Microsoft Corporation) [File not signed]
S0 megasas; C:\Windows\System32\drivers\megasas.sys [56672 2013-08-22] (LSI Corporation) [File not signed]
S0 megasr; C:\Windows\System32\drivers\megasr.sys [575840 2013-08-22] (LSI Corporation, Inc.) [File not signed]
S3 Modem; C:\Windows\System32\drivers\modem.sys [40960 2013-08-22] (Microsoft Corporation) [File not signed]
R3 monitor; C:\Windows\System32\drivers\monitor.sys [30208 2013-08-22] (Microsoft Corporation) [File not signed]
R3 mouclass; C:\Windows\System32\drivers\mouclass.sys [51040 2013-08-22] (Microsoft Corporation) [File not signed]
R3 mouhid; C:\Windows\System32\drivers\mouhid.sys [30208 2013-08-22] (Microsoft Corporation) [File not signed]
R0 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [101728 2013-08-22] (Microsoft Corporation) [File not signed]
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [74240 2013-08-22] (Microsoft Corporation) [File not signed]
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140288 2014-03-06] (Microsoft Corporation) [File not signed]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [402432 2014-07-02] (Microsoft Corporation) [File not signed]
R2 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [283648 2014-03-06] (Microsoft Corporation) [File not signed]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [206848 2014-07-02] (Microsoft Corporation) [File not signed]
S3 MsBridge; C:\Windows\system32\DRIVERS\bridge.sys [115712 2013-08-22] (Microsoft Corporation) [File not signed]
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [30208 2013-08-22] (Microsoft Corporation) [File not signed]
S3 msgpiowin32; C:\Windows\System32\drivers\msgpiowin32.sys [41824 2013-08-22] (Microsoft Corporation) [File not signed]
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2013-08-22] (Microsoft Corporation) [File not signed]
S3 mshidumdf; C:\Windows\System32\drivers\mshidumdf.sys [9728 2013-08-22] (Microsoft Corporation) [File not signed]
R0 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [17248 2013-08-22] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\Windows\system32\drivers\MSKSSRV.sys [10624 2013-08-22] (Microsoft Corporation) [File not signed]
R3 MsLldp; C:\Windows\system32\DRIVERS\mslldp.sys [66560 2013-08-22] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\Windows\system32\drivers\MSPCLOCK.sys [7040 2013-08-22] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\Windows\system32\drivers\MSPQM.sys [6784 2013-08-22] (Microsoft Corporation) [File not signed]
S3 MsRPC; C:\Windows\System32\Drivers\MsRPC.sys [366432 2013-08-22] (Microsoft Corporation) [File not signed]
R1 mssmbios; C:\Windows\System32\drivers\mssmbios.sys [37728 2013-08-22] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\Windows\system32\drivers\MSTEE.sys [7936 2013-08-22] (Microsoft Corporation) [File not signed]
S3 MTConfig; C:\Windows\System32\drivers\MTConfig.sys [13312 2013-08-22] (Microsoft Corporation) [File not signed]
R0 Mup; C:\Windows\System32\Drivers\mup.sys [78688 2013-08-22] (Microsoft Corporation) [File not signed]
S0 mvumis; C:\Windows\System32\drivers\mvumis.sys [63840 2013-08-22] (Marvell Semiconductor, Inc.) [File not signed]
S3 NativeWifiP; C:\Windows\system32\DRIVERS\nwifi.sys [443904 2014-06-19] (Microsoft Corporation) [File not signed]
R0 NDIS; C:\Windows\System32\drivers\ndis.sys [1118552 2014-03-18] (Microsoft Corporation) [File not signed]
S3 NdisCap; C:\Windows\system32\DRIVERS\ndiscap.sys [43008 2013-08-22] (Microsoft Corporation) [File not signed]
S3 NdisImPlatform; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [124928 2013-08-22] (Microsoft Corporation) [File not signed]
S3 NdisTapi; C:\Windows\system32\DRIVERS\ndistapi.sys [24576 2013-08-22] (Microsoft Corporation) [File not signed]
S3 Ndisuio; C:\Windows\system32\DRIVERS\ndisuio.sys [60416 2013-08-22] (Microsoft Corporation) [File not signed]
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation) [File not signed]
S3 NdisWan; C:\Windows\system32\DRIVERS\ndiswan.sys [220672 2013-08-22] (Microsoft Corporation) [File not signed]
S3 NdisWanLegacy; C:\Windows\system32\DRIVERS\ndiswan.sys [220672 2013-08-22] (Microsoft Corporation) [File not signed]
S3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [72192 2013-08-22] (Microsoft Corporation) [File not signed]
R2 Ndu; C:\Windows\System32\drivers\Ndu.sys [103424 2013-08-22] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [48128 2013-08-22] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [282624 2013-08-22] (Microsoft Corporation) [File not signed]
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation) [File not signed]
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [58880 2013-08-22] (Microsoft Corporation) [File not signed]
R1 npsvctrig; C:\Windows\System32\drivers\npsvctrig.sys [23040 2013-08-22] (Microsoft Corporation) [File not signed]
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [39936 2013-08-22] (Microsoft Corporation) [File not signed]
R3 Ntfs; C:\Windows\System32\Drivers\Ntfs.sys [2013016 2014-03-20] (Microsoft Corporation) [File not signed]
R1 Null; C:\Windows\System32\Drivers\Null.sys [5632 2013-08-22] (Microsoft Corporation) [File not signed]
S0 nvraid; C:\Windows\System32\drivers\nvraid.sys [150368 2013-08-22] (NVIDIA Corporation) [File not signed]
S0 nvstor; C:\Windows\System32\drivers\nvstor.sys [168288 2013-08-22] (NVIDIA Corporation) [File not signed]
S0 nv_agp; C:\Windows\System32\drivers\nv_agp.sys [124768 2013-08-22] (Microsoft Corporation) [File not signed]
S3 Parport; C:\Windows\System32\drivers\parport.sys [94208 2013-08-22] (Microsoft Corporation) [File not signed]
R0 partmgr; C:\Windows\System32\drivers\partmgr.sys [88928 2013-08-22] (Microsoft Corporation) [File not signed]
R0 pci; C:\Windows\System32\drivers\pci.sys [280920 2014-03-18] (Microsoft Corporation) [File not signed]
R0 pciide; C:\Windows\System32\drivers\pciide.sys [14688 2013-08-22] (Microsoft Corporation) [File not signed]
S0 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [114528 2013-08-22] (Microsoft Corporation) [File not signed]
R0 pcw; C:\Windows\System32\drivers\pcw.sys [50016 2013-08-22] (Microsoft Corporation) [File not signed]
R0 pdc; C:\Windows\System32\drivers\pdc.sys [86872 2014-03-18] (Microsoft Corporation) [File not signed]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [663040 2014-03-18] (Microsoft Corporation) [File not signed]
S3 Processor; C:\Windows\System32\drivers\processr.sys [92160 2013-08-22] (Microsoft Corporation) [File not signed]
R1 Psched; C:\Windows\system32\DRIVERS\pacer.sys [151552 2013-08-22] (Microsoft Corporation) [File not signed]
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] () [File not signed]
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] () [File not signed]
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [47104 2013-08-22] (Microsoft Corporation) [File not signed]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [17408 2013-08-22] (Microsoft Corporation) [File not signed]
S3 RasPppoe; C:\Windows\system32\DRIVERS\raspppoe.sys [84992 2013-08-22] (Microsoft Corporation) [File not signed]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [408576 2014-03-18] (Microsoft Corporation) [File not signed]
R3 rdpbus; C:\Windows\System32\drivers\rdpbus.sys [22528 2013-08-22] (Microsoft Corporation) [File not signed]
S3 RDPDR; C:\Windows\System32\drivers\rdpdr.sys [195584 2014-03-18] (Microsoft Corporation) [File not signed]
S3 RdpVideoMiniport; C:\Windows\System32\drivers\rdpvideominiport.sys [27488 2014-03-18] (Microsoft Corporation) [File not signed]
R0 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [249688 2014-03-18] (Microsoft Corporation) [File not signed]
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924504 2014-03-18] (Microsoft Corporation) [File not signed]
R3 RFCOMM; C:\Windows\system32\DRIVERS\rfcomm.sys [167424 2014-03-18] (Microsoft Corporation) [File not signed]
R2 rspndr; C:\Windows\system32\DRIVERS\rspndr.sys [80384 2013-08-22] (Microsoft Corporation) [File not signed]
S3 s3cap; C:\Windows\System32\drivers\vms3cap.sys [7168 2013-08-22] (Microsoft Corporation) [File not signed]
R1 SandBox; C:\Windows\system32\drivers\SandBox64.sys [1324992 2013-12-20] (Agnitum Ltd.) [File not signed]
S0 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [107872 2013-08-22] (Microsoft Corporation) [File not signed]
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [40960 2013-08-22] (Microsoft Corporation) [File not signed]
S3 sdbus; C:\Windows\System32\drivers\sdbus.sys [236888 2014-03-18] (Microsoft Corporation) [File not signed]
S3 sdstor; C:\Windows\System32\drivers\sdstor.sys [79192 2014-03-18] (Microsoft Corporation) [File not signed]
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2013-08-22] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 SerCx; C:\Windows\System32\drivers\SerCx.sys [69472 2013-08-22] (Microsoft Corporation) [File not signed]
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-03-18] (Microsoft Corporation) [File not signed]
S3 Serenum; C:\Windows\System32\drivers\serenum.sys [23040 2013-08-22] (Microsoft Corporation) [File not signed]
S3 Serial; C:\Windows\System32\drivers\serial.sys [83456 2013-08-22] (Microsoft Corporation) [File not signed]
S3 sermouse; C:\Windows\System32\drivers\sermouse.sys [26112 2013-08-22] (Microsoft Corporation) [File not signed]
S3 sfloppy; C:\Windows\System32\drivers\sfloppy.sys [17408 2013-08-22] (Microsoft Corporation) [File not signed]
S0 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44896 2013-08-22] (Silicon Integrated Systems Corp.) [File not signed]
S0 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81760 2013-08-22] (Silicon Integrated Systems) [File not signed]
R0 spaceport; C:\Windows\System32\drivers\spaceport.sys [384856 2014-06-19] (Microsoft Corporation) [File not signed]
S3 SpbCx; C:\Windows\System32\drivers\SpbCx.sys [72032 2013-08-22] (Microsoft Corporation) [File not signed]
R2 srv; C:\Windows\System32\DRIVERS\srv.sys [454656 2014-03-18] (Microsoft Corporation) [File not signed]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [677376 2014-06-19] (Microsoft Corporation) [File not signed]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [246272 2014-06-19] (Microsoft Corporation) [File not signed]
S0 stexstor; C:\Windows\System32\drivers\stexstor.sys [31072 2013-08-22] (Promise Technology, Inc.) [File not signed]
R0 storahci; C:\Windows\System32\drivers\storahci.sys [107872 2013-08-22] (Microsoft Corporation) [File not signed]
S0 storflt; C:\Windows\System32\DRIVERS\vmstorfl.sys [49984 2013-08-22] (Microsoft Corporation) [File not signed]
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2014-03-18] (Microsoft Corporation) [File not signed]
S0 storvsc; C:\Windows\System32\drivers\storvsc.sys [45888 2013-08-22] (Microsoft Corporation) [File not signed]
S3 storvsp; C:\Windows\System32\drivers\storvsp.sys [68608 2014-03-18] (Microsoft Corporation) [File not signed]
R3 swenum; C:\Windows\System32\drivers\swenum.sys [14176 2013-08-22] (Microsoft Corporation) [File not signed]
R0 Tcpip; C:\Windows\System32\drivers\tcpip.sys [2518872 2014-06-19] (Microsoft Corporation) [File not signed]
S3 TCPIP6; C:\Windows\system32\DRIVERS\tcpip.sys [2518872 2014-06-19] (Microsoft Corporation) [File not signed]
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [49152 2014-03-06] (Microsoft Corporation) [File not signed]
R1 tdx; C:\Windows\system32\DRIVERS\tdx.sys [107520 2013-08-22] (Microsoft Corporation) [File not signed]
S3 terminpt; C:\Windows\System32\drivers\terminpt.sys [37216 2014-03-18] (Microsoft Corporation) [File not signed]
S3 TPM; C:\Windows\system32\drivers\tpm.sys [159584 2013-08-22] (Microsoft Corporation) [File not signed]
S3 TsUsbFlt; C:\Windows\System32\drivers\tsusbflt.sys [56320 2013-08-22] (Microsoft Corporation) [File not signed]
S3 TsUsbGD; C:\Windows\System32\drivers\TsUsbGD.sys [29696 2013-08-22] (Microsoft Corporation) [File not signed]
R3 tunnel; C:\Windows\system32\DRIVERS\tunnel.sys [154112 2013-08-22] (Microsoft Corporation) [File not signed]
S0 uagp35; C:\Windows\System32\drivers\uagp35.sys [64864 2013-08-22] (Microsoft Corporation) [File not signed]
S3 UASPStor; C:\Windows\System32\drivers\uaspstor.sys [74080 2013-08-22] (Microsoft Corporation) [File not signed]
S3 UCX01000; C:\Windows\System32\drivers\ucx01000.sys [189784 2014-03-18] (Microsoft Corporation) [File not signed]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [316928 2013-08-22] (Microsoft Corporation) [File not signed]
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation) [File not signed]
S0 uliagpkx; C:\Windows\System32\drivers\uliagpkx.sys [65888 2013-08-22] (Microsoft Corporation) [File not signed]
R3 umbus; C:\Windows\System32\drivers\umbus.sys [46080 2013-08-22] (Microsoft Corporation) [File not signed]
S3 UmPass; C:\Windows\System32\drivers\umpass.sys [11776 2013-08-22] (Microsoft Corporation) [File not signed]
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
R3 usbccgp; C:\Windows\System32\drivers\usbccgp.sys [155480 2014-03-18] (Microsoft Corporation) [File not signed]
S3 usbcir; C:\Windows\System32\drivers\usbcir.sys [98304 2013-08-22] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\Windows\System32\drivers\usbehci.sys [89944 2014-07-02] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\Windows\System32\drivers\usbhub.sys [418136 2014-07-02] (Microsoft Corporation) [File not signed]
S3 USBHUB3; C:\Windows\System32\drivers\UsbHub3.sys [467800 2014-03-09] (Microsoft Corporation) [File not signed]
S3 usbohci; C:\Windows\System32\drivers\usbohci.sys [30208 2013-08-22] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\Windows\System32\drivers\usbprint.sys [26112 2013-08-22] (Microsoft Corporation) [File not signed]
S3 usbscan; C:\Windows\system32\DRIVERS\usbscan.sys [44544 2013-08-22] (Microsoft Corporation) [File not signed]
R3 USBSTOR; C:\Windows\System32\drivers\USBSTOR.SYS [148824 2014-03-18] (Microsoft Corporation) [File not signed]
S3 usbuhci; C:\Windows\System32\drivers\usbuhci.sys [37376 2014-07-02] (Microsoft Corporation) [File not signed]
S3 USBXHCI; C:\Windows\System32\drivers\USBXHCI.SYS [325464 2014-03-18] (Microsoft Corporation) [File not signed]
R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [37728 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VerifierExt; C:\Windows\System32\drivers\VerifierExt.sys [175960 2014-03-18] (Microsoft Corporation) [File not signed]
S3 vhdmp; C:\Windows\System32\drivers\vhdmp.sys [551256 2014-03-18] (Microsoft Corporation) [File not signed]
S0 viaide; C:\Windows\System32\drivers\viaide.sys [19808 2013-08-22] (VIA Technologies, Inc.) [File not signed]
S3 Vid; C:\Windows\System32\drivers\Vid.sys [220672 2014-03-18] (Microsoft Corporation) [File not signed]
S0 vmbus; C:\Windows\System32\drivers\vmbus.sys [97088 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VMBusHID; C:\Windows\System32\drivers\VMBusHID.sys [21760 2013-08-22] (Microsoft Corporation) [File not signed]
S3 vmbusr; C:\Windows\System32\drivers\vmbusr.sys [129536 2014-03-18] (Microsoft Corporation) [File not signed]
R0 vmci; C:\Windows\System32\drivers\vmci.sys [85584 2013-10-08] (VMware, Inc.) [File not signed]
R3 VMnetAdapter; C:\Windows\system32\DRIVERS\vmnetadapter.sys [20560 2014-04-14] (VMware, Inc.) [File not signed]
R2 VMnetBridge; C:\Windows\system32\DRIVERS\vmnetbridge.sys [46160 2014-04-14] (VMware, Inc.) [File not signed]
R2 VMnetuserif; C:\Windows\system32\drivers\vmnetuserif.sys [31448 2014-04-14] (VMware, Inc.) [File not signed]
S3 vmusb; C:\Windows\System32\drivers\vmusb.sys [51904 2014-02-27] (VMware, Inc.) [File not signed]
R2 vmx86; C:\Windows\system32\drivers\vmx86.sys [64728 2014-04-14] (VMware, Inc.) [File not signed]
R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [73568 2013-08-22] (Microsoft Corporation) [File not signed]
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [377696 2013-08-22] (Microsoft Corporation) [File not signed]
R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [310616 2014-06-19] (Microsoft Corporation) [File not signed]
S3 vpci; C:\Windows\System32\drivers\vpci.sys [69472 2013-08-22] (Microsoft Corporation) [File not signed]
S3 vpcivsp; C:\Windows\System32\drivers\vpcivsp.sys [65536 2014-03-18] (Microsoft Corporation) [File not signed]
S0 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [168800 2013-08-22] (VIA Technologies Inc.,Ltd) [File not signed]
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.) [File not signed]
R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [33872 2013-02-22] (VMware, Inc.) [File not signed]
S0 VSTXRAID; C:\Windows\System32\drivers\vstxraid.sys [305504 2013-08-22] (VIA Corporation) [File not signed]
S3 vwifibus; C:\Windows\System32\drivers\vwifibus.sys [24576 2013-08-22] (Microsoft Corporation) [File not signed]
S3 WacomPen; C:\Windows\System32\drivers\wacompen.sys [26752 2013-08-22] (Microsoft Corporation) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-05-15] (Microsoft Corporation) [File not signed]
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [839488 2013-08-22] (Microsoft Corporation) [File not signed]
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [257880 2014-05-15] (Microsoft Corporation) [File not signed]
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-05-15] (Microsoft Corporation) [File not signed]
R0 WFPLWFS; C:\Windows\System32\DRIVERS\wfplwfs.sys [136024 2014-03-09] (Microsoft Corporation) [File not signed]
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [33632 2013-08-22] (Microsoft Corporation) [File not signed]
S3 WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [78848 2013-08-22] (Microsoft Corporation) [File not signed]
R3 WmiAcpi; C:\Windows\System32\drivers\wmiacpi.sys [16384 2013-08-22] (Microsoft Corporation) [File not signed]
R0 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation) [File not signed]
S3 wpcfltr; C:\Windows\System32\DRIVERS\wpcfltr.sys [55328 2014-06-19] (Microsoft Corporation) [File not signed]
R3 WpdUpFltr; C:\Windows\System32\drivers\WpdUpFltr.sys [26976 2013-08-22] (Microsoft Corporation) [File not signed]
R1 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2013-08-22] (Microsoft Corporation) [File not signed]
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [117760 2013-08-22] (Microsoft Corporation) [File not signed]
R3 WUDFRd; C:\Windows\System32\drivers\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation) [File not signed]
R3 WUDFSensorLP; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation) [File not signed]
R3 WUDFWpdFs; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation) [File not signed]
R3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [230912 2013-08-22] (Microsoft Corporation) [File not signed]

========================== Drivers MD5 =======================

C:\Windows\System32\drivers\1394ohci.sys E1832BD9FD7E0FC2DC9FA5935DE3E8C1
C:\Windows\System32\drivers\3ware.sys AD508A1A46EC21B740AB31C28EFDFDB1
C:\Windows\System32\drivers\ACPI.sys 9539F7917B4B6D92C90F0FAA6B86C605
C:\Windows\System32\Drivers\acpiex.sys AC8279D229398BCF05C3154ADCA86813
C:\Windows\System32\drivers\acpipagr.sys A8970D9BF23CD309E0403978A1B58F3F
C:\Windows\System32\drivers\acpipmi.sys 111A89C99C5B4F1A7BCE5F643DD86F65
C:\Windows\System32\drivers\acpitime.sys 5758387D68A20AE7D3245011B07E36E7
C:\Windows\System32\drivers\ADP80XX.SYS 7C1FDF1B48298CBA7CE4BDD4978951AD
C:\Windows\system32\drivers\afd.sys 374E27295F0A9DCAA8FC96370F9BEEA5
C:\Windows\system32\DRIVERS\afw.sys A12CC7EA6448C7BADC8677593C2AC55D
C:\Windows\System32\drivers\afwcore.sys B998EC04EF865567B78D4F0E36530FFC
C:\Windows\System32\drivers\agp440.sys 7DFAEBA9AD62D20102B576D5CAC45EC8
C:\Windows\System32\DRIVERS\ahcache.sys 8E8E34B7BA059050EED827410D0697A2
C:\Windows\System32\drivers\amdk8.sys 7589DE749DB6F71A68489DCE04158729
C:\Windows\system32\DRIVERS\atikmdag.sys 64F79795D91CCA5FFC2694975AAED35F
C:\Windows\system32\DRIVERS\atikmpag.sys DDB6A787E34A158B684CE2389894EB96
C:\Windows\System32\drivers\amdppm.sys B46D2D89AFF8A9490FA8C98C7A5616E3
C:\Windows\System32\drivers\amdsata.sys D2BF2F94A47D332814910FD47C6BBCD2
C:\Windows\System32\drivers\amdsbs.sys A8E04943C7BBA7219AA50400272C3C6E
C:\Windows\System32\drivers\amdxata.sys CEA5F4F27CFC08E3A44D576811B35F50
C:\Windows\System32\Drivers\lgandnetadb.sys EFD1765905491B742C531FF6C38E9EC7
C:\Windows\system32\DRIVERS\lgandnetdiag64.sys 8660C7BFE2CBA7E0B3F5D9ECD05D780E
C:\Windows\system32\DRIVERS\lgandnetdiag264.sys 680DEB3075D4F9FFF02A2754A3A3B6FB
C:\Windows\system32\DRIVERS\lgandnetmodem64.sys 620F9CDFC8987FE26F6E0DC37D645B45
C:\Windows\system32\drivers\appid.sys 04951A9A937CBE28A2D3FEEA360B6D1F
C:\Windows\System32\drivers\arcsas.sys 65045784366F7EC5FB4E71BCF923187B
C:\Windows\System32\drivers\atapi.sys 74B14192CF79A72F7536B27CB8814FBD
C:\Windows\System32\DRIVERS\avgntflt.sys 4663C5AD76FE8E19592DE808156FA07D
C:\Windows\system32\DRIVERS\avipbb.sys 8902AEC2382A37E9E99A4E0D52DBD42B
C:\Windows\system32\DRIVERS\avkmgr.sys 390184FAD8FCC1B6DA25AEBAE928C3B6
C:\Windows\System32\drivers\bxvbda.sys A4A73F631FE2AA2826FBE4A399B04DEF
C:\Windows\System32\drivers\BasicDisplay.sys 8CC7F7E4AFCBA605921B137ED7992C68
C:\Windows\System32\drivers\BasicRender.sys 38A82F4EE8C416A6744B6D30381ED768
C:\Windows\System32\drivers\bcmfn2.sys C1ABB0F7E3BEA48A0417BDF6FF14AB21
C:\Windows\System32\Drivers\Beep.sys EC19013E4CF87609534165DF897274D6
C:\Windows\System32\DRIVERS\bowser.sys 6B4FFFDDC618FCF64473CAA86E305697
C:\Windows\System32\drivers\BthAvrcpTg.sys A8F23D453A424FF4DE04989C4727ECC7
C:\Windows\System32\drivers\BthEnum.sys 131F1C8573E7BFB41C54FBF5309CCD94
C:\Windows\System32\drivers\bthhfenum.sys 746B9F94214915AECDE4B7FEA5FF9664
C:\Windows\System32\drivers\BthHFHid.sys 71FE2A48E4C93DDB9798C024880B6C07
C:\Windows\System32\drivers\bthmodem.sys 66B791F6B11DC4303DD18A224A501542
C:\Windows\system32\DRIVERS\bthpan.sys 3AFE71D80EDF5D4DE0C5731352905669
C:\Windows\System32\Drivers\BTHport.sys 92370F46AF28D54B67C135FA8C2AFCFC
C:\Windows\System32\Drivers\BTHUSB.sys 23E75BED9076F856B36F5F934BBD5795
C:\Windows\System32\DRIVERS\cdfs.sys 2FA6510E33F7DEFEC03658B74101A9B9
C:\Windows\System32\drivers\cdrom.sys C6796EA22B513E3457514D92DCDB1A3D
C:\Windows\System32\drivers\circlass.sys BE9936EDD3267FAAFF94A7835867F00B
C:\Windows\System32\drivers\CLFS.sys 179A41249055D5F039F1B6703F3B6D2B
C:\Windows\System32\drivers\CmBatt.sys EF6EF85DADC3184A10D8F2F7159973CB
C:\Windows\system32\drivers\cmudaxp.sys 2A01CA9628F36208A7D188F34B295192
C:\Windows\System32\Drivers\cng.sys 1CD3A907D64D08F49208DA00B69BF35E
C:\Windows\System32\drivers\CompositeBus.sys 03AAED827C36F35D70900558B8274905
C:\Windows\System32\drivers\condrv.sys A1FF7DFBFBE164CF92603C651D304DD2
C:\Windows\System32\drivers\csc.sys EE2F3C0D6ADBC975D6B621EC15ACF4E2
C:\Windows\System32\drivers\dam.sys 315BA4BC19316D72B2E037534E048B93
C:\Windows\System32\Drivers\dfsc.sys A03F362C5557E238CBFA914689C77248
C:\Windows\System32\drivers\disk.sys 4D40C9B33F738797CF50E77CB7C53E85
C:\Windows\System32\drivers\dmvsc.sys EB70A894708D1BC176AFD690FF06085F
C:\Windows\system32\drivers\drmkaud.sys DDC11A202207C0400CBE07315B8FDE5E
C:\Windows\System32\drivers\dxgkrnl.sys C7D252742946DD395670649742FBD73D
C:\Windows\system32\DRIVERS\e1i63x64.sys FA988D76745C917CDFE20031C06DE860
C:\Windows\System32\drivers\evbda.sys 114BCFDF367FF37C3F1B0A96AF542E4D
C:\Windows\System32\drivers\EhStorClass.sys 43531A5993380CC5113242C29D265FD9
C:\Windows\System32\drivers\EhStorTcgDrv.sys 6F8E738A9505A388B1157FDDE7B3101B
C:\Windows\System32\drivers\errdev.sys DFFFAE1442BA4076E18EED5E406FA0D3
C:\Windows\System32\Drivers\exfat.sys 7729D294A555C7AEB281ED8E4D0E01E4
C:\Windows\System32\Drivers\fastfat.sys 7C4E0D5900B2A1D11EDD626D6DDB937B
C:\Windows\System32\drivers\fdc.sys 5D8402613E778B3BD45E687A8372710B
C:\Windows\System32\drivers\fileinfo.sys BCFD8B149B3ADF92D0DB1E909CAF0265
C:\Windows\System32\drivers\filetrace.sys A1A66C4FDAFD6B0289523232AFB7D8AF
C:\Windows\System32\drivers\flpydisk.sys BE743083CF7063C486A4398E3AEFE59A
C:\Windows\System32\drivers\fltmgr.sys 6592D192E2823C043EDBC010E7774053
C:\Windows\System32\drivers\FsDepends.sys 35005534E600E993A90B036E4E599F2B
C:\Windows\System32\Drivers\Fs_Rec.sys 09F460AFEDCA03F3BF6E07D1CCC9AC42
C:\Windows\System32\DRIVERS\fvevol.sys F152D55E497E12256290C43B31C7D0CE
C:\Windows\System32\drivers\fxppm.sys 9591D0B9351ED489EAFD9D1CE52A8015
C:\Windows\System32\drivers\gagp30kx.sys FC3EF65EE20D39F8749C2218DBA681CA
C:\Windows\system32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\System32\drivers\vmgencounter.sys 0BF5CAD281E25F1418E5B8875DC5ADD1
C:\Windows\System32\Drivers\msgpioclx.sys EF3AE7773394DF49CE74AF78A1C8D23D
C:\Windows\system32\drivers\hcmon.sys BDDBCFF870442B3C24C158CD53079132
C:\Windows\system32\drivers\HdAudio.sys 56F69F7C25FB67C970997D7066DBC593
C:\Windows\System32\drivers\HDAudBus.sys 498288DD5CA42C2D36D125893E968C53
C:\Windows\System32\drivers\HidBatt.sys 10A70BC1871CD955D85CD88372724906
C:\Windows\System32\drivers\hidbth.sys 1EA1B4FABB8CC348E73CA90DBA22E104
C:\Windows\System32\drivers\hidi2c.sys C241A8BAFBBFC90176EA0F5240EACC17
C:\Windows\System32\drivers\hidir.sys 9BDDEE26255421017E161CCB9D5EDA95
C:\Windows\System32\drivers\hidusb.sys 8DB8EAB9D0C6A5DF0BDCADEA239220B4
C:\Windows\System32\drivers\HpSAMD.sys A6AACEA4C785789BDA5912AD1FEDA80D
C:\Windows\System32\drivers\HTTP.sys 9DDCA7F18983C5410DEFF79F819DF93C
C:\Windows\System32\drivers\hwpolicy.sys 90656C0B3864804B090434EFC582404F
C:\Windows\System32\drivers\hyperkbd.sys 6D6F9E3BF0484967E52F7E846BFF1CA1
C:\Windows\system32\DRIVERS\HyperVideo.sys 907C870F8C31F8DDD6F090857B46AB25
C:\Windows\System32\drivers\i8042prt.sys 84CFC5EFA97D0C965EDE1D56F116A541
C:\Windows\System32\drivers\iaLPSSi_GPIO.sys 5D90E32E36CE5D4C535D17CE08AEAF05
C:\Windows\System32\drivers\iaLPSSi_I2C.sys DD05E7E80F52ADE9AEB292819920F32C
C:\Windows\System32\drivers\iaStorAV.sys 08BFE413B0B4AA8DFA4B5684CE06D3DC
C:\Windows\System32\drivers\iaStorV.sys A2200C3033FA4EF249FC096A7A7D02A2
C:\Windows\System32\drivers\intelide.sys 4E448FCFFD00E8D657CD9E48D3E47157
C:\Windows\System32\drivers\intelpep.sys 139CFCDCD36B1B1782FD8C0014AC9B0E
C:\Windows\System32\drivers\intelppm.sys 47E74A8E53C7C24DCE38311E1451C1D9
C:\Windows\System32\DRIVERS\ipfltdrv.sys 9DB76D7F9E4E53EFE5DD8C53DE837514
C:\Windows\System32\drivers\IPMIDrv.sys FD9C9E9E3F0ED51502C7E8C066BE26B9
C:\Windows\System32\drivers\ipnat.sys B7342B3C58E91107F6E946A93D9D4EFD
C:\Windows\System32\drivers\irenum.sys AE44C526AB5F8A487D941CEB57B10C97
C:\Windows\System32\drivers\isapnp.sys 8AFEEA3955AA43616A60F133B1D25F21
C:\Windows\System32\drivers\msiscsi.sys D90AB68D0FAC9F357F663670FDBB511E
C:\Windows\System32\drivers\kbdclass.sys 8BE92376799B6B44D543E8D07CDCF885
C:\Windows\System32\drivers\kbdhid.sys FB6E47E569D4872ABEB506BE03A45FBA
C:\Windows\System32\drivers\kbldfltr.sys DB7A09BC90DF20F44F16F8B0F9ED3491
C:\Windows\system32\DRIVERS\kdnic.sys 813871C7D402A05F2E3A7075F9584A05
C:\Windows\System32\Drivers\ksecdd.sys ADDECBCC777665BD113BED437E602AB0
C:\Windows\System32\Drivers\ksecpkg.sys F88CC88F4A6D8476F1664E805CA18CC2
C:\Windows\system32\drivers\ksthunk.sys 11AFB527AA370B1DAFD5C36F35F6D45F
C:\Windows\system32\DRIVERS\LEqdUsb.Sys 5EA1731968F2FD0E950DDCE6D36C5134
C:\Windows\system32\DRIVERS\LHidEqd.Sys 50AC0930F05DFB996F085B49E112E5C9
C:\Windows\system32\DRIVERS\LHidFilt.Sys 96EB043E2843B5A87A486D0BC6921094
C:\Windows\system32\DRIVERS\lltdio.sys C09010B3680860131631F53E8FE7BAD8
C:\Windows\system32\DRIVERS\LMouFilt.Sys A5C1DA229B3B660BBF3BDC30ADBFBB61
C:\Windows\System32\drivers\lsi_sas.sys C755AE4635457AA2A11F79C0DF857ABC
C:\Windows\System32\drivers\lsi_sas2.sys ADAC09CBE7A2040B7F68B5E5C9A75141
C:\Windows\System32\drivers\lsi_sas3.sys 04D1274BB9BBCCF12BD12374002AA191
C:\Windows\System32\drivers\lsi_sss.sys 327469EEF3833D0C584B7E88A76AEC0C
C:\Windows\system32\drivers\luafv.sys DDEE191AB32DFC22C6465002ECDF5EE4
C:\Windows\System32\drivers\megasas.sys EB5C03A070F30D64A6DF80E53B22F53F
C:\Windows\System32\drivers\megasr.sys F6F13533196DE7A582D422B0241E4363
C:\Windows\System32\drivers\modem.sys 8B38C44F69259987C95135C9627E2378
C:\Windows\System32\drivers\monitor.sys 601589000CC90F0DF8DA2CC254A3CCC9
C:\Windows\System32\drivers\mouclass.sys CEAC6D40FE887CE8406C2393CF97DE06
C:\Windows\System32\drivers\mouhid.sys 02D98BF804084E9A0D69D1C69B02CCA9
C:\Windows\System32\drivers\mountmgr.sys 515549560D481138E6E21AF7C6998E56
C:\Windows\System32\drivers\mpsdrv.sys F170510BE94CF45E3C6274578F6204B2
C:\Windows\system32\drivers\mrxdav.sys 1D55DADC22D21883A2F80297F5A5AE48
C:\Windows\System32\DRIVERS\mrxsmb.sys 7A1A3F213CDB3363D179D5014272025D
C:\Windows\System32\DRIVERS\mrxsmb10.sys 3E28B99198B514DFEB152EACF913025E
C:\Windows\System32\DRIVERS\mrxsmb20.sys 5C42CEE3E2018E1DFC6E3E17240A432A
C:\Windows\system32\DRIVERS\bridge.sys 4E888019078AC363076A5433E89AA4F8
C:\Windows\System32\Drivers\Msfs.sys D13329FBF8345B28AB30F44CC247DC08
C:\Windows\System32\drivers\msgpiowin32.sys C6B474E46F9E543B875981ED3FFE6ADD
C:\Windows\System32\drivers\mshidkmdf.sys 65C92EB9D08DB5C69F28C7FFD4E84E31
C:\Windows\System32\drivers\mshidumdf.sys 52299F086AC2DAFD100DD5DC4A8614BA
C:\Windows\System32\drivers\msisadrv.sys 36D92AF3343C3A3E57FEF11C449AEA4C
C:\Windows\system32\drivers\MSKSSRV.sys A9BBBD2BAE6142253B9195E949AC2E8D
C:\Windows\system32\DRIVERS\mslldp.sys 375E44168F2DFB91A68B8A3F619C5A7C
C:\Windows\system32\drivers\MSPCLOCK.sys 7B2128EB875DCBC006E6A913211006D6
C:\Windows\system32\drivers\MSPQM.sys 1E88171579B218115C7A772F8DE04BD8
C:\Windows\System32\Drivers\MsRPC.sys BBE2A455053E63BECBF42C2F9B21FAE0
C:\Windows\System32\drivers\mssmbios.sys 8D6B7D515C5CBCDB75B928A0B73C3C5E
C:\Windows\system32\drivers\MSTEE.sys 115019AE01E0EB9C048530D2928AB4A2
C:\Windows\System32\drivers\MTConfig.sys 96D604A35070360F0DD4A7A8AF410B5E
C:\Windows\System32\Drivers\mup.sys 619CA29326B82372621DB2C0964D8365
C:\Windows\System32\drivers\mvumis.sys B8C35C94DCB2DFEAF03BB42131F2F77F
C:\Windows\system32\DRIVERS\nwifi.sys 78514B073CC5775800A65BFB82A0D66B
C:\Windows\System32\drivers\ndis.sys F21B77B4D74092A543807D3CEB711A88
C:\Windows\system32\DRIVERS\ndiscap.sys C6BB12BC35D1637CA17AE16D3A4725EB
C:\Windows\system32\DRIVERS\NdisImPlatform.sys 9F1DA20E943BE7AA4ED5F3E1EBA78B37
C:\Windows\system32\DRIVERS\ndistapi.sys 9423421E735BD5394351E0C47C76BB92
C:\Windows\system32\DRIVERS\ndisuio.sys B832B35055BA2B7B4181861FF94D8E59
C:\Windows\System32\drivers\NdisVirtualBus.sys 1F58E48EF75F34C35D8E93A0DC535CFE
C:\Windows\system32\DRIVERS\ndiswan.sys DEC29080202D4F9F17F55E18BCFCC41A
C:\Windows\system32\DRIVERS\ndiswan.sys DEC29080202D4F9F17F55E18BCFCC41A
C:\Windows\System32\Drivers\NDProxy.sys A5BD69A8812FA79D1A487691DD3FB244
C:\Windows\System32\drivers\Ndu.sys 5A072F0B90C29C5233D78BE33EF5ED78
C:\Windows\System32\DRIVERS\netbios.sys A83D67D347A684F10B7D3019C8A6380C
C:\Windows\System32\DRIVERS\netbt.sys 0217532E19A748F0E5D569307363D5FD
C:\Windows\system32\DRIVERS\netvsc63.sys 70414DB660BFBB7BD58FCE8EA4364E1B
C:\Windows\System32\Drivers\Npfs.sys 8F44A2F57C9F1A19AC9C6288C10FB351
C:\Windows\System32\drivers\npsvctrig.sys CBDB4F0871C88DF930FC0E8588CA67FC
C:\Windows\System32\drivers\nsiproxy.sys E490B459978CB87779E84C761D22B827
C:\Windows\System32\Drivers\Ntfs.sys 1C80517BE6836A812F6A9B99B8321351
C:\Windows\System32\Drivers\Null.sys EF1B290FC9F0E47CC0B537292BEE5904
C:\Windows\System32\drivers\nvraid.sys BC6B5942AFF25EBAF62DE43C3807EDF8
C:\Windows\System32\drivers\nvstor.sys 1F43ABFFAC3D6CA356851D517392966E
C:\Windows\System32\drivers\nv_agp.sys 6934A936A7369DFE37B7DBA93F5E5E49
C:\Windows\System32\drivers\parport.sys 764B1121867B2D9B31C491668AC72B2B
C:\Windows\System32\drivers\partmgr.sys EF0C1749C9A8CEE9A457473D433CC00F
C:\Windows\System32\drivers\pci.sys 275AFE3FA35E8D78BE97695DF49817C6
C:\Windows\System32\drivers\pciide.sys 346E38FCC6859A727DD28AFAD1F0AFF4
C:\Windows\System32\drivers\pcmcia.sys 4D3BDCC1C7B40C9D7B6AD990E6DEC397
C:\Windows\System32\drivers\pcw.sys BF28771D1436C88BE1D297D3098B0F7D
C:\Windows\System32\drivers\pdc.sys B9D968D8E2B0F9C6301CEB39CFC9B9E4
C:\Windows\System32\drivers\peauth.sys 0ECEE590F2E2EF969FB74A6FC583A1E6
C:\Windows\System32\drivers\processr.sys ECD373F9571C745894367CC2635EA44F
C:\Windows\system32\DRIVERS\pacer.sys 8528BB05E4D4E25945F78B00B2555FB7
C:\Windows\system32\pwdrvio.sys C32ECB99AD25E9A04F01C8665DF29EF8
C:\Windows\system32\pwdspio.sys D619356B955EEFA642F5FF72755E8B3C
C:\Windows\system32\drivers\qwavedrv.sys 3FB466684609A4329858CF2EBD62E0FD
C:\Windows\System32\DRIVERS\rasacd.sys 2C56F0EE27E4EF70CA4B4983D3638905
C:\Windows\system32\DRIVERS\raspppoe.sys 5247F308C4103CDC4FE12AE1D235800A
C:\Windows\System32\DRIVERS\rdbss.sys A1A5E79C0D1352AFDC08328A623DA051
C:\Windows\System32\drivers\rdpbus.sys 6B21EBF892CD8CACB71669B35AB5DE32
C:\Windows\System32\drivers\rdpdr.sys 680C1DAE268B6FB67FA21B389A8B79EF
C:\Windows\System32\drivers\rdpvideominiport.sys 858776908AF838E3790F3261B799CDA6
C:\Windows\System32\drivers\rdyboost.sys A26AEC49F318FEE141DDDB2C5F99B3E6
C:\Windows\System32\Drivers\ReFS.sys E515A287C8FAE901EB8FB42F168E14F2
C:\Windows\system32\DRIVERS\rfcomm.sys 0527EF6E23B9FAB37DDCBC479C6CFA28
C:\Windows\system32\DRIVERS\rspndr.sys 2D05A5508F4685412F2B89E8C2189ABC
C:\Windows\System32\drivers\vms3cap.sys 1A063730F221B2746FF00457AE17E4F0
C:\Windows\system32\drivers\SandBox64.sys CB08A85D0CCC29F2D84D97D3A445841A
C:\Windows\System32\drivers\sbp2port.sys C624A1B32211C3166EDB3F4AB02A30B7
C:\Windows\System32\DRIVERS\scfilter.sys ABD0237B15DBD2B4695F4B7D734A58F7
C:\Windows\System32\drivers\sdbus.sys FDEC5799BA499D18AFA3A540538866E7
C:\Windows\System32\drivers\sdstor.sys 0B1E929D11A8E358106955603FAC65E8
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\SerCx.sys DB2FF24CE0BDD15FE75870AFE312BA89
C:\Windows\System32\drivers\SerCx2.sys 0044B31F93946D5D41982314381FE431
C:\Windows\System32\drivers\serenum.sys 3CD600C089C1251BEEB4CD4CD5164F9E
C:\Windows\System32\drivers\serial.sys D864381BC9C725FAB01D94C060660166
C:\Windows\System32\drivers\sermouse.sys 0BD2B65DCE756FDE95A2E5CCCBF7705D
C:\Windows\System32\drivers\sfloppy.sys 472B7A5AC181C050888DB454663DD764
C:\Windows\System32\drivers\SiSRaid2.sys 2F518D13DD6F3053837FE606F1A2EA1F
C:\Windows\System32\drivers\sisraid4.sys 1AC9A200A9C49C4508F04AAFFCA34A3F
C:\Windows\System32\drivers\spaceport.sys 33977549C2CED09936E05BEE7659EAFF
C:\Windows\System32\drivers\SpbCx.sys F337BE11071818FC3F5DC2940B6BDE34
C:\Windows\System32\DRIVERS\srv.sys 2B78788A1485F9B99A578A299DF42C02
C:\Windows\System32\DRIVERS\srv2.sys FD163F487CBA9C98AFFEB546C80F49A2
C:\Windows\System32\DRIVERS\srvnet.sys 716059F37BCCB1ABEDE99EBE82E8E362
C:\Windows\System32\drivers\stexstor.sys 366DEA74BBA65B362BCCFC6FC2ADFD8B
C:\Windows\System32\drivers\storahci.sys 0ED2E318ABB68C1A35A8B8038BDB4C90
C:\Windows\System32\DRIVERS\vmstorfl.sys 7A08CEE1535F5A448215634C5EA74E50
C:\Windows\System32\drivers\stornvme.sys 6B06E2D11E604BE2B1A406C4CB3B90DE
C:\Windows\System32\drivers\storvsc.sys 548759755BC73DAD663250239D7E0B9F
C:\Windows\System32\drivers\storvsp.sys 03618F935379614837F915D04C45FC0E
C:\Windows\System32\drivers\swenum.sys 84E0F5D41C138C5CC975137A2A98F6D3
C:\Windows\System32\drivers\tcpip.sys 4B666AE119D2ADBAC816BEA7DB4D6881
C:\Windows\system32\DRIVERS\tcpip.sys 4B666AE119D2ADBAC816BEA7DB4D6881
C:\Windows\System32\drivers\tcpipreg.sys 41CF802064F72E55F50CA0A221FD36D4
C:\Windows\system32\DRIVERS\tdx.sys FFF28F9F6823EB1756C60F1649560BBF
C:\Windows\System32\drivers\terminpt.sys 232D185D2337F141311D0CF1983E1431
C:\Windows\system32\drivers\tpm.sys 82F909359600D3603FE852DB7F135626
C:\Windows\System32\drivers\tsusbflt.sys BF8F54CA37E9C9D6582C31C5761F8C93
C:\Windows\System32\drivers\TsUsbGD.sys E0088068DCE2EE82897027DDB8E05254
C:\Windows\system32\DRIVERS\tunnel.sys C8E0E78B5D284C2FF59BDFFDAF997242
C:\Windows\System32\drivers\uagp35.sys F6EEAD052943B5A3104C1405BB856C54
C:\Windows\System32\drivers\uaspstor.sys FE6067B1FD4E63650C667B33D080565B
C:\Windows\System32\drivers\ucx01000.sys B034A41891A36457B994307DFA772293
C:\Windows\System32\DRIVERS\udfs.sys 1EC649F112896FAE33250F0B97AC5D0B
C:\Windows\System32\drivers\UEFI.sys 9578691F297E1B1F519970FE6D47CB21
C:\Windows\System32\drivers\uliagpkx.sys 5EAB5117DDB24FC4D39E6FFFCF1837B9
C:\Windows\System32\drivers\umbus.sys DA34C39A18E60E7C3FA0630566408034
C:\Windows\System32\drivers\umpass.sys AE8294875E5446E359B1E8035D40C05E
C:\Windows\System32\Drivers\usbaapl64.sys C9E9D59C0099A9FF51697E9306A44240
C:\Windows\System32\drivers\usbccgp.sys 433ECDE01A52691FA7ACA51C10C09B70
C:\Windows\System32\drivers\usbcir.sys B3D6457D841A0CAEF4C52D88621715F2
C:\Windows\System32\drivers\usbehci.sys DE9C8D03C010969CAD96ACAFC9FD1901
C:\Windows\System32\drivers\usbhub.sys 0F35ADB37DF6AF6BDFB725ECC6C2FD1B
C:\Windows\System32\drivers\UsbHub3.sys CFC52C49BEFE4D70D87FFA900EAB9777
C:\Windows\System32\drivers\usbohci.sys 3019097FB6C985EF24C058090FF3BDBD
C:\Windows\System32\drivers\usbprint.sys 4D655E3B684BE9B0F7FFD8A2935C348C
C:\Windows\system32\DRIVERS\usbscan.sys F04D164C4168701A4E7835607722E5F1
C:\Windows\System32\drivers\USBSTOR.SYS EA23453240137F6773174E0D93F61A69
C:\Windows\System32\drivers\usbuhci.sys 6BD2B29B58E12B478B2FB2E8866AE784
C:\Windows\System32\drivers\USBXHCI.SYS 48430B0313FC1CFE3D2400553F1A93CD
C:\Windows\System32\drivers\vdrvroot.sys FEB26E3B8345A7E8D62F945C4AE86562
C:\Windows\System32\drivers\VerifierExt.sys A026EDEAA5EECAE0B08E2748B616D4BD
C:\Windows\System32\drivers\vhdmp.sys 52E483A3701A5A61A75A06993720347D
C:\Windows\System32\drivers\viaide.sys 06D38968028E9AB19DE9B618C7B6D199
C:\Windows\System32\drivers\Vid.sys 3CE922E34DB12D9F3C0EA856BC09687C
C:\Windows\System32\drivers\vmbus.sys C6305BDFC4F7CE51F72BB072C03D4ACE
C:\Windows\System32\drivers\VMBusHID.sys DA40BEA0A863CE768C940CA9723BF81F
C:\Windows\System32\drivers\vmbusr.sys 68F8C26DEA2D42E8DEC0778943433C80
C:\Windows\System32\drivers\vmci.sys BE8E5E5D53ACF71D4E8E686B68C99B04
C:\Windows\system32\DRIVERS\vmnetadapter.sys 18AA5F4A3B1204AD00045EE5AD39BCDB
C:\Windows\system32\DRIVERS\vmnetbridge.sys 04CD4347CD9E8C40F78AD51F7FF426D0
C:\Windows\system32\drivers\vmnetuserif.sys 50160AC31D1820C10BEE0D26707298E0
C:\Windows\System32\drivers\vmusb.sys 3770822B78B9866C36DBE231F8B9FA36
C:\Windows\system32\drivers\vmx86.sys 11CAB5305913D3510854A2BD6D5ED1FB
C:\Windows\System32\drivers\volmgr.sys 55D7D963DE85162F1C49721E502F9744
C:\Windows\System32\drivers\volmgrx.sys CCB9E901F7254BF96D28EB1B0E5329B7
C:\Windows\System32\drivers\volsnap.sys 4BB9BC49DEE1A319EC58274A7BBED663
C:\Windows\System32\drivers\vpci.sys 01355C98B5C3ED1EC446743CDA848FCE
C:\Windows\System32\drivers\vpcivsp.sys ADBE96C33D1A5BB1BBAF90B4BC84F523
C:\Windows\System32\drivers\vsmraid.sys 4539F45F9F4C9757A86A56C949421E07
C:\Windows\System32\drivers\vsock.sys CB4D2E3C5E8BFA3CF6AFFF6DDC6CC70D
C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys E7CE8988B98202A5CF429CA358D26CC5
C:\Windows\System32\drivers\vstxraid.sys 0849B7260F26FE05EA56DED0672E2F4B
C:\Windows\System32\drivers\vwifibus.sys BE970C369E43B509C1EDA2B8FA7CECB0
C:\Windows\System32\drivers\wacompen.sys 0910AB9ED404C1434E2D0376C2AD5D8B
C:\Windows\system32\drivers\WdBoot.sys F5D4FA3E1F4879C361FFF3855259D2C2
C:\Windows\System32\drivers\Wdf01000.sys CB6C63FF8342B467E2EF76E98D5B934D
C:\Windows\system32\drivers\WdFilter.sys 019CC610AD95FF47EAD7C08B7A683B96
C:\Windows\System32\Drivers\WdNisDrv.sys 6CC1BB8F6851A262E2E824F0E92D5EEF
C:\Windows\System32\DRIVERS\wfplwfs.sys BFBE1C5F57FE7A885673A1962D5532B7
C:\Windows\System32\drivers\wimmount.sys 867BCC69ED9C31C501465EB0E8BA9DFA
C:\Windows\system32\DRIVERS\WinUsb.sys AC263C2F66405589528995AA41040599
C:\Windows\System32\drivers\wmiacpi.sys 2834D9D3B4F554A39C72F00EA3F0E128
C:\Windows\System32\Drivers\Wof.sys 7FC5667DF73D4B04AA457CC3A4180E09
C:\Windows\System32\DRIVERS\wpcfltr.sys 182561A14F2E93E81E66FE3700D17A5A
C:\Windows\System32\drivers\WpdUpFltr.sys 9F2904B55F6CECCD1A8D986B5CE2609A
C:\Windows\system32\drivers\ws2ifsl.sys AE072B0339D0A18E455DC21666CAD572
C:\Windows\System32\drivers\WudfPf.sys 2FEAE33E9B2B56104596E1BA444405A9
C:\Windows\System32\drivers\WUDFRd.sys 19240C13F526125554B5370566F21A0A
C:\Windows\system32\DRIVERS\WUDFRd.sys 19240C13F526125554B5370566F21A0A
C:\Windows\system32\DRIVERS\WUDFRd.sys 19240C13F526125554B5370566F21A0A
C:\Windows\system32\DRIVERS\WUDFRd.sys 19240C13F526125554B5370566F21A0A

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-19 06:48 - 2014-08-19 06:49 - 00105177 _____ () C:\Users\Woei Shyang\Downloads\FRST.txt
2014-08-19 06:48 - 2014-08-19 06:48 - 00000000 ____D () C:\FRST
2014-08-19 06:47 - 2014-08-19 06:47 - 02101760 _____ (Farbar) C:\Users\Woei Shyang\Downloads\FRST64.exe
2014-08-18 09:27 - 2014-08-18 09:27 - 00086686 _____ () C:\Users\Woei Shyang\Downloads\Extras.Txt
2014-08-18 09:26 - 2014-08-18 09:26 - 00183894 _____ () C:\Users\Woei Shyang\Downloads\OTL.Txt
2014-08-17 18:23 - 2014-08-17 18:23 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-08-16 12:24 - 2014-08-16 12:24 - 00043696 _____ () C:\Users\Woei Shyang\Downloads\contagion_english-562922.zip
2014-08-16 08:34 - 2014-08-16 08:34 - 00000000 ___DL () C:\Windows\system32\sru
2014-08-15 21:32 - 2014-08-15 21:32 - 00029511 _____ () C:\Users\Woei Shyang\Downloads\0f04098cfbbcf2a0b704ccb431e8d5dd9c20c579.zip
2014-08-15 11:39 - 2014-08-15 11:39 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Woei Shyang\Downloads\rkill.exe
2014-08-15 11:38 - 2014-08-15 11:39 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Woei Shyang\Downloads\tdsskiller.exe
2014-08-15 11:36 - 2014-08-15 11:48 - 00002890 _____ () C:\Users\Woei Shyang\Desktop\unhide.txt
2014-08-15 11:35 - 2014-08-15 11:35 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\Woei Shyang\Downloads\unhide.exe
2014-08-15 11:31 - 2014-08-15 11:31 - 05571320 _____ (Swearware) C:\Users\Woei Shyang\Downloads\ComboFix.exe
2014-08-15 11:24 - 2014-08-15 12:16 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-15 11:24 - 2014-08-15 11:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-15 11:24 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-15 11:24 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-15 11:24 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-15 11:23 - 2014-08-15 11:24 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Woei Shyang\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-15 10:06 - 2014-08-15 10:06 - 01121208 _____ () C:\Users\Woei Shyang\Downloads\ProcessMonitor.zip
2014-08-13 14:16 - 2014-08-13 14:16 - 22202592 _____ (腾讯科技(深圳)有限公司) C:\Users\Woei Shyang\Downloads\weiyun_windows_2.2.0.1154 (1).exe
2014-08-13 14:13 - 2014-08-19 06:37 - 00000000 ____D () C:\Program Files (x86)\Tencent
2014-08-13 14:13 - 2014-08-18 09:14 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\Tencent
2014-08-13 14:13 - 2014-08-13 14:13 - 22202592 _____ (腾讯科技(深圳)有限公司) C:\Users\Woei Shyang\Downloads\weiyun_windows_2.2.0.1154.exe
2014-08-13 14:13 - 2014-08-13 14:13 - 12570536 _____ (腾讯科技(深圳)有限公司) C:\Users\Woei Shyang\Downloads\weiyun_sync_2.0.0.532.exe
2014-08-13 14:10 - 2014-08-13 14:10 - 00561688 _____ (Tencent) C:\Users\Woei Shyang\Downloads\WeiYunWebKitPlugin.exe
2014-08-13 14:10 - 2014-08-13 14:10 - 00000000 ____D () C:\Program Files (x86)\QQMailPlugin
2014-08-13 13:31 - 2014-08-13 13:31 - 00000000 ____D () C:\Program Files\FolderSize
2014-08-13 13:29 - 2014-08-13 13:29 - 00294912 _____ () C:\Users\Woei Shyang\Downloads\FolderSize-2.6-x64.msi
2014-08-12 22:04 - 2014-08-12 22:04 - 00003380 _____ () C:\Windows\System32\Tasks\Intel_C_CVDA334000JX2403GN
2014-08-12 19:22 - 2014-08-12 19:22 - 00045231 _____ () C:\Users\Woei Shyang\Downloads\captain-america-the-winter-soldier_english-957682.zip
2014-08-12 06:20 - 2014-08-12 06:20 - 00602112 _____ (OldTimer Tools) C:\Users\Woei Shyang\Downloads\OTL.exe
2014-08-11 12:30 - 2014-08-11 12:30 - 07776256 _____ () C:\Users\Woei Shyang\Downloads\openrecovery-twrp-2.7.0.0-i9305(1).img
2014-08-11 11:25 - 2014-08-11 11:25 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-08-11 11:25 - 2014-08-11 11:25 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2014-08-11 11:25 - 2014-08-11 11:25 - 00000000 ____D () C:\usb_driver
2014-08-11 11:22 - 2014-08-11 11:39 - 00000000 ____D () C:\Users\Woei Shyang\Downloads\Heimdall Suite
2014-08-11 11:21 - 2014-08-11 11:22 - 10013808 _____ () C:\Users\Woei Shyang\Downloads\heimdall-suite-1.4.0-win32.zip
2014-08-11 11:11 - 2014-08-11 11:11 - 07776256 _____ () C:\Users\Woei Shyang\Downloads\openrecovery-twrp-2.7.0.0-i9305.img
2014-08-10 12:19 - 2014-08-10 12:19 - 00000000 ____D () C:\Program Files (x86)\MiniTool Partition Wizard Home Edition 8.1.1
2014-08-10 12:19 - 2013-09-30 16:26 - 03050808 _____ () C:\Windows\system32\pwNative.exe
2014-08-10 12:19 - 2013-09-30 16:26 - 00019152 ____N () C:\Windows\system32\pwdrvio.sys
2014-08-10 12:19 - 2013-09-30 16:26 - 00012504 ____N () C:\Windows\system32\pwdspio.sys
2014-08-10 12:18 - 2014-08-10 12:18 - 20772800 _____ (MiniTool Solution Ltd. ) C:\Users\Woei Shyang\Downloads\pwhe8.exe
2014-08-09 16:24 - 2014-08-09 16:24 - 00000000 ____D () C:\Program Files (x86)\LG Electronics
2014-08-09 16:24 - 2014-08-09 16:24 - 00000000 ____D () C:\LGE988
2014-08-09 16:24 - 2012-07-03 11:58 - 00031744 _____ (Google Inc) C:\Windows\system32\Drivers\lgandnetadb.sys
2014-08-09 16:24 - 2012-07-03 11:50 - 00036352 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetmodem64.sys
2014-08-09 16:24 - 2012-07-03 11:50 - 00029184 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetdiag64.sys
2014-08-09 16:24 - 2012-07-03 11:50 - 00029184 _____ (LG Electronics Inc.) C:\Windows\system32\Drivers\lgandnetdiag264.sys
2014-08-09 16:24 - 2011-07-18 06:03 - 01919968 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01005.dll
2014-08-09 16:15 - 2014-08-09 16:15 - 00000000 ____D () C:\Users\Woei Shyang\.android
2014-08-09 16:14 - 2014-08-09 16:23 - 00002411 _____ () C:\Windows\SysWOW64\lgAxconfig.ini
2014-08-09 16:14 - 2011-05-06 10:37 - 00655872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr90.dll
2014-08-09 16:14 - 2011-05-06 10:37 - 00568832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp90.dll
2014-08-09 16:14 - 2011-05-06 10:37 - 00224768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcm90.dll
2014-08-09 16:14 - 2006-04-30 05:33 - 00053248 _____ () C:\Windows\SysWOW64\CommonDL.dll
2014-08-09 16:14 - 2005-11-19 23:34 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4r.dll
2014-08-09 16:14 - 2005-09-29 22:39 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4a.dll
2014-08-09 16:14 - 2005-09-07 11:51 - 01233920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml4.dll
2014-08-09 16:13 - 2014-08-09 16:13 - 00636571 _____ () C:\Users\Woei Shyang\Downloads\(MAC)LGUnitedMobile_Mac_Driver_Ver_4.9.zip
2014-08-09 16:13 - 2014-08-09 16:13 - 00261208 _____ (LG Electronics) C:\Users\Woei Shyang\Downloads\B2CAppSetup(1).exe
2014-08-09 16:11 - 2014-08-09 16:11 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-08-09 16:09 - 2014-08-09 16:09 - 00000000 ____D () C:\Users\Woei Shyang\Downloads\E988
2014-08-09 16:08 - 2014-08-09 16:08 - 01420041 _____ () C:\Users\Woei Shyang\Downloads\roottool.zip
2014-08-09 09:57 - 2014-08-09 09:58 - 71166269 _____ () C:\Users\Woei Shyang\Downloads\Black_Mesa_Soundtrack.zip
2014-08-06 18:15 - 2014-08-07 18:02 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\TaobaoProtect
2014-08-01 20:11 - 2014-08-01 20:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-01 19:35 - 2014-08-01 19:35 - 00165961 _____ () C:\Users\Woei Shyang\Downloads\full_of_resources_3_11.zip
2014-08-01 19:35 - 2014-08-01 19:35 - 00165961 _____ () C:\Users\Woei Shyang\Downloads\full_of_resources_3_11 (1).zip
2014-08-01 19:33 - 2014-08-01 19:33 - 00102834 _____ () C:\Users\Woei Shyang\Downloads\SmartMapV91.zip
2014-08-01 19:30 - 2014-08-01 19:30 - 02469508 _____ () C:\Users\Woei Shyang\Downloads\Civ4_Map_Scripts.zip
2014-07-31 21:02 - 2014-07-31 21:02 - 00050150 _____ () C:\Users\Woei Shyang\Downloads\perfectworld2.zip
2014-07-31 20:56 - 2014-07-31 20:56 - 00002675 _____ () C:\Users\Woei Shyang\Downloads\4f_1h_1sr.zip
2014-07-26 12:42 - 2014-07-26 12:42 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Local\My Games
2014-07-25 19:33 - 2014-07-25 19:33 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Manager
2014-07-25 19:32 - 2014-08-18 15:37 - 00000964 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1205358742-1771774525-369522282-1001UA.job
2014-07-25 19:32 - 2014-08-17 19:37 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1205358742-1771774525-369522282-1001Core.job
2014-07-25 19:32 - 2014-07-25 19:32 - 00895120 _____ (Google Inc.) C:\Users\Woei Shyang\Downloads\musicmanagerinstaller (1).exe
2014-07-25 19:32 - 2014-07-25 19:32 - 00003922 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1205358742-1771774525-369522282-1001UA
2014-07-25 19:32 - 2014-07-25 19:32 - 00003542 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1205358742-1771774525-369522282-1001Core
2014-07-25 07:29 - 2014-07-25 07:29 - 04756992 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-07-25 07:29 - 2014-07-25 07:29 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-07-25 07:29 - 2014-07-25 07:29 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-07-23 06:45 - 2014-07-23 06:46 - 393563883 _____ () C:\Users\Woei Shyang\Downloads\CleanROM-3.6.zip

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-19 06:49 - 2014-08-19 06:48 - 00105177 _____ () C:\Users\Woei Shyang\Downloads\FRST.txt
2014-08-19 06:49 - 2014-07-04 10:40 - 00121017 _____ () C:\Windows\system32\config\rules.rdb
2014-08-19 06:48 - 2014-08-19 06:48 - 00000000 ____D () C:\FRST
2014-08-19 06:47 - 2014-08-19 06:47 - 02101760 _____ (Farbar) C:\Users\Woei Shyang\Downloads\FRST64.exe
2014-08-19 06:47 - 2014-05-13 19:25 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-19 06:44 - 2014-05-05 16:05 - 01257966 _____ () C:\Windows\WindowsUpdate.log
2014-08-19 06:43 - 2014-05-05 16:11 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1205358742-1771774525-369522282-1001
2014-08-19 06:41 - 2014-05-05 16:16 - 00003978 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{406703F3-B299-4021-947F-1950D31BC8B9}
2014-08-19 06:40 - 2014-05-05 16:20 - 00000938 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-19 06:39 - 2014-05-05 18:00 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\Copy
2014-08-19 06:39 - 2014-05-05 16:43 - 00000000 ___RD () C:\Users\Woei Shyang\Dropbox
2014-08-19 06:38 - 2014-05-06 06:24 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\jEdit
2014-08-19 06:38 - 2014-05-05 17:10 - 00000000 ___DO () C:\Users\Woei Shyang\OneDrive
2014-08-19 06:38 - 2014-05-05 16:45 - 00000000 ___RD () C:\Users\Woei Shyang\Google Drive
2014-08-19 06:38 - 2014-05-05 16:37 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\.purple
2014-08-19 06:38 - 2014-05-05 16:22 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\Dropbox
2014-08-19 06:38 - 2014-05-05 16:20 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-19 06:37 - 2014-08-13 14:13 - 00000000 ____D () C:\Program Files (x86)\Tencent
2014-08-19 06:37 - 2014-05-05 16:20 - 00000934 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-19 06:37 - 2013-08-22 22:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-18 16:35 - 2014-07-04 13:23 - 00470698 _____ () C:\Windows\system32\config\afw_db.conf
2014-08-18 16:35 - 2014-07-04 13:23 - 00000796 _____ () C:\Windows\system32\config\afw_hm.conf
2014-08-18 16:35 - 2014-05-05 18:37 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\KeePass
2014-08-18 16:35 - 2013-08-22 21:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-08-18 15:37 - 2014-07-25 19:32 - 00000964 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1205358742-1771774525-369522282-1001UA.job
2014-08-18 09:27 - 2014-08-18 09:27 - 00086686 _____ () C:\Users\Woei Shyang\Downloads\Extras.Txt
2014-08-18 09:26 - 2014-08-18 09:26 - 00183894 _____ () C:\Users\Woei Shyang\Downloads\OTL.Txt
2014-08-18 09:18 - 2014-06-19 10:05 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\AgileBits
2014-08-18 09:14 - 2014-08-13 14:13 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\Tencent
2014-08-18 08:50 - 2014-03-18 17:54 - 00091458 _____ () C:\Windows\PFRO.log
2014-08-17 19:37 - 2014-07-25 19:32 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1205358742-1771774525-369522282-1001Core.job
2014-08-17 19:29 - 2014-05-05 18:14 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Local\Transmission Remote GUI
2014-08-17 18:23 - 2014-08-17 18:23 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-08-17 18:22 - 2014-07-17 15:10 - 00000000 ____D () C:\Program Files (x86)\AliWangWang
2014-08-16 12:24 - 2014-08-16 12:24 - 00043696 _____ () C:\Users\Woei Shyang\Downloads\contagion_english-562922.zip
2014-08-16 08:34 - 2014-08-16 08:34 - 00000000 ___DL () C:\Windows\system32\sru
2014-08-16 08:30 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\system32\winevt
2014-08-16 08:22 - 2014-05-05 17:39 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\VMware
2014-08-16 08:22 - 2014-05-05 17:39 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Local\VMware
2014-08-16 08:10 - 2014-05-06 08:15 - 00000600 _____ () C:\Users\Woei Shyang\AppData\Local\PUTTY.RND
2014-08-15 21:32 - 2014-08-15 21:32 - 00029511 _____ () C:\Users\Woei Shyang\Downloads\0f04098cfbbcf2a0b704ccb431e8d5dd9c20c579.zip
2014-08-15 16:37 - 2013-11-19 11:58 - 00850432 ___SH () C:\Users\Woei Shyang\Desktop\Thumbs.db
2014-08-15 12:16 - 2014-08-15 11:24 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-15 11:48 - 2014-08-15 11:36 - 00002890 _____ () C:\Users\Woei Shyang\Desktop\unhide.txt
2014-08-15 11:39 - 2014-08-15 11:39 - 01944824 _____ (Bleeping Computer, LLC) C:\Users\Woei Shyang\Downloads\rkill.exe
2014-08-15 11:39 - 2014-08-15 11:38 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Woei Shyang\Downloads\tdsskiller.exe
2014-08-15 11:35 - 2014-08-15 11:35 - 00398752 _____ (Bleeping Computer, LLC) C:\Users\Woei Shyang\Downloads\unhide.exe
2014-08-15 11:31 - 2014-08-15 11:31 - 05571320 _____ (Swearware) C:\Users\Woei Shyang\Downloads\ComboFix.exe
2014-08-15 11:24 - 2014-08-15 11:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-15 11:24 - 2014-08-15 11:23 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Woei Shyang\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-15 10:55 - 2013-08-22 22:46 - 00024980 _____ () C:\Windows\setupact.log
2014-08-15 10:06 - 2014-08-15 10:06 - 01121208 _____ () C:\Users\Woei Shyang\Downloads\ProcessMonitor.zip
2014-08-14 21:09 - 2014-05-05 18:01 - 00000000 ___RD () C:\Users\Woei Shyang\Copy
2014-08-14 18:07 - 2014-05-05 16:22 - 00001092 _____ () C:\Users\Woei Shyang\Desktop\Dropbox.lnk
2014-08-14 18:07 - 2014-05-05 16:22 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-14 05:57 - 2014-05-05 17:13 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\uTorrent
2014-08-14 05:52 - 2014-07-17 16:27 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\WWApk
2014-08-13 20:23 - 2014-02-24 06:21 - 00000000 ____D () C:\Users\Woei Shyang\dwhelper
2014-08-13 14:16 - 2014-08-13 14:16 - 22202592 _____ (腾讯科技(深圳)有限公司) C:\Users\Woei Shyang\Downloads\weiyun_windows_2.2.0.1154 (1).exe
2014-08-13 14:13 - 2014-08-13 14:13 - 22202592 _____ (腾讯科技(深圳)有限公司) C:\Users\Woei Shyang\Downloads\weiyun_windows_2.2.0.1154.exe
2014-08-13 14:13 - 2014-08-13 14:13 - 12570536 _____ (腾讯科技(深圳)有限公司) C:\Users\Woei Shyang\Downloads\weiyun_sync_2.0.0.532.exe
2014-08-13 14:10 - 2014-08-13 14:10 - 00561688 _____ (Tencent) C:\Users\Woei Shyang\Downloads\WeiYunWebKitPlugin.exe
2014-08-13 14:10 - 2014-08-13 14:10 - 00000000 ____D () C:\Program Files (x86)\QQMailPlugin
2014-08-13 13:31 - 2014-08-13 13:31 - 00000000 ____D () C:\Program Files\FolderSize
2014-08-13 13:29 - 2014-08-13 13:29 - 00294912 _____ () C:\Users\Woei Shyang\Downloads\FolderSize-2.6-x64.msi
2014-08-13 08:29 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-08-12 22:04 - 2014-08-12 22:04 - 00003380 _____ () C:\Windows\System32\Tasks\Intel_C_CVDA334000JX2403GN
2014-08-12 19:22 - 2014-08-12 19:22 - 00045231 _____ () C:\Users\Woei Shyang\Downloads\captain-america-the-winter-soldier_english-957682.zip
2014-08-12 06:20 - 2014-08-12 06:20 - 00602112 _____ (OldTimer Tools) C:\Users\Woei Shyang\Downloads\OTL.exe
2014-08-11 12:30 - 2014-08-11 12:30 - 07776256 _____ () C:\Users\Woei Shyang\Downloads\openrecovery-twrp-2.7.0.0-i9305(1).img
2014-08-11 11:39 - 2014-08-11 11:22 - 00000000 ____D () C:\Users\Woei Shyang\Downloads\Heimdall Suite
2014-08-11 11:25 - 2014-08-11 11:25 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2014-08-11 11:25 - 2014-08-11 11:25 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2014-08-11 11:25 - 2014-08-11 11:25 - 00000000 ____D () C:\usb_driver
2014-08-11 11:22 - 2014-08-11 11:21 - 10013808 _____ () C:\Users\Woei Shyang\Downloads\heimdall-suite-1.4.0-win32.zip
2014-08-11 11:11 - 2014-08-11 11:11 - 07776256 _____ () C:\Users\Woei Shyang\Downloads\openrecovery-twrp-2.7.0.0-i9305.img
2014-08-10 12:19 - 2014-08-10 12:19 - 00000000 ____D () C:\Program Files (x86)\MiniTool Partition Wizard Home Edition 8.1.1
2014-08-10 12:18 - 2014-08-10 12:18 - 20772800 _____ (MiniTool Solution Ltd. ) C:\Users\Woei Shyang\Downloads\pwhe8.exe
2014-08-09 16:24 - 2014-08-09 16:24 - 00000000 ____D () C:\Program Files (x86)\LG Electronics
2014-08-09 16:24 - 2014-08-09 16:24 - 00000000 ____D () C:\LGE988
2014-08-09 16:24 - 2014-05-05 16:20 - 00000000 ____D () C:\Program Files (x86)\InstallShield Installation Information
2014-08-09 16:23 - 2014-08-09 16:14 - 00002411 _____ () C:\Windows\SysWOW64\lgAxconfig.ini
2014-08-09 16:15 - 2014-08-09 16:15 - 00000000 ____D () C:\Users\Woei Shyang\.android
2014-08-09 16:15 - 2014-05-05 16:05 - 00000000 ____D () C:\Users\Woei Shyang
2014-08-09 16:14 - 2013-09-23 21:05 - 00000843 _____ () C:\Users\Woei Shyang\Desktop\LGMobile Support Tool.lnk
2014-08-09 16:13 - 2014-08-09 16:13 - 00636571 _____ () C:\Users\Woei Shyang\Downloads\(MAC)LGUnitedMobile_Mac_Driver_Ver_4.9.zip
2014-08-09 16:13 - 2014-08-09 16:13 - 00261208 _____ (LG Electronics) C:\Users\Woei Shyang\Downloads\B2CAppSetup(1).exe
2014-08-09 16:11 - 2014-08-09 16:11 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-08-09 16:09 - 2014-08-09 16:09 - 00000000 ____D () C:\Users\Woei Shyang\Downloads\E988
2014-08-09 16:08 - 2014-08-09 16:08 - 01420041 _____ () C:\Users\Woei Shyang\Downloads\roottool.zip
2014-08-09 09:58 - 2014-08-09 09:57 - 71166269 _____ () C:\Users\Woei Shyang\Downloads\Black_Mesa_Soundtrack.zip
2014-08-07 18:02 - 2014-08-06 18:15 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\TaobaoProtect
2014-08-06 09:23 - 2014-05-05 16:06 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Local\Packages
2014-08-06 08:12 - 2014-05-08 20:11 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Local\alipay
2014-08-04 20:04 - 2014-05-05 16:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-01 20:11 - 2014-08-01 20:11 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-01 19:55 - 2014-02-24 02:08 - 00000000 ____D () C:\Users\Woei Shyang\Documents\My Games
2014-08-01 19:35 - 2014-08-01 19:35 - 00165961 _____ () C:\Users\Woei Shyang\Downloads\full_of_resources_3_11.zip
2014-08-01 19:35 - 2014-08-01 19:35 - 00165961 _____ () C:\Users\Woei Shyang\Downloads\full_of_resources_3_11 (1).zip
2014-08-01 19:33 - 2014-08-01 19:33 - 00102834 _____ () C:\Users\Woei Shyang\Downloads\SmartMapV91.zip
2014-08-01 19:30 - 2014-08-01 19:30 - 02469508 _____ () C:\Users\Woei Shyang\Downloads\Civ4_Map_Scripts.zip
2014-08-01 11:53 - 2014-05-14 09:41 - 00000000 ____D () C:\Program Files\paint.net
2014-07-31 21:02 - 2014-07-31 21:02 - 00050150 _____ () C:\Users\Woei Shyang\Downloads\perfectworld2.zip
2014-07-31 20:56 - 2014-07-31 20:56 - 00002675 _____ () C:\Users\Woei Shyang\Downloads\4f_1h_1sr.zip
2014-07-26 12:45 - 2014-07-18 09:31 - 00001296 _____ () C:\Users\Public\Desktop\Intel SSD Toolbox.lnk
2014-07-26 12:42 - 2014-07-26 12:42 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Local\My Games
2014-07-25 19:33 - 2014-07-25 19:33 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Music Manager
2014-07-25 19:33 - 2014-05-05 16:20 - 00000000 ____D () C:\Users\Woei Shyang\AppData\Local\Google
2014-07-25 19:32 - 2014-07-25 19:32 - 00895120 _____ (Google Inc.) C:\Users\Woei Shyang\Downloads\musicmanagerinstaller (1).exe
2014-07-25 19:32 - 2014-07-25 19:32 - 00003922 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1205358742-1771774525-369522282-1001UA
2014-07-25 19:32 - 2014-07-25 19:32 - 00003542 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1205358742-1771774525-369522282-1001Core
2014-07-25 19:06 - 2014-05-06 06:26 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-25 19:06 - 2014-05-06 06:26 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-25 07:50 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-07-25 07:39 - 2013-08-22 23:36 - 00000000 ____D () C:\Windows\rescache
2014-07-25 07:30 - 2013-08-22 23:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-25 07:29 - 2014-07-25 07:29 - 04756992 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-07-25 07:29 - 2014-07-25 07:29 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-07-25 07:29 - 2014-07-25 07:29 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-07-23 06:46 - 2014-07-23 06:45 - 393563883 _____ () C:\Users\Woei Shyang\Downloads\CleanROM-3.6.zip
2014-07-22 22:07 - 2014-05-08 21:51 - 00002446 _____ () C:\Users\Woei Shyang\_viminfo

Some content of TEMP:
====================
C:\Users\Woei Shyang\AppData\Local\Temp\1Password-4.0.0.499.exe
C:\Users\Woei Shyang\AppData\Local\Temp\1Password-4.0.1.503.exe
C:\Users\Woei Shyang\AppData\Local\Temp\avgnt.exe
C:\Users\Woei Shyang\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7tx364.dll
C:\Users\Woei Shyang\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Woei Shyang\AppData\Local\Temp\LMkRstPt.exe
C:\Users\Woei Shyang\AppData\Local\Temp\op_install32.dll
C:\Users\Woei Shyang\AppData\Local\Temp\Procmon64.exe
C:\Users\Woei Shyang\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== BCD ================================

Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=\Device\HarddiskVolume2
description Windows Boot Manager
locale en-US
inherit {globalsettings}
integrityservices Enable
default {3262bbf0-aed4-11e3-9820-adf3f2beb556}
resumeobject {3262bbef-aed4-11e3-9820-adf3f2beb556}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30

Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 8.1
locale en-US
inherit {bootloadersettings}
recoverysequence {3262bbf1-aed4-11e3-9820-adf3f2beb556}
integrityservices Enable
recoveryenabled Yes
allowedinmemorysettings 0x15000075
osdevice partition=C:
systemroot \Windows
resumeobject {3262bbed-aed4-11e3-9820-adf3f2beb556}
nx OptIn
bootmenupolicy Standard

Windows Boot Loader
-------------------
identifier {3262bbf1-aed4-11e3-9820-adf3f2beb556}
device ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{3262bbf2-aed4-11e3-9820-adf3f2beb556}
path \windows\system32\winload.exe
description Windows Recovery Environment
locale en-us
inherit {bootloadersettings}
displaymessage Recovery
displaymessageoverride Recovery
osdevice ramdisk=[C:]\Recovery\WindowsRE\Winre.wim,{3262bbf2-aed4-11e3-9820-adf3f2beb556}
systemroot \windows
nx OptIn
bootmenupolicy Standard
winpe Yes

Resume from Hibernate
---------------------
identifier {3262bbed-aed4-11e3-9820-adf3f2beb556}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
recoverysequence {3262bbf1-aed4-11e3-9820-adf3f2beb556}
recoveryenabled Yes
allowedinmemorysettings 0x15000075
filedevice partition=C:
filepath \hiberfil.sys
bootmenupolicy Standard
debugoptionenabled No

Windows Memory Tester
---------------------
identifier {memdiag}
device partition=\Device\HarddiskVolume2
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes

EMS Settings
------------
identifier {emssettings}
bootems No

Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200

RAM Defects
-----------
identifier {badmemory}

Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}

Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}

Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200

Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}

Device options
--------------
identifier {3262bbf2-aed4-11e3-9820-adf3f2beb556}
description Windows Recovery
ramdisksdidevice partition=C:
ramdisksdipath \Recovery\WindowsRE\boot.sdi



LastRegBack: 2014-08-18 09:12

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01
Ran by Woei Shyang at 2014-08-19 06:49:31
Running from C:\users\Woei Shyang\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Outpost Firewall Pro (Enabled) {F20EB802-E8F1-2672-C701-E680BB11EFAB}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
1Password 4.0.1.503 (HKLM-x32\...\1Password4_is1) (Version: 4.0 - AgileBits)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
AMD Catalyst Control Center (x32 Version: 2014.0423.449.6734 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira (HKLM-x32\...\{66116465-9a0c-41ea-ba8e-c572cc3a2eaa}) (Version: 1.0.5218.31571 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.0.5218.31571 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.552 - Avira)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon LBP2900 (HKLM\...\Canon LBP2900) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (HKLM-x32\...\{8B1A559A-FB9D-42F5-A8A7-2F132CF28414}) (Version: 1.00.0000 - )
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0423.449.6734 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0423.449.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0423.449.6734 - Advanced Micro Devices, Inc.) Hidden
CGS17_Setup_x64 (Version: 17.1 - Corel Corporation) Hidden
Combined Community Codec Pack 2014-04-20 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2014.04.20.0 - CCCP Project)
Copy (HKLM\...\{18933AA7-3055-4E5C-BEBF-8A2AF6C56D29}) (Version: 1.43.319.0 - Barracuda Networks, Inc.)
Corel Graphics - Windows Shell Extension (HKLM\...\_{4DC318F5-1640-4417-A218-912ED9905FAA}) (Version: 17.1.0.572 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 17.1.572 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 17.1.572 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Capture (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Common (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Connect (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Custom Data (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Draw (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - EN (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Filters (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - FontNav (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM Content (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - IPM T (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - PHOTO-PAINT (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Photozoom Plugin (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Redist (x64) (Version: 17.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Setup Files (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VBA (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - VideoBrowser (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 - Writing Tools (x64) (Version: 17.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X7 (64-Bit) (HKLM\...\_{5CB73140-806C-42C6-A05A-1AFD0E92DEB5}) (Version: 17.1.0.572 - Corel Corporation)
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version: - Paradox Development Studio)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{65480649-2AA6-4C5C-AAE8-DB35335D98A7}) (Version: - Microsoft)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
f.lux (HKCU\...\Flux) (Version: - )
FinePrint (HKLM\...\FinePrint) (Version: 8.10 - FinePrint Software, LLC)
Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio)
foobar2000 v1.3.2 (HKLM-x32\...\foobar2000) (Version: 1.3.2 - Peter Pawlowski)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.0.429 - Foxit Corporation)
Git version 1.9.2-preview20140411 (HKLM-x32\...\Git_is1) (Version: 1.9.2-preview20140411 - The Git Development Community)
Google Chrome (HKLM-x32\...\{A7A76FD6-91B5-3C7F-B37D-DFDA03F5FBAE}) (Version: 65.205.49283 - Google, Inc.)
Google Drive (HKLM-x32\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel® C++ Redistributables for Windows* on Intel® 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel® Update Manager (x32 Version: 1.6.3.70 - Intel Corporation) Hidden
Intel® SSD Toolbox (HKLM-x32\...\{06D085C8-1F00-11B2-96A7-8f0CE39193ED}) (Version: 3.2.3.400 - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (x32 Version: 2.8.05.13 - Oracle, Inc.) Hidden
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
jEdit 5.1.0 (HKLM\...\jEdit_is1) (Version: 5.1.0 - Contributors)
KeePass Password Safe 2.26 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.26 - Dominik Reichl)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.8.1 - LG Electronics)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Access MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft DCF MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Groove MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office 64-bit Components 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 Finalizer (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Module linguistique Français (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - DEU-Sprachpaket (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Language Pack ITA (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - Paquete de idioma ESN (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - 한국어 언어 팩 (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - 日本語 Language Pack (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 主控支援 - 繁體中文語言套件 (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x64 托管支持 - 简体中文语言包 (Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - DEU-Sprachpaket (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Language Pack ITA (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Module linguistique Français (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - Paquete de idioma ESN (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - 한국어 언어 팩 (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - 日本語 Language Pack (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 主控支援 - 繁體中文語言套件 (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2012 x86 托管支持 - 简体中文语言包 (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
Microsoft Word MUI (English) 2013 (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version: - MiniTool Solution Ltd.)
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Music Manager (HKCU\...\MusicManager) (Version: - Google, Inc.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6 - Notepad++ Team)
Outils de vérification linguistique 2013 de Microsoft Office - Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Outpost Firewall Pro 9.1 (HKLM\...\Agnitum Outpost Firewall Pro_is1) (Version: 9.1 - Agnitum, Ltd.)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.9 - )
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
PuTTY version 0.63 (HKLM-x32\...\PuTTY_is1) (Version: 0.63 - Simon Tatham)
Sid Meier's Civilization IV: Beyond the Sword (HKLM-x32\...\Steam App 8800) (Version: - Firaxis Games)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - Firaxis Games)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version: - )
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
tools-freebsd (x32 Version: 9.6.2.1744117 - VMware, Inc.) Hidden
tools-linux (x32 Version: 9.6.2.1744117 - VMware, Inc.) Hidden
tools-netware (x32 Version: 9.6.2.1744117 - VMware, Inc.) Hidden
tools-solaris (x32 Version: 9.6.2.1744117 - VMware, Inc.) Hidden
tools-windows (x32 Version: 9.6.2.1744117 - VMware, Inc.) Hidden
tools-winPre2k (x32 Version: 9.6.2.1744117 - VMware, Inc.) Hidden
Transmission Remote GUI 5.0.1 (HKLM-x32\...\transgui_is1) (Version: - Yury Sidorov)
Update for CHS Microsoft IME HAP Dictionary (Version: 16.0.1021.1 - Microsoft Corporation) Hidden
Update for Microsoft Excel 2013 (KB2881085) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{122B0E69-64AF-41BE-B3F6-D387A7E7E687}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{122B0E69-64AF-41BE-B3F6-D387A7E7E687}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{122B0E69-64AF-41BE-B3F6-D387A7E7E687}) (Version: - Microsoft)
Update for Microsoft Excel 2013 (KB2881085) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{122B0E69-64AF-41BE-B3F6-D387A7E7E687}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2850074) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{A4EACEBA-1944-45DB-B547-8967AA7926B9}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817302) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1644D7F6-90EE-4252-8884-18E4E330529D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826040) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B7EA8070-C37F-4617-82F4-52CF3304595A}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837644) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{9BC5FF1D-9626-44D7-BC7F-EB44BD8BDB9F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880457) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{D27F6360-AE1E-4C8C-8ECD-C0375E20B923}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880462) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{5D6439FF-D651-4B13-B52E-2508AB9DE19D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880464) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{06EF2BF7-7351-4D70-A0D5-588FCCF9808D}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880478) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7C5CEE0F-6823-4BB7-A28F-76FEC14EB6AC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{07017577-FBD6-45E2-A796-659E8F428057}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2880987) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{07017577-FBD6-45E2-A796-659E8F428057}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{90150000-0090-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881035) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{01B80B63-C638-4004-9148-75B8C8518B1E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881074) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{B23AED0C-4813-4B49-9870-2F0968824E87}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{56962EB1-4DD3-48BB-934B-EA4C4516D89A}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 32-Bit Edition (HKLM-x32\...\{90150000-001F-040C-0000-0000000FF1CE}_Office15.PROPLUSR_{63AED158-0508-4738-A811-840B2053EF3B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881084) 32-Bit Edition (HKLM-x32\...\{90150000-001F-0C0A-0000-0000000FF1CE}_Office15.PROPLUSR_{23073850-B916-414F-9204-AB0512524A6A}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881086) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{02DB183E-6F67-4906-A391-325874C5DA87}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2881086) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{02DB183E-6F67-4906-A391-325874C5DA87}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{FC6618D2-F75D-4FDD-B396-E4B0C0D757B6}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{FC6618D2-F75D-4FDD-B396-E4B0C0D757B6}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 32-Bit Edition (HKLM-x32\...\{90150000-00BA-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{FC6618D2-F75D-4FDD-B396-E4B0C0D757B6}) (Version: - Microsoft)
Update for Microsoft OneDrive for Business (KB2881087) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{FC6618D2-F75D-4FDD-B396-E4B0C0D757B6}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CA0F0611-10FB-47D4-A642-E3BABCC73393}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 32-Bit Edition (HKLM-x32\...\{90150000-00A1-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{CA0F0611-10FB-47D4-A642-E3BABCC73393}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2881082) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{CA0F0611-10FB-47D4-A642-E3BABCC73393}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2880470) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{1BCA67A6-5329-48D0-A088-C097AC7A14BD}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881075) 32-Bit Edition (HKLM-x32\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{15033648-0DAB-4BE8-B84B-D1139BD0563F}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2881075) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{15033648-0DAB-4BE8-B84B-D1139BD0563F}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 32-Bit Edition (HKLM-x32\...\{90150000-0019-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{7500AD77-83C6-400B-8B2F-F8E401A7B697}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2880999) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{7500AD77-83C6-400B-8B2F-F8E401A7B697}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2878319) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{A7CD05CC-CA85-428C-91FD-74A908D126E1}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 32-Bit Edition (HKLM-x32\...\{90150000-001A-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{2C43B8B8-09A1-4D09-B4B9-B247A7348D75}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 32-Bit Edition (HKLM-x32\...\{90150000-001B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{2C43B8B8-09A1-4D09-B4B9-B247A7348D75}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUSR_{2C43B8B8-09A1-4D09-B4B9-B247A7348D75}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2881080) 32-Bit Edition (HKLM-x32\...\{91150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUSR_{2C43B8B8-09A1-4D09-B4B9-B247A7348D75}) (Version: - Microsoft)
Vim 7.4 (self-installing) (HKLM\...\Vim 7.4) (Version: - )
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VMware Workstation (HKLM-x32\...\VMware_Workstation) (Version: 10.0.2 - VMware, Inc)
VMware Workstation (Version: 10.0.2 - VMware, Inc.) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinSCP 5.5.3 (HKLM-x32\...\winscp3_is1) (Version: 5.5.3 - Martin Prikryl)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.2-5 - Bitnami)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (x32 Version: 11.0.51108 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1205358742-1771774525-369522282-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Woei Shyang\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1205358742-1771774525-369522282-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Woei Shyang\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1205358742-1771774525-369522282-1001_Classes\CLSID\{ca586c80-7c84-4b88-8537-726724df6929}\InprocServer32 -> C:\Program Files (x86)\Git\git-cheetah\git_shell_ext64.dll ()
CustomCLSID: HKU\S-1-5-21-1205358742-1771774525-369522282-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Woei Shyang\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1205358742-1771774525-369522282-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Woei Shyang\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1205358742-1771774525-369522282-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Woei Shyang\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1205358742-1771774525-369522282-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Woei Shyang\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1205358742-1771774525-369522282-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Woei Shyang\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1205358742-1771774525-369522282-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Woei Shyang\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1205358742-1771774525-369522282-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Woei Shyang\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1205358742-1771774525-369522282-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Woei Shyang\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1205358742-1771774525-369522282-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Woei Shyang\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

15-08-2014 10:15:34 Scheduled Checkpoint
17-08-2014 10:22:42 删除了 微软设备健康助手

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 21:25 - 2013-08-22 21:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0DFADE1A-713E-4673-9E8B-9938AF031D4D} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {0FC5DE25-5DB4-4D89-BD3A-01946261B343} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-07-09] (Microsoft Corporation)
Task: {1030BDA6-A143-45FD-BD5F-6701E4330AD1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2E131B4C-1D98-47C3-A46F-D20C2AC99184} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-05] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {46A4EC17-C126-4B6C-8B47-05FE0B93AC05} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1205358742-1771774525-369522282-1001Core => C:\Users\Woei Shyang\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-25] (Google Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {563D78C8-0A28-479F-9A7B-1DF920146525} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {5AF21E71-9EDC-47E5-9718-5673A8E53F37} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {6295ED16-47B5-4501-AC8A-A7CC6F9E0DA1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {71317277-126B-4C52-9F88-D96CBE8C765C} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7E480069-1236-4387-9ACA-B1927CAEEA3E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1205358742-1771774525-369522282-1001UA => C:\Users\Woei Shyang\AppData\Local\Google\Update\GoogleUpdate.exe [2014-07-25] (Google Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {93B9FC93-4E04-4C41-8C69-3A590DD4710A} - System32\Tasks\Intel_C_CVDA334000JX2403GN => C:\Program Files (x86)\Intel\Intel® SSD Toolbox\Intel SSD Toolbox.exe [2014-07-17] (Intel)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A08CAA66-1D00-479E-86EE-B42E4D42C208} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {B117C106-FADE-496F-97B3-B298F84370E6} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {C5511CAF-1880-42F4-A0FC-ADC8F1633642} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {E910FDB1-792B-46F3-B131-06603814D9A5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-05] (Google Inc.)
Task: {F6C5905E-F448-4117-BD37-9997D67D443B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {FF294F4C-4C57-4CF3-A1B9-B0488A4F2C0A} - System32\Tasks\ISM-UpdateService-e57b59e7-5862-4250-9ce0-76fb411dc0d2-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\Bootstrap.exe [2013-07-18] (Intel Corporation)
Task: {FFE4F90C-3B09-419A-B1BF-DE1676918BB2} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1205358742-1771774525-369522282-1001Core.job => C:\Users\Woei Shyang\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1205358742-1771774525-369522282-1001UA.job => C:\Users\Woei Shyang\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-07-04 10:40 - 2013-07-31 12:37 - 00183296 _____ () C:\Program Files\Agnitum\Outpost Firewall Pro\zlib.dll
2014-06-10 13:19 - 2014-06-10 13:19 - 08892072 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-05-05 18:00 - 2014-06-15 06:44 - 08212480 _____ () C:\users\Woei Shyang\AppData\Roaming\Copy\overlay\Brt.dll
2014-04-15 20:25 - 2014-08-04 20:59 - 02092544 _____ () C:\Users\Woei Shyang\AppData\Roaming\Copy\Gui.dll
2014-04-15 20:41 - 2014-08-04 20:59 - 08212480 _____ () C:\Users\Woei Shyang\AppData\Roaming\Copy\Brt.dll
2014-04-15 20:27 - 2014-08-04 20:59 - 09222656 _____ () C:\Users\Woei Shyang\AppData\Roaming\Copy\AgentSync.dll
2014-04-15 20:25 - 2014-08-04 20:59 - 05329920 _____ () C:\Users\Woei Shyang\AppData\Roaming\Copy\CloudSync.dll
2014-05-13 06:44 - 2014-05-13 06:44 - 00046080 _____ () C:\Users\Woei Shyang\AppData\Local\KeePass\PluginCache\wjPOP3gPLCQdhkRuNLWD\Fleck2.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-14 16:41 - 2014-04-14 16:41 - 01261272 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2014-07-02 19:13 - 2014-08-05 03:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-05-05 17:13 - 2014-08-05 03:15 - 00332288 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-05-05 17:13 - 2014-08-05 03:15 - 00441856 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-05-05 17:13 - 2014-08-05 03:15 - 00769024 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-07-02 19:13 - 2014-08-14 06:31 - 02144448 _____ () C:\Program Files (x86)\Steam\video.dll
2014-07-02 19:13 - 2014-08-05 03:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-07-02 19:13 - 2014-07-31 11:47 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll
2014-05-05 17:13 - 2014-08-14 06:30 - 00677056 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-05-05 17:13 - 2014-08-13 14:27 - 34587328 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-19 06:38 - 2014-08-19 06:38 - 00098816 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\win32api.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00110080 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\pywintypes27.dll
2014-08-19 06:38 - 2014-08-19 06:38 - 00364544 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\pythoncom27.dll
2014-08-19 06:38 - 2014-08-19 06:38 - 00045568 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\_socket.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 01160704 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\_ssl.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00320512 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\win32com.shell.shell.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00713216 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\_hashlib.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 01175040 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\wx._core_.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00805888 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\wx._gdi_.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00811008 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\wx._windows_.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 01062400 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\wx._controls_.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00735232 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\wx._misc_.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00128512 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\_elementtree.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00127488 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\pyexpat.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00557056 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\pysqlite2._sqlite.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00007168 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\hashobjs_ext.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00087552 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\_ctypes.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00119808 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\win32file.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00108544 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\win32security.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00018432 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\win32event.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00038912 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\win32inet.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00070656 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\wx._html2.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00167936 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\win32gui.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00011264 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\win32crypt.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00027136 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\_multiprocessing.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00122368 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\wx._wizard.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00010240 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\select.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00024064 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\win32pipe.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00686080 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\unicodedata.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00025600 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\win32pdh.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00525640 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\windows._lib_cacheinvalidation.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00035840 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\win32process.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00017408 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\win32profile.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00022528 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\win32ts.pyd
2014-08-19 06:38 - 2014-08-19 06:38 - 00078336 _____ () C:\users\Woei Shyang\AppData\Local\Temp\_MEI46482\wx._animate.pyd
2014-02-03 08:19 - 2014-02-03 08:19 - 00036878 _____ () C:\Program Files (x86)\Pidgin\libssp-0.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00671031 _____ () C:\Program Files (x86)\Pidgin\exchndl.dll
2014-05-05 16:21 - 2014-05-05 16:21 - 00904525 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libcairo-2.dll
2014-05-05 16:21 - 2014-05-05 16:21 - 00100352 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\zlib1.dll
2014-05-05 16:21 - 2014-05-05 16:21 - 00279059 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libfontconfig-1.dll
2014-05-05 16:21 - 2014-05-05 16:21 - 00553382 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\freetype6.dll
2014-05-05 16:21 - 2014-05-05 16:21 - 00216992 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libpng14-14.dll
2014-02-03 08:18 - 2014-02-03 08:18 - 01274655 _____ () C:\Program Files (x86)\Pidgin\libxml2-2.dll
2014-05-05 16:21 - 2014-05-05 16:21 - 00177586 _____ () C:\Program Files (x86)\Pidgin\Gtk\bin\libexpat-1.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00475580 _____ () C:\Program Files (x86)\Pidgin\spellcheck\libgtkspell-0.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00020997 _____ () C:\Program Files (x86)\Pidgin\plugins\autoaccept.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00013253 _____ () C:\Program Files (x86)\Pidgin\plugins\buddynote.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00024924 _____ () C:\Program Files (x86)\Pidgin\plugins\convcolors.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00015702 _____ () C:\Program Files (x86)\Pidgin\plugins\extplacement.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00014147 _____ () C:\Program Files (x86)\Pidgin\plugins\gtkbuddynote.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00018882 _____ () C:\Program Files (x86)\Pidgin\plugins\history.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00012865 _____ () C:\Program Files (x86)\Pidgin\plugins\iconaway.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00019043 _____ () C:\Program Files (x86)\Pidgin\plugins\idle.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00018555 _____ () C:\Program Files (x86)\Pidgin\plugins\joinpart.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00015074 _____ () C:\Program Files (x86)\Pidgin\plugins\libaim.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00310443 _____ () C:\Program Files (x86)\Pidgin\liboscar.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00092285 _____ () C:\Program Files (x86)\Pidgin\plugins\libbonjour.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00201726 _____ () C:\Program Files (x86)\Pidgin\plugins\libgg.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00016005 _____ () C:\Program Files (x86)\Pidgin\plugins\libicq.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00106712 _____ () C:\Program Files (x86)\Pidgin\plugins\libirc.dll
2014-02-03 08:18 - 2014-02-03 08:18 - 00190464 _____ () C:\Program Files (x86)\Pidgin\libsasl.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00373657 _____ () C:\Program Files (x86)\Pidgin\plugins\libmsn.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00150086 _____ () C:\Program Files (x86)\Pidgin\plugins\libmxit.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00106670 _____ () C:\Program Files (x86)\Pidgin\plugins\libmyspace.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00123540 _____ () C:\Program Files (x86)\Pidgin\plugins\libnovell.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00116583 _____ () C:\Program Files (x86)\Pidgin\plugins\libsametime.dll
2014-02-03 08:18 - 2014-02-03 08:18 - 00152852 _____ () C:\Program Files (x86)\Pidgin\libmeanwhile-1.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00171090 _____ () C:\Program Files (x86)\Pidgin\plugins\libsilc.dll
2014-02-03 08:18 - 2014-02-03 08:18 - 02097721 _____ () C:\Program Files (x86)\Pidgin\libsilc-1-1-2.dll
2014-02-03 08:18 - 2014-02-03 08:18 - 00818985 _____ () C:\Program Files (x86)\Pidgin\libsilcclient-1-1-3.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00055804 _____ () C:\Program Files (x86)\Pidgin\plugins\libsimple.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00021337 _____ () C:\Program Files (x86)\Pidgin\plugins\libxmpp.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00416065 _____ () C:\Program Files (x86)\Pidgin\libjabber.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00022832 _____ () C:\Program Files (x86)\Pidgin\plugins\libyahoo.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00237138 _____ () C:\Program Files (x86)\Pidgin\libymsg.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00019793 _____ () C:\Program Files (x86)\Pidgin\plugins\libyahoojp.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00047391 _____ () C:\Program Files (x86)\Pidgin\plugins\log_reader.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00021795 _____ () C:\Program Files (x86)\Pidgin\plugins\markerline.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00013456 _____ () C:\Program Files (x86)\Pidgin\plugins\newline.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00029225 _____ () C:\Program Files (x86)\Pidgin\plugins\notify.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00017023 _____ () C:\Program Files (x86)\Pidgin\plugins\offlinemsg.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00029256 _____ () C:\Program Files (x86)\Pidgin\plugins\pidginrc.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00015380 _____ () C:\Program Files (x86)\Pidgin\plugins\psychic.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00015429 _____ () C:\Program Files (x86)\Pidgin\plugins\relnot.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00015045 _____ () C:\Program Files (x86)\Pidgin\plugins\sendbutton.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00069575 _____ () C:\Program Files (x86)\Pidgin\plugins\spellchk.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00028276 _____ () C:\Program Files (x86)\Pidgin\plugins\ssl-nss.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00012004 _____ () C:\Program Files (x86)\Pidgin\plugins\ssl.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00015978 _____ () C:\Program Files (x86)\Pidgin\plugins\statenotify.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00030353 _____ () C:\Program Files (x86)\Pidgin\plugins\themeedit.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00032020 _____ () C:\Program Files (x86)\Pidgin\plugins\ticker.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00018399 _____ () C:\Program Files (x86)\Pidgin\plugins\timestamp.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00023851 _____ () C:\Program Files (x86)\Pidgin\plugins\timestamp_format.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00029791 _____ () C:\Program Files (x86)\Pidgin\plugins\win2ktrans.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00030771 _____ () C:\Program Files (x86)\Pidgin\plugins\winprefs.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00037191 _____ () C:\Program Files (x86)\Pidgin\plugins\xmppconsole.dll
2014-02-03 08:19 - 2014-02-03 08:19 - 00044494 _____ () C:\Program Files (x86)\Pidgin\plugins\xmppdisco.dll
2014-02-03 08:18 - 2014-02-03 08:18 - 00102400 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslANONYMOUS.dll
2014-02-03 08:18 - 2014-02-03 08:18 - 00115712 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslCRAMMD5.dll
2014-02-03 08:18 - 2014-02-03 08:18 - 00140288 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslDIGESTMD5.dll
2014-02-03 08:18 - 2014-02-03 08:18 - 00102912 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslLOGIN.dll
2014-02-03 08:18 - 2014-02-03 08:18 - 00102912 _____ () C:\Program Files (x86)\Pidgin\sasl2\saslPLAIN.dll
2014-02-03 08:18 - 2014-02-03 08:18 - 00486400 _____ () C:\Program Files (x86)\Pidgin\sqlite3.dll
2014-05-05 16:21 - 2014-05-05 16:21 - 00090496 _____ () C:\Program Files (x86)\Pidgin\Gtk\lib\gtk-2.0\2.10.0\engines\libwimp.dll
2014-08-18 10:33 - 2014-08-13 14:27 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2013-12-11 05:06 - 2013-12-11 05:06 - 10683392 _____ () C:\Users\Woei Shyang\AppData\Local\Programs\Google\MusicManager\QtWebKit4.dll
2013-12-11 05:06 - 2013-12-11 05:06 - 07741952 _____ () C:\Users\Woei Shyang\AppData\Local\Programs\Google\MusicManager\QtGui4.dll
2013-12-11 05:06 - 2013-12-11 05:06 - 01681408 _____ () C:\Users\Woei Shyang\AppData\Local\Programs\Google\MusicManager\QtNetwork4.dll
2013-12-11 05:06 - 2013-12-11 05:06 - 02248192 _____ () C:\Users\Woei Shyang\AppData\Local\Programs\Google\MusicManager\QtCore4.dll
2014-05-16 05:20 - 2014-05-16 05:20 - 00117248 _____ () C:\Users\Woei Shyang\AppData\Local\Programs\Google\MusicManager\libaacdec.dll
2014-05-16 05:20 - 2014-05-16 05:20 - 00231936 _____ () C:\Users\Woei Shyang\AppData\Local\Programs\Google\MusicManager\libmpgdec.dll
2014-05-16 05:21 - 2014-05-16 05:21 - 00253440 _____ () C:\Users\Woei Shyang\AppData\Local\Programs\Google\MusicManager\libid3tag.dll
2014-05-16 05:24 - 2014-05-16 05:24 - 00344064 _____ () C:\Users\Woei Shyang\AppData\Local\Programs\Google\MusicManager\libaudioenc.dll
2013-12-11 05:06 - 2013-12-11 05:06 - 00026624 _____ () C:\Users\Woei Shyang\AppData\Local\Programs\Google\MusicManager\imageformats\qgif4.dll
2014-08-19 06:38 - 2014-08-19 06:38 - 00043008 _____ () c:\users\Woei Shyang\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7tx364.dll
2013-08-24 03:01 - 2013-08-24 03:01 - 25100288 _____ () C:\Users\Woei Shyang\AppData\Roaming\Dropbox\bin\libcef.dll
2014-04-15 18:34 - 2014-04-15 18:34 - 00138320 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-05-05 17:47 - 2014-04-15 18:33 - 00049744 _____ () C:\users\Woei Shyang\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-07-26 12:33 - 2014-07-26 12:33 - 00176128 _____ () C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Beyond the Sword\beyond the sword\boost_python-vc71-mt-1_32.dll
2014-07-26 12:33 - 2014-07-26 12:33 - 00059904 _____ () C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Beyond the Sword\beyond the sword\zlib1.dll
2014-07-26 12:32 - 2014-07-26 12:32 - 00193024 _____ () C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Beyond the Sword\beyond the sword\binkw32.dll
2014-07-26 12:08 - 2014-07-26 12:35 - 00387072 _____ () C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Beyond the Sword\beyond the sword\mss32.dll
2014-07-26 12:36 - 2014-07-26 12:36 - 00057344 _____ () C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Beyond the Sword\beyond the sword\hapdbg.dll
2014-05-05 17:13 - 2014-08-14 06:30 - 00350912 _____ () C:\Program Files (x86)\Steam\steam.dll
2014-07-26 12:36 - 2014-07-26 12:36 - 00150528 _____ () C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Beyond the Sword\Miles\win32\mssmp3.asi
2014-07-26 12:34 - 2014-07-26 12:34 - 00215040 _____ () C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Beyond the Sword\Miles\win32\mssvoice.asi
2014-07-26 12:35 - 2014-07-26 12:35 - 00028160 _____ () C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Beyond the Sword\Miles\win32\mssdolby.flt
2014-07-26 12:35 - 2014-07-26 12:35 - 00039936 _____ () C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Beyond the Sword\Miles\win32\mssds3d.flt
2014-07-26 12:34 - 2014-07-26 12:34 - 00107008 _____ () C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Beyond the Sword\Miles\win32\mssdsp.flt
2014-07-26 12:34 - 2014-07-26 12:34 - 00118784 _____ () C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Beyond the Sword\Miles\win32\msseax.flt
2014-07-26 12:35 - 2014-07-26 12:35 - 00042496 _____ () C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Beyond the Sword\Miles\win32\msssrs.flt
2014-07-26 12:34 - 2014-07-26 12:34 - 00049152 _____ () C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Beyond the Sword\WARLORDS\ASSETS\PYTHON\SYSTEM\_socket.pyd
2014-04-15 18:33 - 2014-04-15 18:33 - 00064592 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-01-23 07:55 - 2014-01-23 07:55 - 01030312 _____ () C:\Program Files (x86)\Microsoft Office\Office15\ADDINS\UmOutlookAddin.dll
2014-08-16 08:41 - 2014-08-07 11:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-16 08:41 - 2014-08-07 11:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2014-08-16 08:41 - 2014-08-07 11:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-16 08:41 - 2014-08-07 11:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-16 08:41 - 2014-08-07 11:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Woei Shyang\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Woei Shyang\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\acssrv => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\acssrv => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/19/2014 06:43:59 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3009) (User: NT AUTHORITY)
Description: Installing the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (08/19/2014 06:43:59 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3017) (User: NT AUTHORITY)
Description: Cannot update Last Counter value of SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib key. The first DWORD in the Data section contains the error code.

Error: (08/19/2014 06:42:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Avira.OE.ServiceHost.exe, version: 1.0.5218.31571, time stamp: 0x534d5f16
Faulting module name: ntdll.dll, version: 6.3.9600.17114, time stamp: 0x53648f36
Exception code: 0xc0000005
Fault offset: 0x0001ec81
Faulting process id: 0x878
Faulting application start time: 0xAvira.OE.ServiceHost.exe0
Faulting application path: Avira.OE.ServiceHost.exe1
Faulting module path: Avira.OE.ServiceHost.exe2
Report Id: Avira.OE.ServiceHost.exe3
Faulting package full name: Avira.OE.ServiceHost.exe4
Faulting package-relative application ID: Avira.OE.ServiceHost.exe5

Error: (08/19/2014 06:42:54 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
Stack:
at Avira.OE.AvConnector.Interface.ILicensePlugin.GetLicenseType()
at Avira.OE.AvConnector.AvStatusReporter.GetLicenseType()
at Avira.OE.ServiceHost.ComputerAndServicesInfo.CreateMessagePayload()
at Avira.OE.ServiceHost.UpdateAvailabilityChecker.CheckForUpdate()
at Avira.OE.ServiceHost.UpdateAvailabilityChecker.OnRecurrentUpdateCheck(System.Object)
at System.Threading.TimerQueueTimer.CallCallbackInContext(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.TimerQueueTimer.CallCallback()
at System.Threading.TimerQueueTimer.Fire()
at System.Threading.TimerQueue.FireNextTimers()
at System.Threading.TimerQueue.AppDomainTimerCallback()

Error: (08/19/2014 06:39:40 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 256) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The error was: 3 (0x3) : The system cannot find the path specified.
.

Error: (08/19/2014 06:39:40 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -1811.

Error: (08/19/2014 06:38:05 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3009) (User: NT AUTHORITY)
Description: Installing the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.

Error: (08/19/2014 06:38:05 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3017) (User: NT AUTHORITY)
Description: Cannot update Last Counter value of SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib key. The first DWORD in the Data section contains the error code.

Error: (08/19/2014 06:38:01 AM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2014-08-19T06:38:01.630+08:00| vthread-5| E105: Cannot find perfmon object in array returned by perfDLL, index=0

Error: (08/19/2014 06:37:57 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4


System errors:
=============
Error: (08/19/2014 06:46:52 AM) (Source: DCOM) (EventID: 10010) (User: WSHYANG-DESKTOP)
Description: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (08/19/2014 06:44:52 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Update service terminated with the following error:
%%2147942403

Error: (08/19/2014 06:44:52 AM) (Source: DCOM) (EventID: 10010) (User: WSHYANG-DESKTOP)
Description: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (08/19/2014 06:42:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Avira Service Host service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service.

Error: (08/19/2014 06:42:52 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Update service terminated with the following error:
%%2147942403

Error: (08/19/2014 06:42:51 AM) (Source: DCOM) (EventID: 10010) (User: WSHYANG-DESKTOP)
Description: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (08/19/2014 06:40:52 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Update service terminated with the following error:
%%2147942403

Error: (08/19/2014 06:38:24 AM) (Source: DCOM) (EventID: 10016) (User: WSHYANG-DESKTOP)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Wshyang-DesktopWoei ShyangS-1-5-21-1205358742-1771774525-369522282-1001LocalHost (Using LRPC)UnavailableUnavailable

Error: (08/19/2014 06:38:08 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The WMI Performance Adapter service terminated with the following error:
%%2147500037

Error: (08/19/2014 06:38:01 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Update service terminated with the following error:
%%2147942403


Microsoft Office Sessions:
=========================
Error: (08/19/2014 06:43:59 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3009) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl802000000840F0000

Error: (08/19/2014 06:43:59 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3017) (User: NT AUTHORITY)
Description: Last CounterSOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib802000000F30B0000

Error: (08/19/2014 06:42:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Avira.OE.ServiceHost.exe1.0.5218.31571534d5f16ntdll.dll6.3.9600.1711453648f36c00000050001ec8187801cfbb350bf81c8aC:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exeC:\Windows\SYSTEM32\ntdll.dllfdb93a6c-2728-11e4-82d7-00247eaa5933

Error: (08/19/2014 06:42:54 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.AccessViolationException
Stack:
at Avira.OE.AvConnector.Interface.ILicensePlugin.GetLicenseType()
at Avira.OE.AvConnector.AvStatusReporter.GetLicenseType()
at Avira.OE.ServiceHost.ComputerAndServicesInfo.CreateMessagePayload()
at Avira.OE.ServiceHost.UpdateAvailabilityChecker.CheckForUpdate()
at Avira.OE.ServiceHost.UpdateAvailabilityChecker.OnRecurrentUpdateCheck(System.Object)
at System.Threading.TimerQueueTimer.CallCallbackInContext(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.TimerQueueTimer.CallCallback()
at System.Threading.TimerQueueTimer.Fire()
at System.Threading.TimerQueue.FireNextTimers()
at System.Threading.TimerQueue.AppDomainTimerCallback()

Error: (08/19/2014 06:39:40 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 256) (User: )
Description: 3 (0x3)The system cannot find the path specified.

Error: (08/19/2014 06:39:40 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: -1811

Error: (08/19/2014 06:38:05 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3009) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl802000000840F0000

Error: (08/19/2014 06:38:05 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3017) (User: NT AUTHORITY)
Description: Last CounterSOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib802000000F30B0000

Error: (08/19/2014 06:38:01 AM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2014-08-19T06:38:01.630+08:00| vthread-5| E105: Cannot find perfmon object in array returned by perfDLL, index=0

Error: (08/19/2014 06:37:57 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll4


==================== Memory info ===========================

Processor: Intel® Core™ i7 CPU 860 @ 2.80GHz
Percentage of memory in use: 26%
Total physical RAM: 16374.17 MB
Available physical RAM: 12080.79 MB
Total Pagefile: 18806.17 MB
Available Pagefile: 13076.13 MB
Total Virtual: 131072 MB
Available Virtual: 131071.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.23 GB) (Free:185.69 GB) NTFS
Drive d: () (Fixed) (Total:2794.52 GB) (Free:1572.53 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 948C5E59)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: B6C30F9D)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Attached Files


  • 0

#4
Machiavelli
Posted 19 August 2014 - 04:38 AM

Machiavelli

    GeekU Moderator

  • GeekU Moderator
  • 4,722 posts

Hi,
 

Running from C:\users\Woei Shyang\Downloads

Please save all tools on your desktop.

 
Part I: Warnings
 
 

  • Warning I: P2P Warning

IMPORTANT I see, you have one or more P2P (Peer to Peer) programs installed.

1.) You have following P2P program installed: uTorrent
2.) If you download files from non-documented sources per a P2P File sharing Program, you can expect a infection of malware. That isn't good for your PC. A long time ago File-sharing with P2P programs like UTorrent was fairly safe. But at this time it isn't true any more. Of course you can use P2P programs at your own risk, but that is maybe your source of your infection. It would be nice if you read this here. So after reading the text you will recognize why you shouldn't have them.
3.) Please read this reports about the danger of P2P Programs:

4.) I would recommend that you uninstall the above. That would be nice. If you like to uninstall the P2P Program, you can do it via Start >> Control Panel >> Add or Remove Programs
5.) If you want to keep the program on your computer , don't use it while we are fixing your computer!

 
Part II: Uninstalls

 
We need to remove programs using "Programs and Features"

Open Computer and click on the "Computer" tab, then click on Uninstall or Change a Program.

A list of programs installed will be "populated" (this may take a bit of time).
If they exist, uninstall the following by clicking the below entries and selecting "Remove":

uTorrent (optional)

Additional instructions can be found here if needed.
 
 
Part III: Action
 
 
 

Step 1: FRST Fix

  • Please download the attached fixlist.txt file and save it to the same location as FRST

Note: It's important that both files, FRST.exe/FRST64.exe and fixlist.txt are in the same location or the fix will not work
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

  • Run FRST.exe/FRST64.exe and press the Fix button just once and wait
  • If for some reason the tool needs a restart, please make sure you let the system restart normally, then let the tool complete its run
  • When finished, FRST will generate a log (Fixlog.txt) in the same location the tool was run, please post it to your reply

Step 2: Adwarecleaner
 
Please download AdwCleaner (by Xplode) from the link below and save it to your Desktop:
 
Download Mirror #1

  • Right-click on AdwCleaner.exe and select Run as administrator. (If you have Windows XP the just run it)
  • Click Scan and let the scan run.
  • When it finishes, click Clean, following the on screen prompts
  • After your computer reboots, a log will open. Please Copy (Ctrl+C) and Paste (Ctrl+V) this into your next post.
  • Note: The log can also be found in here: C:\AdwCleaner\

Step 3: Junkware Removal Tool (JRT)
 
thisisujrt.gif  Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
     

Step 4: FRST Scan

  • Run FRST. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • Click Scan to start FRST.
  • When FRST finishes scanning, a log, FRST.txt, will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of this log into your next post please.

 

 

Part IV: Reporting back
  

 

In the next post I need to see following log(s):-

  • FRST Fixlog
  • Adwarecleaner Log
  • JRT.txt
  • FRST.txt

Please, also tell me how your computer is running. If you have any issues please tell me in detail what they are.

 
 

Attached Files


  • 0

#5
Biscuithd
Posted 25 August 2014 - 02:12 PM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP