OTL

OTL logfile created on: 14.04.2013 01:41:43 - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Zixuan\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000414 | Country: Norge | Language: NOR | Date Format: dd.MM.yyyy

8,00 Gb Total Physical Memory | 2,78 Gb Available Physical Memory | 34,81% Memory free
8,28 Gb Paging File | 2,67 Gb Available in Paging File | 32,29% Paging File free
Paging file location(s): C:\pagefile.sys 288 2048 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 931,41 Gb Total Space | 43,93 Gb Free Space | 4,72% Space Free | Partition Type: NTFS
Drive D: | 537,69 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS

Computer Name: FILIP-PC | User Name: Zixuan | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

[color=#E56717]========== Processes (SafeList) ==========[/color]

PRC - [2013.04.13 23:01:24 | 000,092,072 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\hl2.exe
PRC - [2013.04.13 22:02:25 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Zixuan\Downloads\OTL.exe
PRC - [2013.04.13 22:02:00 | 000,890,815 | ---- | M] () -- C:\Users\Zixuan\Downloads\SecurityCheck.exe
PRC - [2013.04.12 17:31:03 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2013.03.29 21:53:56 | 001,631,144 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\Steam.exe
PRC - [2013.03.29 21:53:56 | 000,543,656 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe
PRC - [2013.03.23 20:17:50 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.03.23 20:17:23 | 000,385,248 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.03.12 22:57:11 | 001,822,424 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe
PRC - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
PRC - [2013.01.26 08:08:30 | 004,480,768 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Zixuan\AppData\Local\Akamai\netsession_win.exe
PRC - [2012.12.15 22:03:12 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.11.30 23:43:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.11.19 10:57:24 | 000,420,920 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
PRC - [2012.11.15 21:59:44 | 000,527,728 | ---- | M] (AnchorFree Inc.) -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
PRC - [2012.11.15 05:03:24 | 000,389,488 | ---- | M] () -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
PRC - [2012.08.14 10:31:58 | 000,043,624 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
PRC - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.02.23 23:33:32 | 000,071,464 | ---- | M] (Valve Corporation) -- C:\Program Files (x86)\Steam\GameOverlayUI.exe
PRC - [2012.01.17 12:24:10 | 000,055,296 | ---- | M] () -- C:\Windows\SysWOW64\ASGT.exe
PRC - [2011.03.09 15:31:08 | 000,837,008 | ---- | M] (Razer USA Ltd) -- C:\Program Files (x86)\Razer\Lachesis 5600\LachesisSysTray.exe
PRC - [2010.10.18 02:32:10 | 000,020,549 | ---- | M] (Apache Software Foundation) -- C:\xampp\apache\bin\httpd.exe
PRC - [2010.10.18 02:32:10 | 000,020,549 | ---- | M] (Apache Software Foundation) -- c:\xampp\apache\bin\httpd.exe
PRC - [2010.10.18 02:32:10 | 000,020,549 | ---- | M] (Apache Software Foundation) -- C:\xampp\apache\bin\httpd.exe
PRC - [2010.03.25 15:25:20 | 001,108,608 | ---- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe
PRC - [2009.12.28 15:33:02 | 000,096,896 | R--- | M] (ASUSTeK Computer Inc.) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
PRC - [2009.10.26 14:15:56 | 000,375,000 | ---- | M] (DeviceVM, Inc.) -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
PRC - [2009.03.30 16:32:40 | 000,032,768 | R--- | M] () -- C:\Windows\DAODx.exe
PRC - [2009.02.23 05:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
PRC - [2005.07.27 14:16:16 | 000,073,728 | ---- | M] (PGP Corporation) -- C:\Windows\SysWOW64\PGPserv.exe


[color=#E56717]========== Modules (No Company Name) ==========[/color]

MOD - [2013.04.14 01:33:49 | 000,171,432 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\vaudio_speex.dll
MOD - [2013.04.14 01:04:25 | 000,907,688 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\serverbrowser.dll
MOD - [2013.04.14 01:04:21 | 000,075,176 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\vaudio_miles.dll
MOD - [2013.04.14 01:04:06 | 002,064,296 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\GameUI.dll
MOD - [2013.04.14 01:04:02 | 001,868,712 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\replay.dll
MOD - [2013.04.14 01:04:00 | 006,638,504 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\cstrike\bin\server.dll
MOD - [2013.04.14 01:03:57 | 008,738,216 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\cstrike\bin\client.dll
MOD - [2013.04.14 01:03:38 | 000,876,032 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\chromehtml.dll
MOD - [2013.04.14 01:03:37 | 000,565,160 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\stdshader_dx9.dll
MOD - [2013.04.14 01:03:36 | 000,352,680 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\stdshader_dx8.dll
MOD - [2013.04.14 01:03:36 | 000,235,432 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\stdshader_dx6.dll
MOD - [2013.04.14 01:03:36 | 000,167,336 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\stdshader_dx7.dll
MOD - [2013.04.14 01:03:36 | 000,154,536 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\stdshader_dbg.dll
MOD - [2013.04.14 01:03:15 | 000,155,232 | -H-- | M] () -- C:\Users\Zixuan\AppData\Local\Temp\~4D0A.tmp
MOD - [2013.04.13 23:01:26 | 000,192,440 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\avformat-53.dll
MOD - [2013.04.13 23:01:26 | 000,153,088 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\mssvoice.asi
MOD - [2013.04.13 23:01:25 | 000,171,432 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\vstdlib.dll
MOD - [2013.04.13 23:01:24 | 000,092,072 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\hl2.exe
MOD - [2013.04.13 23:01:24 | 000,078,248 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\scenefilecache.dll
MOD - [2013.04.13 23:01:23 | 020,321,192 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\libcef.dll
MOD - [2013.04.13 23:01:23 | 000,261,032 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\tier0.dll
MOD - [2013.04.13 23:01:23 | 000,129,448 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\video_quicktime.dll
MOD - [2013.04.13 23:01:23 | 000,108,968 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\video_bink.dll
MOD - [2013.04.13 23:01:16 | 000,071,680 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\mssmp3.asi
MOD - [2013.04.13 23:01:15 | 001,101,240 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\avcodec-53.dll
MOD - [2013.04.13 23:01:05 | 000,096,680 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\video_services.dll
MOD - [2013.04.13 23:00:55 | 000,524,200 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\studiorender.dll
MOD - [2013.04.13 23:00:52 | 000,165,800 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\launcher.dll
MOD - [2013.04.13 22:02:00 | 000,890,815 | ---- | M] () -- C:\Users\Zixuan\Downloads\SecurityCheck.exe
MOD - [2013.04.12 20:21:06 | 004,273,064 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\engine.dll
MOD - [2013.04.12 20:21:06 | 001,615,272 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\shaderapidx9.dll
MOD - [2013.04.12 20:21:06 | 001,355,176 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\vguimatsurface.dll
MOD - [2013.04.12 20:21:06 | 001,147,816 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\materialsystem.dll
MOD - [2013.04.12 20:21:06 | 000,914,344 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\vphysics.dll
MOD - [2013.04.12 20:21:06 | 000,360,360 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\vgui2.dll
MOD - [2013.04.12 20:21:06 | 000,339,368 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\filesystem_steam.dll
MOD - [2013.04.12 20:21:06 | 000,239,016 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\datacache.dll
MOD - [2013.04.12 20:21:06 | 000,126,376 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\soundemittersystem.dll
MOD - [2013.04.12 20:21:06 | 000,124,856 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\avutil-51.dll
MOD - [2013.04.12 20:21:06 | 000,109,992 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\inputsystem.dll
MOD - [2013.04.12 20:21:06 | 000,070,056 | ---- | M] () -- c:\program files (x86)\steam\steamapps\eslpro1717\counter-strike source\bin\unicode.dll
MOD - [2013.04.12 17:31:03 | 003,133,336 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2013.03.29 21:53:56 | 001,114,024 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\chromehtml.DLL
MOD - [2013.03.27 02:16:40 | 020,341,672 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\libcef.dll
MOD - [2013.03.26 00:23:34 | 000,651,776 | ---- | M] () -- C:\Program Files (x86)\Steam\SDL2.dll
MOD - [2013.03.12 22:57:11 | 014,717,144 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
MOD - [2012.12.11 19:51:10 | 001,100,800 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avcodec-53.dll
MOD - [2012.12.11 19:51:10 | 000,192,000 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avformat-53.dll
MOD - [2012.12.11 19:51:10 | 000,124,416 | ---- | M] () -- C:\Program Files (x86)\Steam\bin\avutil-51.dll
MOD - [2012.11.29 23:59:32 | 000,093,696 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2012.11.19 10:57:24 | 000,420,920 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
MOD - [2012.11.08 15:25:04 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
MOD - [2012.11.08 15:23:26 | 000,339,968 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
MOD - [2012.11.08 15:12:20 | 000,229,376 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTCore.dll
MOD - [2012.11.08 15:08:28 | 000,143,360 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTUI.dll
MOD - [2012.11.08 15:06:28 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTFC.dll
MOD - [2012.04.30 09:55:48 | 000,026,112 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\swresample-0.dll
MOD - [2012.04.30 09:55:45 | 008,358,400 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
MOD - [2012.04.30 09:55:45 | 001,152,512 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
MOD - [2012.04.30 09:55:45 | 000,333,824 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
MOD - [2012.04.30 09:55:45 | 000,151,040 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-51.dll
MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011.05.13 06:46:02 | 000,498,760 | ---- | M] () -- C:\Program Files (x86)\ManyCam\Bin\cximagecrt.dll
MOD - [2011.04.30 17:04:54 | 000,013,312 | ---- | M] () -- C:\Program Files (x86)\MSI Afterburner\RTTSH.dll
MOD - [2010.02.08 18:19:52 | 000,053,248 | ---- | M] () -- C:\Program Files (x86)\ASUS\TurboV EVO\HookKey32.dll
MOD - [2009.09.30 05:33:07 | 000,024,576 | R--- | M] () -- C:\Windows\SysWOW64\AsIO.dll
MOD - [2009.06.27 11:11:12 | 000,503,202 | ---- | M] () -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
MOD - [2009.03.30 16:32:40 | 000,032,768 | R--- | M] () -- C:\Windows\DAODx.exe
MOD - [2008.12.10 21:04:54 | 000,253,952 | ---- | M] () -- C:\Program Files (x86)\ASUS\TurboV EVO\pngio.dll


[color=#E56717]========== Services (SafeList) ==========[/color]

SRV:[b]64bit:[/b] - [2008.07.29 14:20:28 | 004,737,024 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe -- (msvsmon90)
SRV - [2013.04.12 17:31:03 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.03.29 21:53:56 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.03.23 20:17:50 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.03.23 20:17:24 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.03.21 18:54:37 | 004,561,152 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_ca0e279.dll -- (Akamai)
SRV - [2013.03.12 22:57:11 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012.12.15 22:03:12 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.12.04 19:13:34 | 000,008,704 | ---- | M] (Hi-Rez Studios) [Auto | Running] -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe -- (HiPatchService)
SRV - [2012.12.03 17:47:14 | 001,259,880 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.11.30 23:43:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.11.17 00:02:32 | 000,443,760 | ---- | M] (AnchorFree Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe -- (HssSrv)
SRV - [2012.11.15 21:59:44 | 000,527,728 | ---- | M] (AnchorFree Inc.) [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe -- (hshld)
SRV - [2012.11.15 05:03:24 | 000,389,488 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe -- (HssWd)
SRV - [2012.11.15 03:40:58 | 000,078,072 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE -- (HssTrayService)
SRV - [2012.11.09 13:12:16 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.08.14 10:31:58 | 000,043,624 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe -- (ADExchange)
SRV - [2012.07.27 22:51:26 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.06.17 09:52:14 | 000,098,576 | ---- | M] (SANDBOXIE L.T.D) [Auto | Stopped] -- C:\Programfiler\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV - [2012.03.14 11:32:08 | 000,010,240 | ---- | M] (SeriousBit) [Auto | Running] -- C:\Programfiler\NetBalancer\SeriousBit.NetBalancer.Service.exe -- (NetBalancerService)
SRV - [2012.01.17 12:24:10 | 000,055,296 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\ASGT.exe -- (ASGT)
SRV - [2011.09.08 18:48:36 | 006,583,160 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Programfiler\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2011.09.08 18:48:36 | 000,528,760 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Programfiler\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV - [2011.03.28 21:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programfiler\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2011.03.02 17:20:58 | 000,224,256 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe -- (DirMngr)
SRV - [2011.01.15 04:20:04 | 000,415,072 | ---- | M] () [Disabled | Stopped] -- C:\Program Files (x86)\Dyyno\Dyyno Broadcaster\launcherd.exe -- (Dyyno Launcher)
SRV - [2010.12.03 20:18:12 | 008,133,120 | ---- | M] () [Disabled | Stopped] -- c:\xampp\mysql\bin\mysqld.exe -- (mysql)
SRV - [2010.10.18 02:32:10 | 000,020,549 | ---- | M] (Apache Software Foundation) [Auto | Running] -- c:\xampp\apache\bin\httpd.exe -- (Apache2.2)
SRV - [2010.10.17 21:38:42 | 000,742,912 | ---- | M] (FileZilla Project) [Disabled | Stopped] -- c:\xampp\FileZillaFTP\FileZillaServer.exe -- (FileZilla Server)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 22:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programfiler\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.09 22:20:56 | 000,174,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programfiler\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64)
SRV - [2009.12.28 15:33:02 | 000,096,896 | R--- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe -- (AsSysCtrlService)
SRV - [2009.10.26 14:16:00 | 000,223,464 | ---- | M] (DeviceVM, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe -- (BCUService)
SRV - [2009.09.21 10:48:10 | 000,954,368 | ---- | M] (Wireless) [Disabled | Stopped] -- C:\Program Files (x86)\TP-LINK\QSS\jswpsapi.exe -- (jswpsapi)
SRV - [2009.09.21 10:48:10 | 000,265,216 | ---- | M] (Wireless) [Auto | Running] -- C:\Program Files (x86)\TP-LINK\QSS\jswpbapi.exe -- (jswpbapi)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.02.23 05:43:56 | 000,307,200 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2008.07.10 06:31:10 | 000,157,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programfiler\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2005.07.27 14:16:16 | 000,073,728 | ---- | M] (PGP Corporation) [Auto | Running] -- C:\Windows\SysWOW64\PGPserv.exe -- (PGPserv)
SRV - [2002.01.01 21:37:24 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2002.01.01 21:36:49 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)


[color=#E56717]========== Driver Services (SafeList) ==========[/color]

DRV:[b]64bit:[/b] - [2013.03.23 20:18:04 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:[b]64bit:[/b] - [2013.03.23 20:18:04 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:[b]64bit:[/b] - [2013.03.23 20:18:03 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:[b]64bit:[/b] - [2012.11.15 03:38:20 | 000,040,712 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:[b]64bit:[/b] - [2012.11.07 09:49:46 | 000,113,664 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzudd.sys -- (rzudd)
DRV:[b]64bit:[/b] - [2012.11.07 09:49:46 | 000,022,016 | ---- | M] (Razer USA Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rzendpt.sys -- (rzendpt)
DRV:[b]64bit:[/b] - [2012.07.27 03:33:28 | 000,015,208 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvflash.sys -- (NVFLASH)
DRV:[b]64bit:[/b] - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:[b]64bit:[/b] - [2012.02.15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:[b]64bit:[/b] - [2012.01.17 14:45:56 | 000,188,224 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:[b]64bit:[/b] - [2011.09.08 18:49:36 | 000,013,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacmoumonitor.sys -- (wacmoumonitor)
DRV:[b]64bit:[/b] - [2011.09.06 11:10:28 | 000,177,920 | ---- | M] (HID Global Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\cxbu0x64.sys -- (cxbu0x64)
DRV:[b]64bit:[/b] - [2011.08.01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:[b]64bit:[/b] - [2011.06.07 14:44:16 | 000,040,128 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:[b]64bit:[/b] - [2011.05.18 16:57:32 | 000,041,256 | ---- | M] (SeriousBit) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nbdrv.sys -- (Nbdrv)
DRV:[b]64bit:[/b] - [2011.04.11 22:01:00 | 000,341,832 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ladfGSRamd64.sys -- (LADF_RenderOnly)
DRV:[b]64bit:[/b] - [2011.04.11 22:00:18 | 000,410,184 | ---- | M] (Logitech) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ladfGSCamd64.sys -- (LADF_CaptureOnly)
DRV:[b]64bit:[/b] - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:[b]64bit:[/b] - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:[b]64bit:[/b] - [2010.11.09 15:35:24 | 000,021,992 | ---- | M] (CPUID) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\cpuz135_x64.sys -- (cpuz135)
DRV:[b]64bit:[/b] - [2010.09.29 12:34:50 | 000,377,176 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ladfSBVMamd64.sys -- (LADF_SBVM)
DRV:[b]64bit:[/b] - [2010.09.29 12:34:48 | 000,062,168 | ---- | M] (Logitech) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ladfDHP2amd64.sys -- (LADF_DHP2)
DRV:[b]64bit:[/b] - [2010.09.22 21:19:02 | 000,056,832 | ---- | M] (AnchorFree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HssDrv.sys -- (HssDrv)
DRV:[b]64bit:[/b] - [2010.09.22 21:19:02 | 000,037,888 | ---- | M] (AnchorFree Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\taphss.sys -- (taphss)
DRV:[b]64bit:[/b] - [2010.04.12 10:55:00 | 000,091,568 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:[b]64bit:[/b] - [2010.03.17 12:24:00 | 000,401,696 | ---- | M] (Marvell) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:[b]64bit:[/b] - [2010.03.02 13:30:20 | 001,301,504 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:[b]64bit:[/b] - [2010.02.23 08:46:36 | 000,023,680 | ---- | M] (ASUSTeK Computer Inc.) [Kernel | Disabled | Running] -- C:\Windows\SysNative\drivers\IOMap64.sys -- (IOMap)
DRV:[b]64bit:[/b] - [2010.01.27 18:25:42 | 001,584,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:[b]64bit:[/b] - [2010.01.22 13:22:22 | 000,180,224 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:[b]64bit:[/b] - [2010.01.22 13:22:18 | 000,077,824 | ---- | M] (NEC Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:[b]64bit:[/b] - [2009.11.24 03:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:[b]64bit:[/b] - [2009.11.24 03:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:[b]64bit:[/b] - [2009.10.29 10:14:38 | 000,115,824 | ---- | M] (JMicron Technology Corp.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\jraid.sys -- (JRAID)
DRV:[b]64bit:[/b] - [2009.10.19 15:45:54 | 000,039,480 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:[b]64bit:[/b] - [2009.09.22 01:29:22 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:[b]64bit:[/b] - [2009.07.31 05:40:34 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMfilt64.sys -- (VMfilt)
DRV:[b]64bit:[/b] - [2009.07.16 05:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:[b]64bit:[/b] - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:[b]64bit:[/b] - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:[b]64bit:[/b] - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:[b]64bit:[/b] - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:[b]64bit:[/b] - [2009.06.10 22:35:36 | 000,867,328 | ---- | M] (Ralink Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netr28ux.sys -- (netr28ux)
DRV:[b]64bit:[/b] - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:[b]64bit:[/b] - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:[b]64bit:[/b] - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:[b]64bit:[/b] - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:[b]64bit:[/b] - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:[b]64bit:[/b] - [2008.03.13 09:46:00 | 000,027,136 | ---- | M] (ManyCam LLC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ManyCam_x64.sys -- (ManyCam)
DRV:[b]64bit:[/b] - [2007.02.16 21:12:36 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2012.11.19 10:57:24 | 000,013,368 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Program Files (x86)\MSI Afterburner\RTCore64.sys -- (RTCore64)
DRV - [2012.06.17 09:52:12 | 000,166,576 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Stopped] -- C:\Programfiler\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.07.27 14:27:04 | 000,217,600 | ---- | M] (PGP Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysWow64\drivers\PGPdisk.sys -- (PGPdisk)
DRV - [2005.07.27 14:23:12 | 000,038,400 | ---- | M] (PGP Corporation) [Kernel | Auto | Stopped] -- C:\Windows\SysWOW64\drivers\PGPsdk.sys -- (PGPsdkDriver)


[color=#E56717]========== Standard Registry (SafeList) ==========[/color]


[color=#E56717]========== Internet Explorer ==========[/color]

IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/pivotstickfigure/{4561B033-1BEF-4574-B66D-736830ABC523}
IE - HKLM\..\URLSearchHook: {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1060933

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?l=dis&o=14672
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://no.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = no
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 27 63 65 0D 44 EB CC 01  [binary data]
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - No CLSID value found
IE - HKCU\..\URLSearchHook: {687578b9-7132-4a7a-80e4-30ee31099e03} - No CLSID value found
IE - HKCU\..\URLSearchHook: {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {8C81CCA6-6B4D-4c58-A7C1-8001998E44FA}
IE - HKCU\..\SearchScopes\{0388404D-6072-4CEB-B521-8F090FEAEE57}: "URL" = http://klit.startnow.com/s/?q={searchTerms}&src=defsearch&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=NO&install_date=20120222&user_guid=653B8F024F3342829AFA6B07B49B0089&machine_id=0bf69499f50a930db30a5b6390cbab80&browser=IE&os=win&os_version=6.1-x64-SP0&iesrc={referrer:source}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{5A265228-B0D1-4E85-AA41-534443CBF783}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3289075&CUI=UN30963611281292657&UM=1
IE - HKCU\..\SearchScopes\{8C81CCA6-6B4D-4c58-A7C1-8001998E44FA}: "URL" = http://no.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
IE - HKCU\..\SearchScopes\{C72EC264-D61E-4FEE-A47F-46893AE3454A}: "URL" = http://websearch.ask.com/redirect?client=ie&tb=ATU&o=14670&src=crm&q={searchTerms}&locale=&apn_ptnrs=T8&apn_dtid=YYYYYYYYNO&apn_uid=80d0253b-be96-4218-99ca-99accecf7e39&apn_sauid=EEF55BDB-1305-438D-BDBE-6CE20D64EC2A
IE - HKCU\..\SearchScopes\{DA94C56E-0D50-486e-AEAE-7B3A2684D1C7}: "URL" = http://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5369970905&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=no&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>

[color=#E56717]========== FireFox ==========[/color]

FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledAddons: %7B99210d54-6321-41e8-bd1b-2b4c55874efb%7D:1.36
FF - prefs.js..extensions.enabledAddons: 714cb7478d98b1cb51d1f5f515f060c7%40link.codefisher.org:1.1
FF - prefs.js..extensions.enabledAddons: %7B81BF1D23-5F17-408D-AC6B-BD6DF7CAF670%7D:8.3.0
FF - prefs.js..extensions.enabledAddons: %7B4de46b94-1b91-474a-9ae5-6074f86ef7e9%7D:6.0%20PR1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1
FF - prefs.js..keyword.URL: "http://klit.startnow.com/s/?src=addrbar&provider=&provider_name=yahoo&provider_code=&partner_id=693&product_id=741&affiliate_id=&channel=&toolbar_id=200&toolbar_version=2.4.0&install_country=NO&install_date=20120222&user_guid=653B8F024F3342829AFA6B07B49B0089&machine_id=0bf69499f50a930db30a5b6390cbab80&browser=FF&os=win&os_version=6.1-x64-SP0&q="
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.17.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.10: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.4: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.0.0.1: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@3dmapview.myvr-software.com/myvrnpapi,version=2.000: C:\Users\Zixuan\AppData\Local\myVRnpapi\npmyvr.dll ()
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Zixuan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Zixuan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.12 17:31:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.12 17:31:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.12 17:31:03 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.12 17:31:01 | 000,000,000 | ---D | M]

[2012.02.14 17:28:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zixuan\AppData\Roaming\mozilla\Extensions
[2013.04.05 18:10:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Zixuan\AppData\Roaming\mozilla\Firefox\Profiles\t7npwg94.default\extensions
[2012.02.22 02:39:13 | 000,000,000 | ---D | M] (StartNow Toolbar) -- C:\Users\Zixuan\AppData\Roaming\mozilla\Firefox\Profiles\t7npwg94.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
[2013.03.04 21:21:25 | 000,000,000 | ---D | M] (uTorrentControl2 Community Toolbar) -- C:\Users\Zixuan\AppData\Roaming\mozilla\Firefox\Profiles\t7npwg94.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}
[2013.04.05 18:10:35 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\Zixuan\AppData\Roaming\mozilla\Firefox\Profiles\t7npwg94.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2013.03.25 20:13:55 | 000,000,000 | ---D | M] (uTorrentControl_v6) -- C:\Users\Zixuan\AppData\Roaming\mozilla\Firefox\Profiles\t7npwg94.default\extensions\{96f454ea-9d38-474f-b504-56193e00c1a5}
[2013.04.04 16:50:11 | 000,000,000 | ---D | M] ("Tumblr Post") -- C:\Users\Zixuan\AppData\Roaming\mozilla\Firefox\Profiles\t7npwg94.default\extensions\{99210d54-6321-41e8-bd1b-2b4c55874efb}
[2013.04.04 16:50:11 | 000,007,141 | ---- | M] () (No name found) -- C:\Users\Zixuan\AppData\Roaming\mozilla\firefox\profiles\t7npwg94.default\extensions\714cb7478d98b1cb51d1f5f515f060c7@link.codefisher.org.xpi
[2012.02.28 22:52:15 | 000,011,510 | ---- | M] () (No name found) -- C:\Users\Zixuan\AppData\Roaming\mozilla\firefox\profiles\t7npwg94.default\extensions\youtube2mp3@mondayx.de.xpi
[2013.04.05 18:10:35 | 000,020,066 | ---- | M] () (No name found) -- C:\Users\Zixuan\AppData\Roaming\mozilla\firefox\profiles\t7npwg94.default\extensions\{4de46b94-1b91-474a-9ae5-6074f86ef7e9}.xpi
[2013.03.24 17:38:08 | 000,817,280 | ---- | M] () (No name found) -- C:\Users\Zixuan\AppData\Roaming\mozilla\firefox\profiles\t7npwg94.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.02.28 17:36:18 | 000,269,007 | ---- | M] () (No name found) -- C:\Users\Zixuan\AppData\Roaming\mozilla\firefox\profiles\t7npwg94.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2011.05.17 14:12:44 | 000,002,333 | ---- | M] () -- C:\Users\Zixuan\AppData\Roaming\mozilla\firefox\profiles\t7npwg94.default\searchplugins\askcom.xml
[2012.02.22 02:39:13 | 000,001,390 | ---- | M] () -- C:\Users\Zixuan\AppData\Roaming\mozilla\firefox\profiles\t7npwg94.default\searchplugins\yahoo-zugo.xml
[2013.04.12 17:31:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.04.12 17:31:00 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.04.12 17:31:00 | 000,000,000 | ---D | M] (Hotspot Shield Helper (Please allow this installation)) -- C:\Program Files (x86)\mozilla firefox\extensions\afurladvisor@anchorfree.com
[2013.04.12 17:31:03 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.01.12 10:58:30 | 000,917,816 | ---- | M] (BitComet) -- C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll
[2011.12.09 19:23:32 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2013.02.27 18:58:52 | 000,001,738 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazon-en-GB.xml
[2013.02.27 18:58:52 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.02.27 18:58:52 | 000,001,431 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bok-NO.xml
[2013.02.27 18:58:52 | 000,001,181 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\qxl-NO.xml
[2013.02.27 18:58:52 | 000,001,416 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\telefonkatalogen-NO.xml
[2013.02.27 18:58:52 | 000,001,389 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-NO.xml
[2013.02.27 18:58:52 | 000,001,405 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-NO.xml

[color=#E56717]========== Chrome  ==========[/color]

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage:
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: BitCometAgent (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npBitCometAgent.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll
CHR - plugin: Java Deployment Toolkit 7.0.70.11 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U7 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Pando Web Plugin (Enabled) = C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
CHR - plugin: WacomTabletPlugin (Enabled) = C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
CHR - plugin:  Wacom Dynamic Link Library (Enabled) = C:\Program Files (x86)\TabletPlugins\npwacom.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Zixuan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Zixuan\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Zixuan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: myVR 3D Framework (Enabled) = C:\Users\Zixuan\AppData\Local\myVRnpapi\npmyvr.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
CHR - plugin: Windows Activation Technologies (Enabled) = C:\Windows\system32\Wat\npWatWeb.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - Extension: Google Drive = C:\Users\Zixuan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Zixuan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: uTorrentControl_v6 = C:\Users\Zixuan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cflheckfmhopnialghigdlggahiomebp\10.15.0.562_0\
CHR - Extension: Google Search = C:\Users\Zixuan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: TumblrHelper = C:\Users\Zixuan\AppData\Local\Google\Chrome\User Data\Default\Extensions\okedoojhfbgmhdkfgojckbbhbffcoihm\0.0.5_0\
CHR - Extension: Gmail = C:\Users\Zixuan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

Hosts file not found
O2:[b]64bit:[/b] - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:[b]64bit:[/b] - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programfiler\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:[b]64bit:[/b] - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll (AnchorFree Inc.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (uTorrentControl_v6 Toolbar) - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll (Conduit Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Hotspot Shield Class) - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
O2 - BHO: (SMTTB2009 Class) - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Pivot Stickfigure DB Toolbar\tbcore3.dll ()
O3 - HKLM\..\Toolbar: (no name) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - No CLSID value found.
O3 - HKLM\..\Toolbar: (uTorrentControl_v6 Toolbar) - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {687578B9-7132-4A7A-80E4-30EE31099E03} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentControl_v6 Toolbar) - {96F454EA-9D38-474F-B504-56193E00C1A5} - C:\Program Files (x86)\uTorrentControl_v6\prxtbuTor.dll (Conduit Ltd.)
O4:[b]64bit:[/b] - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:[b]64bit:[/b] - HKLM..\Run: [Logitech Download Assistant] C:\Windows\SysNative\LogiLDA.dll (Logitech, Inc.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BCU] C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe (DeviceVM, Inc.)
O4 - HKLM..\Run: [Razer Lachesis Driver] C:\Program Files (x86)\Razer\Lachesis 5600\LachesisSysTray.exe (Razer USA Ltd)
O4 - HKLM..\Run: [Razer Synapse] C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Razer USA Ltd)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Zixuan\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [uTorrent] C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent, Inc.)
O4 - HKLM..\RunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programfiler\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programfiler\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programfiler\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWow64\PGPlsp.dll (PGP Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWow64\PGPlsp.dll (PGP Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWow64\PGPlsp.dll (PGP Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Windows\SysWow64\PGPlsp.dll (PGP Corporation)
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Java Plug-in 1.6.0_23)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 1.6.0_32)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab (Java Plug-in 10.17.2)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (Reg Error: Key error.)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 130.67.15.198 193.213.112.4 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0665572D-0A3F-441A-A4B2-9FEF56BA336E}: DhcpNameServer = 193.213.112.4 130.67.15.198
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2AD8EA00-C636-479B-895D-7D59820857B4}: DhcpNameServer = 130.67.15.198 193.213.112.4 10.0.0.138
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C5E6D0D0-A76F-4934-9D59-A027C7C2C862}: DhcpNameServer = 8.8.8.8
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programfiler\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype4com - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gopher - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:[b]64bit:[/b] - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programfiler\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\System32\guard64.dll) -  File not found
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011.06.17 04:59:39 | 000,000,044 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O32 - AutoRun File - [2011.10.24 05:06:52 | 000,000,000 | ---D | M] - D:\Autokey utility -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = ComFile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]

[2013.04.13 20:53:59 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\AppData\Local\Ashisoft
[2013.04.13 20:53:44 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\AppData\Roaming\Ashisoft
[2013.04.13 20:53:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate Finder
[2013.04.13 20:53:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Duplicate Finder
[2013.04.12 21:43:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
[2013.04.12 21:43:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Warcraft
[2013.04.12 19:11:38 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\Documents\Euro Truck Simulator 2
[2013.04.12 19:11:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2
[2013.04.12 19:10:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Euro Truck Simulator 2
[2013.04.12 17:31:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.04.11 18:53:07 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\AppData\Local\SCE
[2013.04.11 02:15:28 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.04.11 02:15:28 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.04.11 02:15:28 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.04.11 02:15:27 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.04.11 02:15:27 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.04.11 02:15:27 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.04.11 02:15:27 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.04.11 02:15:27 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.04.11 02:15:27 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.04.11 02:15:27 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.04.11 02:15:27 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.04.11 02:15:27 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.04.11 02:15:26 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.04.11 02:15:26 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.04.11 02:15:26 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.04.10 22:29:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2013.04.10 15:48:28 | 003,138,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013.04.10 15:48:28 | 002,691,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013.04.10 15:48:28 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013.04.10 15:48:28 | 000,131,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013.04.10 15:48:27 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013.04.10 15:48:27 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013.04.10 15:47:50 | 005,497,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.04.10 15:47:49 | 003,958,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.04.10 15:47:49 | 003,902,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.04.10 15:47:49 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2013.04.10 15:47:49 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.04.10 15:47:49 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.04.04 13:14:30 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\AppData\Roaming\ArcSoft
[2013.04.04 13:14:13 | 000,000,000 | ---D | C] -- C:\ProgramData\ArcSoft
[2013.04.04 13:14:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft MediaConverter 8
[2013.04.04 13:14:12 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\AppData\Local\ArcSoft
[2013.04.04 13:14:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ArcSoft
[2013.04.04 13:13:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ArcSoft
[2013.04.04 13:12:20 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\AppData\Local\TechSmith
[2013.04.04 13:12:09 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\AppData\Roaming\TechSmith
[2013.04.04 13:12:06 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\Documents\Camtasia Studio
[2013.04.04 13:07:29 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\AppData\Local\fontconfig
[2013.04.04 13:07:28 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\AppData\Local\gegl-0.2
[2013.04.04 13:07:28 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\.gimp-2.8
[2013.04.04 13:06:20 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2013.04.03 23:41:50 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\Desktop\forberedelse
[2013.04.03 14:20:10 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\AppData\Roaming\PerformerSoft
[2013.04.03 14:20:10 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\AppData\Roaming\File Scout
[2013.04.03 14:20:09 | 000,019,632 | ---- | C] (PerformerSoft LLC) -- C:\Windows\SysNative\roboot64.exe
[2013.04.03 14:20:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Axife Mouse Recorder DEMO
[2013.04.03 14:20:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Axife Mouse Recorder DEMO
[2013.04.03 14:19:52 | 000,887,228 | ---- | C] (Axife Software                                              ) -- C:\Users\Zixuan\Desktop\amr501dm.exe
[2013.04.01 18:16:25 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\Documents\Bioshock
[2013.04.01 18:16:25 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\AppData\Roaming\Bioshock
[2013.04.01 18:13:58 | 000,000,000 | RH-D | C] -- C:\Users\Zixuan\AppData\Roaming\SecuROM
[2013.03.30 19:31:45 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\Documents\Workspace Macro
[2013.03.30 19:27:14 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\Documents\iMacros
[2013.03.29 21:15:08 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.03.29 21:14:58 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.03.28 23:55:40 | 000,000,000 | --SD | C] -- C:\Users\Zixuan\Documents\Mabinogi
[2013.03.28 22:57:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Nexon
[2013.03.28 22:02:45 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\Documents\Vindictus
[2013.03.28 22:02:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\BandiMPEG1
[2013.03.28 21:55:59 | 000,000,000 | ---D | C] -- C:\ProgramData\NexonUS
[2013.03.26 05:11:37 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\AppData\Roaming\Downloaded Installations
[2013.03.26 02:11:15 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013.03.26 00:11:43 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\AppData\Local\4kdownload.com
[2013.03.26 00:05:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download
[2013.03.26 00:05:43 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\AppData\Roaming\OpenCandy
[2013.03.26 00:05:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\4KDownload
[2013.03.24 19:20:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrentControl_v6
[2013.03.24 18:37:18 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\AppData\Local\Logitech
[2013.03.24 18:37:16 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\AppData\Roaming\Leadertech
[2013.03.24 18:36:30 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech Gaming Software
[2013.03.24 18:35:44 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\AppData\Roaming\Logitech
[2013.03.24 18:35:44 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\AppData\Roaming\Logishrd
[2013.03.23 20:20:11 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\AppData\Roaming\Avira
[2013.03.23 20:19:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.03.23 20:19:04 | 000,129,216 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.03.23 20:19:04 | 000,099,912 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.03.23 20:19:04 | 000,027,800 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.03.23 20:19:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2013.03.23 20:14:08 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\AppData\Local\Programs
[2013.03.23 19:31:40 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\AppData\Local\SKIDROW
[2013.03.23 19:31:40 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\AppData\Local\Darksiders2
[2013.03.23 19:28:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\THQ
[2013.03.23 17:39:15 | 000,000,000 | ---D | C] -- C:\Users\Zixuan\Documents\PCSX2
[2013.03.23 17:38:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
[2013.03.23 17:38:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCSX2 1.0.0
[2013.03.23 00:52:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit
[2013.03.23 00:52:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SplitMediaLabs
[2011.10.06 17:01:19 | 000,411,016 | ---- | C] (Valve Corporation) -- C:\Users\Zixuan\SteamService.exe
[2011.10.06 17:01:18 | 000,355,920 | ---- | C] (Valve Corporation) -- C:\Users\Zixuan\Setup.exe
[2011.06.10 23:14:22 | 000,378,880 | ---- | C] (Install.exe) -- C:\Users\Zixuan\install.exe
[2009.01.07 23:10:00 | 000,075,264 | ---- | C] (Zlib) -- C:\Users\Zixuan\zlib1.dll
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]

[2013.04.14 01:44:01 | 000,000,992 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.04.14 01:19:03 | 000,001,026 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-883944342-2908253377-3026506034-1009UA.job
[2013.04.14 01:19:01 | 000,001,004 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-883944342-2908253377-3026506034-1009Core.job
[2013.04.14 00:57:09 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.14 00:48:00 | 000,001,002 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-883944342-2908253377-3026506034-1000UA.job
[2013.04.13 22:48:03 | 000,001,109 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2013.04.13 22:45:54 | 000,007,634 | ---- | M] () -- C:\Users\Zixuan\AppData\Local\Resmon.ResmonCfg
[2013.04.13 22:21:59 | 000,020,320 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.13 22:21:59 | 000,020,320 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.13 22:19:17 | 001,538,748 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.13 22:19:17 | 000,717,462 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.13 22:19:17 | 000,557,806 | ---- | M] () -- C:\Windows\SysNative\perfh014.dat
[2013.04.13 22:19:17 | 000,145,484 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.13 22:19:17 | 000,118,686 | ---- | M] () -- C:\Windows\SysNative\perfc014.dat
[2013.04.13 22:13:27 | 000,000,988 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.04.13 22:12:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.13 22:11:37 | 2146,045,951 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.13 22:08:02 | 000,000,512 | ---- | M] () -- C:\Users\Zixuan\Documents\MBR.dat
[2013.04.12 21:43:37 | 000,001,238 | ---- | M] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2013.04.12 19:11:38 | 000,001,332 | ---- | M] () -- C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk
[2013.04.12 18:20:04 | 000,281,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2013.04.12 18:20:04 | 000,281,768 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2013.04.11 18:12:23 | 004,990,424 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.10 15:48:00 | 000,000,950 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-883944342-2908253377-3026506034-1000Core.job
[2013.04.09 23:39:45 | 000,000,226 | ---- | M] () -- C:\Users\Zixuan\Desktop\DefCon 15 - T112 - No-Tech Hackingav basic204Fremhevede 96 541.URL
[2013.04.05 17:27:24 | 000,001,684 | ---- | M] () -- C:\Users\Zixuan\AppData\Local\recently-used.xbel
[2013.04.04 14:50:32 | 000,025,928 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.04.04 13:14:12 | 000,001,215 | ---- | M] () -- C:\Users\Public\Desktop\MediaConverter 8.lnk
[2013.04.03 23:56:31 | 016,563,467 | ---- | M] () -- C:\Users\Zixuan\Desktop\forberedelse.rar
[2013.04.03 23:09:37 | 000,219,202 | ---- | M] () -- C:\Users\Zixuan\Documents\reklame presentasjon.odp
[2013.04.03 14:20:01 | 000,001,016 | ---- | M] () -- C:\Users\Zixuan\Desktop\Axife Mouse Recorder DEMO.lnk
[2013.04.03 14:19:53 | 000,887,228 | ---- | M] (Axife Software                                              ) -- C:\Users\Zixuan\Desktop\amr501dm.exe
[2013.03.29 21:14:50 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll
[2013.03.29 21:14:50 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.03.29 21:14:50 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.03.29 21:14:50 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.03.29 21:14:50 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.03.29 21:14:50 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.03.26 00:05:46 | 000,001,246 | ---- | M] () -- C:\Users\Zixuan\Desktop\4K Video Downloader.lnk
[2013.03.25 22:55:00 | 000,001,090 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.03.24 19:20:26 | 000,000,943 | ---- | M] () -- C:\Users\Public\Desktop\µTorrent.lnk
[2013.03.23 20:19:14 | 000,002,066 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.03.23 20:18:04 | 000,129,216 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.03.23 20:18:04 | 000,027,800 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.03.23 20:18:03 | 000,099,912 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.03.23 19:29:02 | 000,002,049 | ---- | M] () -- C:\Users\Public\Desktop\Darksiders II.lnk
[2013.03.23 17:38:57 | 000,001,985 | ---- | M] () -- C:\Users\Public\Desktop\PCSX2 1.0.0 (r5350).lnk
[2013.03.19 08:19:35 | 005,497,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.03.19 07:54:37 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll
[2013.03.19 07:06:09 | 003,958,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.03.19 07:06:09 | 003,902,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.03.19 06:53:45 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll
[2013.03.19 05:19:03 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

[color=#E56717]========== Files Created - No Company Name ==========[/color]

[2013.04.13 22:08:02 | 000,000,512 | ---- | C] () -- C:\Users\Zixuan\Documents\MBR.dat
[2013.04.12 21:43:34 | 000,001,238 | ---- | C] () -- C:\Users\Public\Desktop\World of Warcraft.lnk
[2013.04.12 19:12:22 | 000,015,208 | ---- | C] () -- C:\Windows\SysNative\drivers\nvflash.sys
[2013.04.12 19:11:38 | 000,001,332 | ---- | C] () -- C:\Users\Public\Desktop\Euro Truck Simulator 2.lnk
[2013.04.09 23:39:45 | 000,000,226 | ---- | C] () -- C:\Users\Zixuan\Desktop\DefCon 15 - T112 - No-Tech Hackingav basic204Fremhevede 96 541.URL
[2013.04.05 17:27:24 | 000,001,684 | ---- | C] () -- C:\Users\Zixuan\AppData\Local\recently-used.xbel
[2013.04.04 13:14:12 | 000,001,215 | ---- | C] () -- C:\Users\Public\Desktop\MediaConverter 8.lnk
[2013.04.04 13:07:00 | 000,000,892 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
[2013.04.03 23:50:42 | 016,563,467 | ---- | C] () -- C:\Users\Zixuan\Desktop\forberedelse.rar
[2013.04.03 14:20:01 | 000,001,016 | ---- | C] () -- C:\Users\Zixuan\Desktop\Axife Mouse Recorder DEMO.lnk
[2013.04.01 23:00:02 | 000,219,202 | ---- | C] () -- C:\Users\Zixuan\Documents\reklame presentasjon.odp
[2013.03.26 00:05:46 | 000,001,246 | ---- | C] () -- C:\Users\Zixuan\Desktop\4K Video Downloader.lnk
[2013.03.25 22:55:00 | 000,001,102 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013.03.25 22:55:00 | 000,001,090 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.03.23 20:19:14 | 000,002,066 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.03.23 19:29:02 | 000,002,049 | ---- | C] () -- C:\Users\Public\Desktop\Darksiders II.lnk
[2013.03.23 17:38:57 | 000,001,985 | ---- | C] () -- C:\Users\Public\Desktop\PCSX2 1.0.0 (r5350).lnk
[2013.02.27 17:34:05 | 000,000,045 | ---- | C] () -- C:\Users\Zixuan\jagex_cl_oldschool_LIVE.dat
[2012.12.16 20:17:24 | 000,000,604 | -H-- | C] () -- C:\Program Files (x86)\_Z2
[2012.12.07 19:09:04 | 000,001,456 | ---- | C] () -- C:\Users\Zixuan\AppData\Local\Adobe Save for Web 12.0 Prefs
[2012.12.07 18:52:40 | 000,000,132 | ---- | C] () -- C:\Users\Zixuan\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012.09.28 17:45:06 | 000,247,296 | ---- | C] () -- C:\Windows\SysWow64\rtvcvfw32.dll
[2012.08.25 17:07:38 | 000,000,331 | ---- | C] () -- C:\Windows\game.ini
[2012.08.01 13:08:16 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2012.07.12 21:19:28 | 000,059,505 | ---- | C] () -- C:\Users\Zixuan\AppData\Roaming\Zixuan3SQLite3.dll
[2012.07.12 20:13:53 | 000,001,616 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2012.06.28 19:20:25 | 000,000,050 | ---- | C] () -- C:\Users\Zixuan\jagex_cl_runescape_LIVE_BETA.dat
[2012.06.28 19:20:25 | 000,000,024 | ---- | C] () -- C:\Users\Zixuan\random.dat
[2012.06.16 16:46:43 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\cd.dat
[2012.05.15 19:30:14 | 000,007,634 | ---- | C] () -- C:\Users\Zixuan\AppData\Local\Resmon.ResmonCfg
[2012.05.05 13:06:54 | 002,440,204 | ---- | C] () -- C:\Users\Zixuan\AppData\Roaming\RSBot.db
[2012.05.01 18:38:47 | 000,000,024 | ---- | C] () -- C:\Users\Zixuan\jagexappletviewer.preferences
[2012.02.22 02:39:06 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.02.22 02:39:05 | 000,074,752 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2012.02.17 11:52:53 | 000,000,046 | ---- | C] () -- C:\Users\Zixuan\jagex_cl_runescape_LIVE1.dat
[2012.02.17 11:40:43 | 000,000,045 | ---- | C] () -- C:\Users\Zixuan\jagex_cl_runescape_LIVE.dat
[2012.01.17 12:24:10 | 000,055,296 | ---- | C] () -- C:\Windows\SysWow64\ASGT.exe
[2011.11.10 14:42:24 | 000,000,046 | ---- | C] () -- C:\Users\Zixuan\autorun.inf
[2011.11.10 14:41:38 | 000,000,186 | ---- | C] () -- C:\Users\Zixuan\setup.dat
[2011.10.26 20:35:25 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2011.10.26 20:35:25 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2011.10.26 20:35:25 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2011.10.26 20:35:25 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2011.10.26 20:35:25 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2011.10.06 18:38:46 | 977,647,704 | ---- | C] () -- C:\Users\Zixuan\The Elder Scrolls V- Skyrim_disk1_3.sid
[2011.10.06 18:38:46 | 000,009,756 | ---- | C] () -- C:\Users\Zixuan\The Elder Scrolls V- Skyrim_disk1.sim
[2011.10.06 18:38:46 | 000,000,368 | ---- | C] () -- C:\Users\Zixuan\The Elder Scrolls V- Skyrim_disk1.sis
[2011.10.06 18:38:13 | 1493,591,576 | ---- | C] () -- C:\Users\Zixuan\The Elder Scrolls V- Skyrim_disk1_2.sid
[2011.10.06 18:35:14 | 1493,613,192 | ---- | C] () -- C:\Users\Zixuan\The Elder Scrolls V- Skyrim_disk1_1.sid
[2011.10.06 18:34:34 | 1493,623,272 | ---- | C] () -- C:\Users\Zixuan\The Elder Scrolls V- Skyrim_disk1_0.sid
[2011.10.06 17:01:18 | 002,272,974 | ---- | C] () -- C:\Users\Zixuan\SteamRetailInstaller.dmg
[2011.10.06 17:01:18 | 000,194,084 | ---- | C] () -- C:\Users\Zixuan\splash.tga
[2011.08.15 18:26:36 | 000,000,016 | ---- | C] () -- C:\Windows\SysWow64\ptlx55.dat.{5728B11F-B697-47AA-9C1B-8ECB545B5193}
[2011.06.04 18:51:52 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2011.06.04 18:51:52 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2011.06.02 15:08:16 | 000,281,768 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.06.02 15:08:14 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.05.21 19:51:50 | 000,000,632 | RHS- | C] () -- C:\Users\Zixuan\ntuser.pol
[2011.03.18 21:27:17 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.03.21 21:03:28 | 000,090,624 | ---- | C] () -- C:\Users\Zixuan\simpack.dll
[2005.06.04 17:56:44 | 000,810,273 | -H-- | C] () -- C:\Users\Zixuan\AppData\Roaming\Zixuanlog.dat
[2001.05.11 21:45:42 | 000,165,824 | ---- | C] () -- C:\Users\Zixuan\Voyage-Undersea.mod

[color=#E56717]========== ZeroAccess Check ==========[/color]

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

[color=#E56717]========== LOP Check ==========[/color]

[2013.03.29 20:21:10 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\.minecraft
[2013.04.13 20:53:44 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\Ashisoft
[2013.04.04 20:54:27 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\Audacity
[2012.12.16 20:17:31 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\Avid
[2013.04.01 18:39:16 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\Bioshock
[2012.07.11 18:12:40 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\BitComet
[2012.12.28 00:27:30 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\Carbon
[2012.08.01 18:27:46 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\CometPlayer
[2012.02.28 22:09:47 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\DiskAid
[2013.03.26 05:11:37 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\Downloaded Installations
[2012.02.28 22:20:26 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\DVDVideoSoft
[2013.01.01 05:11:39 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\EasiestSoft
[2012.12.27 20:54:50 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\Empty Clip Studios
[2012.05.05 13:40:01 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\EpicBot
[2012.03.01 21:14:01 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\ESET
[2013.04.03 14:20:10 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\File Scout
[2012.12.18 22:17:40 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\FileZilla
[2013.01.21 21:47:38 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\gnupg
[2013.03.10 16:07:19 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\gtk-2.0
[2012.06.09 23:09:50 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\Hive Cluster
[2012.07.20 16:09:27 | 000,000,000 | RHSD | M] -- C:\Users\Zixuan\AppData\Roaming\install
[2013.03.24 18:37:16 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\Leadertech
[2012.08.25 12:08:54 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\LolClient
[2012.03.24 14:42:17 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\Mael
[2013.03.26 00:05:43 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\OpenCandy
[2012.03.05 21:35:52 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\OpenOffice.org
[2012.12.18 23:53:28 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\Opera
[2012.12.31 02:59:16 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\PCDr
[2013.04.03 14:21:41 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\PerformerSoft
[2013.01.21 21:43:43 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\PGP Corporation
[2012.06.21 11:12:33 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\RenPy
[2012.06.30 19:05:26 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\six-updater
[2012.06.19 15:22:38 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\six-zsync
[2012.06.07 19:13:50 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\Spirited Machine
[2012.11.28 15:53:45 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\SplitMediaLabs
[2012.08.14 20:39:33 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\Spotify
[2012.03.01 23:29:41 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\Synthesia
[2012.09.16 14:30:24 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\SYSTEMAX Software Development
[2012.07.06 14:43:19 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\TeamViewer
[2013.04.04 13:12:09 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\TechSmith
[2012.12.19 00:59:24 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\Tibia
[2012.08.12 02:01:54 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\tigerplayer
[2012.07.02 02:18:40 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\Ubisoft
[2012.06.07 13:46:40 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\Unity
[2013.04.13 22:14:32 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\uTorrent
[2013.01.01 05:12:57 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\vfilter
[2011.05.21 20:13:45 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\Wacom
[2011.05.21 20:24:13 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1
[2012.06.12 21:18:02 | 000,000,000 | ---D | M] -- C:\Users\Zixuan\AppData\Roaming\WindSolutions

[color=#E56717]========== Purity Check ==========[/color]


[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2013.03.29 04:25:42 | 000,000,000 | ---D | M](C:\Users\Zixuan\Documents\????) -- C:\Users\Zixuan\Documents\마비노기
[2013.03.29 04:25:42 | 000,000,000 | ---D | C](C:\Users\Zixuan\Documents\????) -- C:\Users\Zixuan\Documents\마비노기

< End of report >