Most odd networking issue ever

mr.doom

Member
I have never experienced anything like that.

I recently bought (along with many other upgrades) I bought a the MSI Gaming 7 Z97 motherboard. It has the notorious Killer E2200 NIC. I had no issues with it, apart from Skype not working properly. Now though, things got a bit ugly. Most pages open no problem, same goes for online games, Steam etc. But certain websites or Unreal Engine won't connect no matter what I do. I cleaned out all Killer drivers and suite, no luck. Used Qualcom drivers, no luck.

My iphone is connected to the same network, all the pages in question work without issues. Here is where it gets odd: I unplugged the LAN cable, plugged the USB WiFi dongle. Same issue persist. In last ditch attempt I formatted the hard drive, put new Windows on - same problem. Windows firewall on or off makes no difference, Installing Internet Security suite (to bypass windows firewall), doesn't fix anything either.

So, would you have any ideas of what to try? I am out of options here.

Update, seems like my fiancee has the same issue with the same websites on her laptop. Could be the router, but then why is my phone working perfectly well?
 
Last edited:

mr.doom

Member
Motherboard might be defective.
Hi and thanks for quick tip.
Fair enough, but how would this explain that my fiancee's laptop has the same issue with the same pages?
It literally started few days ago, on both of ours computers, but not on the phone that is connected to the same router.
 

johnb35

Administrator
Staff member
My guess would be router poisoning or at least infected host file on both computers.
 

mr.doom

Member
It seems hosts file is clean, but I now believe that it is definitely an arp spoofing attack. How the heck do I stop it on Windows 8 and 7?
 

johnb35

Administrator
Staff member
How do you know that hosts file is clean? Can you copy and paste the hosts file from each computer back here.

If its router poisoning then resetting the router back to defaults will clear it up.
 

mr.doom

Member
How do you know that hosts file is clean? Can you copy and paste the hosts file from each computer back here.

If its router poisoning then resetting the router back to defaults will clear it up.

Both computers have exactly same hosts content:

Code:
# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
#      102.54.94.97     rhino.acme.com          # source server
#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handled within DNS itself.
#	127.0.0.1       localhost
#	::1             localhost
 

mr.doom

Member
ok. Also, what type of security software are you running on both pc's?

Avast IS on mine, nothing on the laptop (I know that's bad, but she is blind, and most security suites interfere with screen reading software). By nothing I mean Microsoft Security Essentials :D
 

johnb35

Administrator
Staff member
Can you post the website you are having an issue with or pm me the site. I have Avast too so we could see if avast is blocking it for some reason? Have you tried resetting the router yet?
 

mr.doom

Member
Can you post the website you are having an issue with or pm me the site. I have Avast too so we could see if avast is blocking it for some reason? Have you tried resetting the router yet?

try: www.seb.se (major Swedish bank)
or www.mkbfastighet.se (I rend apartment from them)

I did reset the router, to no avail, even updated the firmware, still same issue. I also run Colasoft Caps and it doesn't detect arp attacks...
 

johnb35

Administrator
Staff member
Had no problem accessing those sites. So lets run some scans, you may have a browser addon causing the issue.

1.

Please download AdwCleaner by Xplode onto your Desktop.



•Please close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Scan.
•After the scan you will need to click on clean for it to delete the adware.
•Your computer will be rebooted automatically. A text file will open after the restart.
•Please post the content of that logfile in your reply.
•You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.

2.

Please download Junkware Removal Tool to your desktop.

•Shutdown your antivirus to avoid any conflicts.
•Very important that you run the tool in this manner:
Right-mouse click JRT.exe and select Run as administrator
Do NOT just double-click it.
•The tool will open and start scanning your system.
•Please be patient as this can take a while to complete.
•On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
•Post the contents of JRT.txt in your next message.

3.

Please download Malwarebytes' Anti-Malware and save it to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to
    • Update Malwarebytes' Anti-Malware
    • and Launch Malwarebytes' Anti-Malware
  • then click Finish.
  • If an update is found, it will download and install the latest version. Please keep updating until it says you have the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • A log will be saved automatically which you can access by clicking on the Logs tab within Malwarebytes' Anti-Malware

If for some reason Malwarebytes will not install or run please download and run Rkill.scr, Rkill.exe, or Rkill.com. If you are still having issues running rkill then try downloading these renamed versions of the same program.

EXPLORER.EXE
IEXPLORE.EXE
USERINIT.EXE
WINLOGON.EXE

But DO NOT reboot the system and then try installing or running Malwarebytes. If Rkill (which is a black box) appears and then disappears right away or you get a message saying rkill is infected, keep trying to run rkill until it over powers the infection and temporarily kills it. Once a log appears on the screen, you can try running malwarebytes or downloading other programs.

Please post the log that Malwarebytes displays on your screen.

4.

Download OTL to your Desktop


•Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
•Click on Minimal Output at the top
•Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
◦When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. Just post the OTL.txt file in your reply.

then post the logs from the following 4 programs.

1. Adwcleaner
2. Junkware removal tool
3. Malwarebytes
4. OTL
 

mr.doom

Member
OK, I will update this message as I go through your list.

1. Adw Cleaner result is here (did not help yet):

# AdwCleaner v4.111 - Logfile created 03/03/2015 at 23:42:13
# Updated 18/02/2015 by Xplode
# Database : 2015-03-02.3 [Server]
# Operating system : Windows 8.1 Pro (x64)
# Username : Fetishgod - BOBB
# Running from : C:\Users\Fetishgod\Downloads\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v36.0 (x86 en-US)


-\\ Google Chrome v40.0.2214.115


*************************

AdwCleaner[R0].txt - [877 bytes] - [03/03/2015 23:40:55]
AdwCleaner[S0].txt - [807 bytes] - [03/03/2015 23:42:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [865 bytes] ##########



2. JRT

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows 8.1 Pro x64
Ran by Fetishgod on 2015-03-03 at 23:49:50,19
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Windows\wininit.ini"



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2015-03-03 at 23:51:45,68
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


3. Malwarebytes:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 2015-03-04
Scan Time: 00:00:39
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.03.03.06
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Fetishgod

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 340872
Time Elapsed: 3 min, 6 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
 
Last edited:

mr.doom

Member
Don't use code tags for your logs, just copy and paste them in your reply.

Sorry. And the last is OTL:

and th last
4. OTL:
OTL logfile created on: 2015-03-04 00:15:57 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Fetishgod\Desktop
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16521)
Locale: 0000041d | Country: Sverige | Language: SVE | Date Format: yyyy-MM-dd

15,95 Gb Total Physical Memory | 13,20 Gb Available Physical Memory | 82,79% Memory free
18,83 Gb Paging File | 16,05 Gb Available in Paging File | 85,25% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465,42 Gb Total Space | 347,51 Gb Free Space | 74,67% Space Free | Partition Type: NTFS
Drive D: | 1863,00 Gb Total Space | 708,82 Gb Free Space | 38,05% Space Free | Partition Type: exFAT

Computer Name: BOBB | User Name: Fetishgod | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Fetishgod\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o.)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o.)
PRC - C:\Program Files\AVAST Software\Avast\afwServ.exe (Avast Software s.r.o.)
PRC - C:\Users\Fetishgod\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
PRC - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe (Apple Inc.)
PRC - C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe (Samsung Electronics.)
PRC - C:\Program Files\ASUS Xonar Essence STX Audio\Customapp\AsusAudioCenter.exe (CMedia)
PRC - C:\Windows\SysWOW64\HsMgr.exe ()


========== Modules (No Company Name) ==========

MOD - C:\Program Files\AVAST Software\Avast\libcef.dll ()
MOD - C:\Program Files\AVAST Software\Avast\libGLESv2.dll ()
MOD - C:\Program Files\AVAST Software\Avast\libEGL.dll ()
MOD - C:\Program Files\AVAST Software\Avast\log.dll ()
MOD - C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll ()
MOD - C:\Program Files\ASUS Xonar Essence STX Audio\Customapp\VmixP8.dll ()
MOD - C:\Windows\SysWOW64\HsMgr.exe ()


========== Services (SafeList) ==========

SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Avast Software s.r.o.)
SRV:64bit: - (AvastVBoxSvc) -- C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (Avast Software)
SRV:64bit: - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe (Avast Software s.r.o.)
SRV:64bit: - (NvStreamSvc) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation)
SRV:64bit: - (GfExperienceService) -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (NVIDIA Corporation)
SRV:64bit: - (SamsungRapidSvc) -- C:\Windows\SysNative\RAPID\SamsungRapidSvc.exe (Samsung Electronics Co., Ltd.)
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (Service KMSELDI) -- C:\Program Files\KMSpico\Service_KMS.exe ()
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (MsKeyboardFilter) -- C:\Windows\SysNative\KeyboardFilterSvc.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (NvNetworkService) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (lfsvc) -- C:\Windows\SysWOW64\GeofenceMonitorService.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (Avast Software s.r.o.)
DRV:64bit: - (aswVmm) -- C:\Windows\SysNative\drivers\aswVmm.sys ()
DRV:64bit: - (aswStm) -- C:\Windows\SysNative\drivers\aswStm.sys (Avast Software s.r.o.)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (Avast Software s.r.o.)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (Avast Software s.r.o.)
DRV:64bit: - (aswRvrt) -- C:\Windows\SysNative\drivers\aswRvrt.sys ()
DRV:64bit: - (aswHwid) -- C:\Windows\SysNative\drivers\aswHwid.sys ()
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (Avast Software s.r.o.)
DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (Avast Software s.r.o.)
DRV:64bit: - (aswNdisFlt) -- C:\Windows\SysNative\drivers\aswNdisFlt.sys (Avast Software s.r.o.)
DRV:64bit: - (VBoxAswDrv) -- C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys (Avast Software)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (NVVADARM) -- C:\Windows\SysNative\drivers\nvvadarm.sys (NVIDIA Corporation)
DRV:64bit: - (nvvad_WaveExtensible) -- C:\Windows\SysNative\drivers\nvvad64v.sys (NVIDIA Corporation)
DRV:64bit: - (NvStreamKms) -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys (NVIDIA Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys (Intel Corporation)
DRV:64bit: - (CMUSBDAC) -- C:\Windows\SysNative\drivers\CMUSBDAC.sys (C-MEDIA)
DRV:64bit: - (SamsungRapidFSFltr) -- C:\Windows\SysNative\drivers\SamsungRapidFSFltr.sys (Samsung Electronics Co., Ltd.)
DRV:64bit: - (SamsungRapidDiskFltr) -- C:\Windows\SysNative\drivers\SamsungRapidDiskFltr.sys (Samsung Electronics Co., Ltd.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (Netaapl) -- C:\Windows\SysNative\drivers\netaapl64.sys (Apple Inc.)
DRV:64bit: - (Capsax64Drv0) -- C:\Windows\SysNative\drivers\Capsax64Drv0.sys (Colasoft Co., Ltd.)
DRV:64bit: - (CsNdisLWF) -- C:\Windows\SysNative\drivers\CsNdisLWF.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (cmudaxp) -- C:\Windows\SysNative\drivers\cmudaxp.sys (C-Media Inc)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (kbldfltr) -- C:\Windows\SysNative\drivers\kbldfltr.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (Vid) -- C:\Windows\SysNative\drivers\Vid.sys (Microsoft Corporation)
DRV:64bit: - (vmbusr) -- C:\Windows\SysNative\drivers\vmbusr.sys (Microsoft Corporation)
DRV:64bit: - (storvsp) -- C:\Windows\SysNative\drivers\storvsp.sys (Microsoft Corporation)
DRV:64bit: - (vpcivsp) -- C:\Windows\SysNative\drivers\vpcivsp.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (LSI_SAS3) -- C:\Windows\SysNative\drivers\lsi_sas3.sys (LSI Corporation)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\Windows\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc63.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (ISCT) -- C:\Windows\SysNative\drivers\ISCTD64.sys ()
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C63x64.sys (Qualcomm Atheros Co., Ltd.)
DRV:64bit: - (Ke2200) -- C:\Windows\SysNative\drivers\e22w8x64.sys (Qualcomm Atheros, Inc.)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.)
DRV:64bit: - (CompFilter64) -- C:\Windows\SysNative\drivers\lvbflt64.sys (Logitech Inc.)
DRV:64bit: - (CSN5PDTS82x64) -- C:\Windows\SysNative\drivers\CSN5PDTS82x64.sys (Colasoft Co., Ltd.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (BCMH43XX) -- C:\Windows\SysNative\drivers\bcmwlhigh664.sys (Broadcom Corporation)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (LGPBTDD) -- C:\Windows\SysNative\drivers\LGPBTDD.sys (Logitech Inc.)
DRV - (CsNdisLWF) -- C:\Windows\SysWOW64\drivers\CsNdisLWF.sys (Windows (R) Win 7 DDK provider)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/sv-se/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sv-SE
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0D 5C D7 B4 35 54 D0 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.countryCode: "SE"
FF - prefs.js..browser.search.hiddenOneOffs: "Yahoo,Bing,Amazon.com,DuckDuckGo,eBay,Twitter,Wikipedia (en)"
FF - prefs.js..browser.search.region: "SE"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:36.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.31.2: C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.31.2: C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Fetishgod\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-03 17:52:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 36.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 36.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2015-03-03 13:31:53 | 000,000,000 | ---D | M]

[2015-03-03 18:29:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fetishgod\AppData\Roaming\Mozilla\Extensions
[2015-03-03 18:39:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Fetishgod\AppData\Roaming\Mozilla\Firefox\Profiles\d6yw247a.default\extensions
[2015-03-03 18:29:33 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2015-03-03 18:29:33 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013-02-13 21:08:22 | 000,033,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll

========== Chrome ==========

CHR - default_search_provider: ()
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Error reading preferences file
CHR - Extension: No name found = C:\Users\Fetishgod\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.9_0\
CHR - Extension: No name found = C:\Users\Fetishgod\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeghledigokaedmpimgnfplidhdhlchg\2.3_0\
CHR - Extension: No name found = C:\Users\Fetishgod\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.9_0\
CHR - Extension: No name found = C:\Users\Fetishgod\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.4_0\
CHR - Extension: No name found = C:\Users\Fetishgod\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_1\
CHR - Extension: No name found = C:\Users\Fetishgod\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.7_0\
CHR - Extension: No name found = C:\Users\Fetishgod\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Fetishgod\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.1_0\
CHR - Extension: No name found = C:\Users\Fetishgod\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik\2.2015.227.11016_0\
CHR - Extension: No name found = C:\Users\Fetishgod\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl\1.1.4_0\
CHR - Extension: No name found = C:\Users\Fetishgod\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpdnkkdgghlpdgldicfgnnnkhdfhocg\0.9.3.9_0\
CHR - Extension: No name found = C:\Users\Fetishgod\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp\6.5.1_0\
CHR - Extension: No name found = C:\Users\Fetishgod\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdlagniojmheiklojdcpdaeepochckl\12.8.0.10_0\
CHR - Extension: No name found = C:\Users\Fetishgod\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8_0\

O1 HOSTS File: ([2013-08-22 14:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (Avast Software s.r.o.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (Avast Software s.r.o.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Cmaudio8788] C:\Windows\Syswow64\cmicnfgp.dll (C-Media Corporation)
O4:64bit: - HKLM..\Run: [Cmaudio8788GX] C:\Windows\syswow64\HsMgr.exe ()
O4:64bit: - HKLM..\Run: [Cmaudio8788GX64] C:\Windows\system\HsMgr64.exe ()
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [SamsungRapidApp] C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe (Samsung Electronics Co., Ltd.)
O4:64bit: - HKLM..\Run: [ShadowPlay] C:\Windows\SysNative\nvspcap64.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o.)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Fetishgod\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SoftwareSASGeneration = 1
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 81.88.9.218
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{374213BC-77D8-42AB-B92B-BB4182469E5F}: DhcpNameServer = 172.20.10.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D9439B09-1954-4273-8D73-2E74D45E8FDD}: DhcpNameServer = 81.88.9.218
O18 - Protocol\Handler\ms-help - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2015-03-04 00:14:31 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Fetishgod\Desktop\OTL.exe
[2015-03-04 00:00:10 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015-03-04 00:00:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2015-03-04 00:00:01 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2015-03-04 00:00:01 | 000,064,216 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2015-03-04 00:00:01 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2015-03-04 00:00:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2015-03-04 00:00:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2015-03-03 23:40:51 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2015-03-03 22:44:29 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Roaming\Colasoft Packet Builder
[2015-03-03 22:33:05 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Roaming\Colasoft Packet Player
[2015-03-03 22:33:04 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Roaming\Colasoft Ping Tool
[2015-03-03 22:33:03 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Roaming\Colasoft MAC Scanner
[2015-03-03 22:33:02 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Roaming\Colasoft Capsa 7 - Enterprise Edition Demo
[2015-03-03 22:32:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Colasoft Shared
[2015-03-03 22:32:25 | 000,034,840 | ---- | C] (Colasoft Co., Ltd.) -- C:\Windows\SysNative\drivers\CSN5PDTS82x64.sys
[2015-03-03 22:32:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Colasoft Capsa 7 Enterprise Demo
[2015-03-03 22:32:21 | 000,035,976 | ---- | C] (Colasoft Co., Ltd.) -- C:\Windows\SysNative\drivers\Capsax64Drv3.sys
[2015-03-03 22:32:21 | 000,035,976 | ---- | C] (Colasoft Co., Ltd.) -- C:\Windows\SysNative\drivers\Capsax64Drv2.sys
[2015-03-03 22:32:21 | 000,035,976 | ---- | C] (Colasoft Co., Ltd.) -- C:\Windows\SysNative\drivers\Capsax64Drv1.sys
[2015-03-03 22:32:21 | 000,035,976 | ---- | C] (Colasoft Co., Ltd.) -- C:\Windows\SysNative\drivers\Capsax64Drv0.sys
[2015-03-03 22:32:21 | 000,026,352 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysWow64\drivers\CsNdisLWF.sys
[2015-03-03 22:32:21 | 000,026,352 | ---- | C] (Windows (R) Win 7 DDK provider) -- C:\Windows\SysNative\drivers\CsNdisLWF.sys
[2015-03-03 22:32:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Colasoft Capsa 7 Enterprise Demo
[2015-03-03 22:32:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Colasoft Capsa 7 Enterprise Demo Edition
[2015-03-03 22:32:05 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Local\Programs
[2015-03-03 22:25:55 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\appmgmt
[2015-03-03 22:03:04 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2015-03-03 22:02:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
[2015-03-03 22:02:41 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Local\Comodo
[2015-03-03 22:00:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2015-03-03 21:03:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Unity Projects
[2015-03-03 21:00:08 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Roaming\xarp-Fetishgod
[2015-03-03 20:55:02 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Local\Unity
[2015-03-03 20:52:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2015-03-03 20:52:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2015-03-03 20:52:13 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2015-03-03 20:52:13 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2015-03-03 19:44:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unity 5.0.0f4 (64-bit)
[2015-03-03 19:42:12 | 000,000,000 | ---D | C] -- C:\Program Files\Unity
[2015-03-03 19:20:19 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Local\UnrealEngineLauncher
[2015-03-03 18:29:41 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Roaming\Mozilla
[2015-03-03 18:29:41 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Local\Mozilla
[2015-03-03 17:52:29 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Roaming\AVAST Software
[2015-03-03 17:52:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\vbox
[2015-03-03 17:52:16 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\vbox
[2015-03-03 17:52:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[2015-03-03 17:52:07 | 001,047,320 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2015-03-03 17:52:07 | 000,441,728 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswSP.sys
[2015-03-03 17:52:07 | 000,364,472 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\SysNative\aswBoot.exe
[2015-03-03 17:52:07 | 000,136,752 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswStm.sys
[2015-03-03 17:52:07 | 000,093,528 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2015-03-03 17:52:07 | 000,088,408 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2015-03-03 17:52:07 | 000,028,144 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2015-03-03 17:52:05 | 000,043,112 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\avastSS.scr
[2015-03-03 17:51:59 | 000,449,896 | ---- | C] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswNdisFlt.sys
[2015-03-03 17:49:06 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2015-03-03 17:47:59 | 000,000,000 | ---D | C] -- C:\ProgramData\AVAST Software
[2015-03-03 17:46:53 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Local\Diagnostics
[2015-03-03 17:24:17 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\MRT
[2015-03-03 17:16:30 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Local\EpicGamesLauncher
[2015-03-03 17:16:24 | 000,000,000 | ---D | C] -- C:\Program Files\Epic Games
[2015-03-03 17:16:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Epic
[2015-03-03 14:48:03 | 000,000,000 | ---D | C] -- C:\Windows\Sun
[2015-03-03 14:47:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2015-03-03 14:47:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2015-03-03 14:47:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2015-03-03 14:47:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2015-03-03 14:47:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2015-03-03 13:53:38 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\Documents\Custom Office Templates
[2015-03-03 13:33:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Toolkit
[2015-03-03 13:31:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2015-03-03 13:31:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2015-03-03 13:31:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\DESIGNER
[2015-03-03 13:31:20 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET
[2015-03-03 13:31:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft SQL Server
[2015-03-03 13:31:09 | 000,000,000 | ---D | C] -- C:\Windows\PCHEALTH
[2015-03-03 13:31:09 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft SQL Server
[2015-03-03 13:30:48 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Analysis Services
[2015-03-03 13:30:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Analysis Services
[2015-03-03 13:30:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Office
[2015-03-03 13:30:44 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Local\Microsoft Help
[2015-03-03 13:30:43 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office
[2015-03-03 13:30:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft Help
[2015-03-03 13:30:34 | 000,000,000 | RH-D | C] -- C:\MSOCache
[2015-03-03 12:49:37 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Local\Spotify
[2015-03-03 12:48:58 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Roaming\Spotify
[2015-03-03 11:21:37 | 000,130,248 | ---- | C] (Qualcomm Atheros Co., Ltd.) -- C:\Windows\SysNative\drivers\L1C63x64.sys
[2015-03-02 22:39:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2015-03-02 22:39:18 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Roaming\Apple Computer
[2015-03-02 22:39:18 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Local\Apple Computer
[2015-03-02 22:39:09 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2015-03-02 22:39:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2015-03-02 22:39:09 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2015-03-02 22:39:09 | 000,000,000 | ---D | C] -- C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
[2015-03-02 22:39:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2015-03-02 22:39:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2015-03-02 22:39:04 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Local\Apple
[2015-03-02 22:39:00 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2015-03-02 22:39:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour
[2015-03-02 22:38:57 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple
[2015-03-02 22:38:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2015-03-02 22:38:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2015-03-02 11:41:50 | 000,268,976 | ---- | C] (Samsung Electronics Co., Ltd.) -- C:\Windows\SysNative\drivers\SamsungRapidDiskFltr.sys
[2015-03-02 11:41:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\RAPID
[2015-03-02 11:41:50 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\DRVSTORE
[2015-03-02 11:35:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
[2015-03-02 11:35:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Samsung
[2015-03-02 11:35:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Samsung
[2015-03-02 03:02:07 | 000,163,536 | ---- | C] (Qualcomm Atheros, Inc.) -- C:\Windows\SysNative\drivers\e22w8x64.sys
[2015-03-02 01:26:43 | 000,000,000 | -HSD | C] -- C:\System Volume
 

mr.doom

Member
Information
[2015-03-02 01:26:09 | 000,000,000 | ---D | C] -- C:\Windows\Panther
[2015-03-01 23:55:15 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\Documents\C4D work
[2015-03-01 21:07:42 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Roaming\jawset
[2015-03-01 21:06:50 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Roaming\NVIDIA
[2015-03-01 21:06:50 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Roaming\MAXON
[2015-03-01 21:06:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAXON
[2015-03-01 21:04:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2015-03-01 21:03:47 | 000,000,000 | ---D | C] -- C:\Program Files\MAXON
[2015-03-01 20:59:17 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Roaming\vlc
[2015-03-01 20:59:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2015-03-01 20:59:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN
[2015-03-01 20:56:59 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Roaming\uTorrent
[2015-03-01 18:29:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
[2015-03-01 18:29:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hearthstone
[2015-03-01 18:29:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Blizzard Entertainment
[2015-03-01 18:27:53 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Local\Blizzard Entertainment
[2015-03-01 18:27:48 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Roaming\Battle.net
[2015-03-01 18:27:48 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Local\Battle.net
[2015-03-01 18:27:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Blizzard Entertainment
[2015-03-01 18:27:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
[2015-03-01 18:27:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Battle.net
[2015-03-01 18:26:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Battle.net
[2015-03-01 18:23:11 | 000,000,000 | -H-D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2015-03-01 18:23:10 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Roaming\ASUS
[2015-03-01 18:23:09 | 000,419,840 | ---- | C] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2015-03-01 18:23:09 | 000,413,696 | ---- | C] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2015-03-01 18:23:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenAL
[2015-03-01 18:23:04 | 000,212,992 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\SysWow64\HsSrv2.dll
[2015-03-01 18:23:04 | 000,212,992 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\SysWow64\HsSrv.dll
[2015-03-01 18:23:04 | 000,122,880 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\System\HsSrv642.dll
[2015-03-01 18:23:04 | 000,122,880 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\System\HsSrv64.dll
[2015-03-01 18:23:04 | 000,122,880 | ---- | C] (CMedia Electronics Inc.) -- C:\Windows\SysWow64\Cm_Oal.dll
[2015-03-01 18:23:04 | 000,122,880 | ---- | C] (CMedia Electronics Inc.) -- C:\Windows\SysNative\Cm_Oal.dll
[2015-03-01 18:23:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Xonar Essence STX Audio
[2015-03-01 18:23:03 | 012,943,360 | ---- | C] (C-Media Corporation) -- C:\Windows\SysWow64\CmiCnfgp.dll
[2015-03-01 18:23:03 | 000,465,408 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\SysNative\cmasiopx.dll
[2015-03-01 18:23:03 | 000,303,104 | ---- | C] (C-Media Electronics Inc.) -- C:\Windows\SysWow64\cmasiop.dll
[2015-03-01 18:23:03 | 000,200,704 | ---- | C] (C-Media) -- C:\Windows\SysWow64\Cmpaoxy.dll
[2015-03-01 18:23:00 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS Xonar Essence STX Audio
[2015-03-01 18:16:33 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
[2015-03-01 17:30:56 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Local\Steam
[2015-03-01 17:28:38 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Roaming\WinRAR
[2015-03-01 17:28:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\World of Warcraft
[2015-03-01 17:25:18 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
[2015-03-01 17:25:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
[2015-03-01 17:25:17 | 000,000,000 | ---D | C] -- C:\Program Files\WinRAR
[2015-03-01 17:25:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
[2015-03-01 17:25:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Steam
[2015-03-01 17:25:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Steam
[2015-03-01 16:55:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Adobe
[2015-03-01 16:55:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe AIR
[2015-03-01 16:55:01 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Local\Adobe
[2015-03-01 16:55:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe
[2015-03-01 16:54:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2015-03-01 16:54:35 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2015-03-01 16:54:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2015-03-01 16:54:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2015-03-01 16:54:22 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Local\Google
[2015-03-01 16:54:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2015-03-01 16:47:56 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Local\NVIDIA Corporation
[2015-03-01 16:47:56 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Local\NVIDIA
[2015-03-01 16:47:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AGEIA Technologies
[2015-03-01 16:47:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
[2015-03-01 16:47:20 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2015-03-01 16:47:13 | 000,074,056 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2015-03-01 16:47:13 | 000,060,560 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2015-03-01 16:47:12 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2015-03-01 16:47:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2015-03-01 16:46:45 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2015-03-01 16:46:29 | 000,000,000 | ---D | C] -- C:\NVIDIA
[2015-03-01 16:44:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\logishrd
[2015-03-01 16:44:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\logishrd
[2015-03-01 16:43:55 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Roaming\Macromedia
[2015-03-01 16:43:50 | 000,000,000 | ---D | C] -- C:\ProgramData\LogiShrd
[2015-03-01 16:43:49 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Local\Logitech
[2015-03-01 16:42:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
[2015-03-01 16:42:33 | 000,000,000 | ---D | C] -- C:\Program Files\Logitech Gaming Software
[2015-03-01 16:42:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2015-03-01 16:42:08 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Roaming\Logitech
[2015-03-01 16:42:08 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Roaming\Logishrd
[2015-03-01 16:31:47 | 000,000,000 | R--D | C] -- C:\Users\Fetishgod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2015-03-01 16:31:47 | 000,000,000 | R--D | C] -- C:\Users\Fetishgod\Searches
[2015-03-01 16:31:47 | 000,000,000 | R--D | C] -- C:\Users\Fetishgod\Contacts
[2015-03-01 16:31:47 | 000,000,000 | R--D | C] -- C:\Users\Fetishgod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2015-03-01 16:31:47 | 000,000,000 | -H-D | C] -- C:\Users\Fetishgod\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2015-03-01 16:31:47 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Local\VirtualStore
[2015-03-01 16:31:47 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Roaming\Adobe
[2015-03-01 16:31:44 | 000,000,000 | --SD | C] -- C:\Users\Fetishgod\AppData\Roaming\Microsoft
[2015-03-01 16:31:44 | 000,000,000 | R--D | C] -- C:\Users\Fetishgod\Videos
[2015-03-01 16:31:44 | 000,000,000 | R--D | C] -- C:\Users\Fetishgod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2015-03-01 16:31:44 | 000,000,000 | R--D | C] -- C:\Users\Fetishgod\Saved Games
[2015-03-01 16:31:44 | 000,000,000 | R--D | C] -- C:\Users\Fetishgod\Pictures
[2015-03-01 16:31:44 | 000,000,000 | R--D | C] -- C:\Users\Fetishgod\Music
[2015-03-01 16:31:44 | 000,000,000 | R--D | C] -- C:\Users\Fetishgod\Links
[2015-03-01 16:31:44 | 000,000,000 | R--D | C] -- C:\Users\Fetishgod\Favorites
[2015-03-01 16:31:44 | 000,000,000 | R--D | C] -- C:\Users\Fetishgod\Downloads
[2015-03-01 16:31:44 | 000,000,000 | R--D | C] -- C:\Users\Fetishgod\Documents
[2015-03-01 16:31:44 | 000,000,000 | R--D | C] -- C:\Users\Fetishgod\Desktop
[2015-03-01 16:31:44 | 000,000,000 | R--D | C] -- C:\Users\Fetishgod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2015-03-01 16:31:44 | 000,000,000 | R--D | C] -- C:\Users\Fetishgod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2015-03-01 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\Fetishgod\AppData\Local\Temporary Internet Files
[2015-03-01 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\Fetishgod\Templates
[2015-03-01 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\Fetishgod\Start Menu
[2015-03-01 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\Fetishgod\SendTo
[2015-03-01 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\Fetishgod\Recent
[2015-03-01 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\Fetishgod\PrintHood
[2015-03-01 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\Fetishgod\NetHood
[2015-03-01 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\Fetishgod\Documents\My Videos
[2015-03-01 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\Fetishgod\Documents\My Pictures
[2015-03-01 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\Fetishgod\Documents\My Music
[2015-03-01 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\Fetishgod\My Documents
[2015-03-01 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\Fetishgod\Local Settings
[2015-03-01 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\Fetishgod\AppData\Local\History
[2015-03-01 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\Fetishgod\Cookies
[2015-03-01 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\Fetishgod\Application Data
[2015-03-01 16:31:44 | 000,000,000 | -HSD | C] -- C:\Users\Fetishgod\AppData\Local\Application Data
[2015-03-01 16:31:44 | 000,000,000 | -H-D | C] -- C:\Users\Fetishgod\AppData
[2015-03-01 16:31:44 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Local\Temp
[2015-03-01 16:31:44 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Local\Packages
[2015-03-01 16:31:44 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Local\Microsoft
[2015-03-01 16:31:44 | 000,000,000 | ---D | C] -- C:\Users\Fetishgod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2015-03-01 16:31:21 | 000,000,000 | ---D | C] -- C:\Windows\CSC
[2015-03-01 16:29:40 | 000,000,000 | ---D | C] -- C:\Program Files\KMSpico
[2015-03-01 16:29:39 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2015-03-01 16:27:26 | 000,000,000 | ---D | C] -- C:\Windows\Prefetch

========== Files - Modified Within 30 Days ==========

[2015-03-04 00:14:14 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Fetishgod\Desktop\OTL.exe
[2015-03-04 00:05:00 | 000,001,012 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015-03-04 00:00:21 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2015-03-04 00:00:02 | 000,001,114 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015-03-03 23:49:04 | 000,863,592 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015-03-03 23:49:04 | 000,722,278 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2015-03-03 23:49:04 | 000,135,394 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2015-03-03 23:45:00 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2015-03-03 23:43:06 | 000,001,008 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015-03-03 23:43:02 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2015-03-03 23:42:58 | 816,209,917 | -HS- | M] () -- C:\hiberfil.sys
[2015-03-03 22:32:25 | 000,001,224 | ---- | M] () -- C:\Users\Fetishgod\Desktop\Colasoft Capsa 7 Enterprise Demo.lnk
[2015-03-03 22:08:23 | 000,002,040 | ---- | M] () -- C:\Users\Fetishgod\Desktop\Spotify.lnk
[2015-03-03 22:08:23 | 000,001,070 | ---- | M] () -- C:\Users\Fetishgod\Desktop\µTorrent.lnk
[2015-03-03 19:44:15 | 000,000,899 | ---- | M] () -- C:\Users\Public\Desktop\Unity 5.0.0f4 (64-bit).lnk
[2015-03-03 18:29:35 | 000,001,159 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015-03-03 17:52:16 | 000,001,998 | ---- | M] () -- C:\Users\Public\Desktop\Avast SafeZone.lnk
[2015-03-03 17:52:16 | 000,001,938 | ---- | M] () -- C:\Users\Public\Desktop\Avast Internet Security.lnk
[2015-03-03 17:52:06 | 000,441,728 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswSP.sys
[2015-03-03 17:52:06 | 000,364,472 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\aswBoot.exe
[2015-03-03 17:52:06 | 000,268,640 | ---- | M] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2015-03-03 17:52:06 | 000,136,752 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswStm.sys
[2015-03-03 17:52:06 | 000,093,528 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswRdr2.sys
[2015-03-03 17:52:06 | 000,088,408 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswMonFlt.sys
[2015-03-03 17:52:06 | 000,065,736 | ---- | M] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2015-03-03 17:52:06 | 000,029,168 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2015-03-03 17:52:05 | 000,043,112 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\avastSS.scr
[2015-03-03 17:52:02 | 001,047,320 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswSnx.sys
[2015-03-03 17:52:02 | 000,028,144 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswKbd.sys
[2015-03-03 17:51:59 | 000,449,896 | ---- | M] (Avast Software s.r.o.) -- C:\Windows\SysNative\drivers\aswNdisFlt.sys
[2015-03-03 17:36:31 | 000,472,704 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2015-03-03 17:16:27 | 000,001,216 | ---- | M] () -- C:\Users\Public\Desktop\Epic Games Launcher.lnk
[2015-03-03 14:33:13 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
[2015-03-03 14:33:12 | 000,245,492 | ---- | M] () -- C:\Windows\SysNative\oem24.inf
[2015-03-02 22:40:12 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_netaapl64_01009.Wdf
[2015-03-02 22:39:18 | 000,001,765 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2015-03-02 11:35:40 | 000,001,241 | ---- | M] () -- C:\Users\Public\Desktop\Samsung Magician.lnk
[2015-03-02 11:06:46 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2015-03-02 04:18:40 | 000,000,023 | ---- | M] () -- C:\Users\Fetishgod\Documents\shut down.bat
[2015-03-01 21:06:05 | 000,001,127 | ---- | M] () -- C:\Users\Fetishgod\Desktop\CINEMA 4D.lnk
[2015-03-01 20:59:12 | 000,001,082 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2015-03-01 18:29:11 | 000,001,193 | ---- | M] () -- C:\Users\Public\Desktop\Hearthstone.lnk
[2015-03-01 18:27:47 | 000,001,156 | ---- | M] () -- C:\Users\Public\Desktop\Battle.net.lnk
[2015-03-01 18:23:09 | 000,419,840 | ---- | M] (Creative Labs) -- C:\Windows\SysNative\wrap_oal.dll
[2015-03-01 18:23:09 | 000,413,696 | ---- | M] (Creative Labs) -- C:\Windows\SysWow64\wrap_oal.dll
[2015-03-01 18:23:04 | 000,052,576 | ---- | M] () -- C:\Windows\Cmicnfgp.ini.cfl
[2015-03-01 18:23:03 | 000,001,123 | ---- | M] () -- C:\Windows\Cmicnfgp.ini.imi
[2015-03-01 18:23:03 | 000,001,062 | ---- | M] () -- C:\Windows\System\Cmicnfgp.ini
[2015-03-01 18:23:03 | 000,000,134 | ---- | M] () -- C:\Windows\System\Dlap.pfx
[2015-03-01 18:22:41 | 000,000,222 | ---- | M] () -- C:\Users\Fetishgod\Desktop\Sins of a Solar Empire Rebellion.url
[2015-03-01 18:18:52 | 000,000,220 | ---- | M] () -- C:\Users\Fetishgod\Desktop\Sid Meier's Civilization V.url
[2015-03-01 18:16:33 | 000,000,222 | ---- | M] () -- C:\Users\Fetishgod\Desktop\PAYDAY 2.url
[2015-03-01 17:25:16 | 000,000,975 | ---- | M] () -- C:\Users\Public\Desktop\Steam.lnk
[2015-03-01 16:59:00 | 000,002,203 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015-03-01 16:44:43 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
[2015-03-01 16:38:02 | 000,001,436 | ---- | M] () -- C:\Users\Fetishgod\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2015-03-01 16:33:41 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2015-03-01 16:27:37 | 000,041,464 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2015-03-01 16:27:37 | 000,041,464 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2015-03-01 16:27:27 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2015-02-05 22:01:44 | 000,833,680 | ---- | M] () -- C:\Windows\SysNative\nvmcumd.dll
[2015-02-05 22:01:44 | 000,074,056 | ---- | M] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2015-02-05 22:01:44 | 000,060,560 | ---- | M] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2015-02-05 22:01:44 | 000,027,441 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2015-02-05 13:50:11 | 004,236,870 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin

========== Files Created - No Company Name ==========

[2015-03-04 00:00:02 | 000,001,114 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2015-03-03 22:32:25 | 000,001,224 | ---- | C] () -- C:\Users\Fetishgod\Desktop\Colasoft Capsa 7 Enterprise Demo.lnk
[2015-03-03 19:44:15 | 000,000,899 | ---- | C] () -- C:\Users\Public\Desktop\Unity 5.0.0f4 (64-bit).lnk
[2015-03-03 18:29:35 | 000,001,171 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2015-03-03 18:29:35 | 000,001,159 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2015-03-03 17:52:16 | 000,001,998 | ---- | C] () -- C:\Users\Public\Desktop\Avast SafeZone.lnk
[2015-03-03 17:52:16 | 000,001,938 | ---- | C] () -- C:\Users\Public\Desktop\Avast Internet Security.lnk
[2015-03-03 17:52:07 | 000,268,640 | ---- | C] () -- C:\Windows\SysNative\drivers\aswVmm.sys
[2015-03-03 17:52:07 | 000,065,736 | ---- | C] () -- C:\Windows\SysNative\drivers\aswRvrt.sys
[2015-03-03 17:52:07 | 000,029,168 | ---- | C] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2015-03-03 17:16:27 | 000,001,228 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
[2015-03-03 17:16:27 | 000,001,216 | ---- | C] () -- C:\Users\Public\Desktop\Epic Games Launcher.lnk
[2015-03-03 14:33:13 | 000,245,492 | ---- | C] () -- C:\Windows\SysNative\oem24.inf
[2015-03-03 14:33:13 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_bcmwlhigh664_01009.Wdf
[2015-03-03 12:49:37 | 000,002,040 | ---- | C] () -- C:\Users\Fetishgod\Desktop\Spotify.lnk
[2015-03-03 12:49:37 | 000,001,819 | ---- | C] () -- C:\Users\Fetishgod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
[2015-03-03 12:04:40 | 000,138,240 | ---- | C] () -- C:\Windows\SysNative\OEMLicense.dll
[2015-03-03 12:04:40 | 000,103,936 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2015-03-03 11:50:40 | 000,386,722 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2015-03-03 11:50:29 | 000,009,701 | ---- | C] () -- C:\Windows\SysWow64\connectedsearch-results.searchconnector-ms
[2015-03-03 11:50:29 | 000,009,701 | ---- | C] () -- C:\Windows\SysNative\connectedsearch-results.searchconnector-ms
[2015-03-02 22:40:12 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_netaapl64_01009.Wdf
[2015-03-02 22:39:18 | 000,001,765 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2015-03-02 22:39:04 | 000,002,535 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2015-03-02 11:35:40 | 000,001,241 | ---- | C] () -- C:\Users\Public\Desktop\Samsung Magician.lnk
[2015-03-02 11:06:46 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
[2015-03-02 04:18:40 | 000,000,023 | ---- | C] () -- C:\Users\Fetishgod\Documents\shut down.bat
[2015-03-01 21:06:05 | 000,001,127 | ---- | C] () -- C:\Users\Fetishgod\Desktop\CINEMA 4D.lnk
[2015-03-01 20:59:12 | 000,001,082 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2015-03-01 20:57:37 | 000,001,070 | ---- | C] () -- C:\Users\Fetishgod\Desktop\µTorrent.lnk
[2015-03-01 18:29:11 | 000,001,193 | ---- | C] () -- C:\Users\Public\Desktop\Hearthstone.lnk
[2015-03-01 18:27:47 | 000,001,156 | ---- | C] () -- C:\Users\Public\Desktop\Battle.net.lnk
[2015-03-01 18:23:04 | 000,282,112 | ---- | C] () -- C:\Windows\System\HsMgr64.exe
[2015-03-01 18:23:04 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\HsMgr.exe
[2015-03-01 18:23:04 | 000,000,061 | ---- | C] () -- C:\Windows\SysNative\cmasiopx.ini
[2015-03-01 18:23:03 | 004,533,760 | ---- | C] () -- C:\Windows\SysNative\CmiCnfgp.cpl
[2015-03-01 18:23:03 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\VmixP8.dll
[2015-03-01 18:23:03 | 000,000,057 | ---- | C] () -- C:\Windows\SysWow64\cmasiop.ini
[2015-03-01 18:23:00 | 000,831,488 | ---- | C] () -- C:\Windows\SysNative\Cmeauoxy.exe
[2015-03-01 18:23:00 | 000,052,576 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfl
[2015-03-01 18:23:00 | 000,000,134 | ---- | C] () -- C:\Windows\System\Dlap.pfx
[2015-03-01 18:22:59 | 000,359,424 | ---- | C] () -- C:\Windows\SysNative\CmiInstallResAll64.dll
[2015-03-01 18:22:59 | 000,004,879 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfg
[2015-03-01 18:22:59 | 000,001,123 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.imi
[2015-03-01 18:22:59 | 000,001,062 | ---- | C] () -- C:\Windows\System\Cmicnfgp.ini
[2015-03-01 18:22:58 | 000,000,491 | ---- | C] () -- C:\Windows\cmudaxp.ini
[2015-03-01 18:22:41 | 000,000,222 | ---- | C] () -- C:\Users\Fetishgod\Desktop\Sins of a Solar Empire Rebellion.url
[2015-03-01 18:18:52 | 000,000,220 | ---- | C] () -- C:\Users\Fetishgod\Desktop\Sid Meier's Civilization V.url
[2015-03-01 18:16:33 | 000,000,222 | ---- | C] () -- C:\Users\Fetishgod\Desktop\PAYDAY 2.url
[2015-03-01 17:25:16 | 000,000,975 | ---- | C] () -- C:\Users\Public\Desktop\Steam.lnk
[2015-03-01 16:54:31 | 000,002,203 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2015-03-01 16:54:23 | 000,001,012 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2015-03-01 16:54:23 | 000,001,008 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2015-03-01 16:47:19 | 004,236,870 | ---- | C] () -- C:\Windows\SysNative\nvcoproc.bin
[2015-03-01 16:46:57 | 000,833,680 | ---- | C] () -- C:\Windows\SysNative\nvmcumd.dll
[2015-03-01 16:46:57 | 000,027,441 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2015-03-01 16:44:43 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
[2015-03-01 16:38:02 | 000,001,436 | ---- | C] () -- C:\Users\Fetishgod\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2015-03-01 16:34:58 | 000,863,592 | ---- | C] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2015-03-01 16:33:41 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_LocationProvider_01_11_00.Wdf
[2015-03-01 16:31:47 | 000,001,442 | ---- | C] () -- C:\Users\Fetishgod\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2015-03-01 16:31:44 | 000,000,352 | ---- | C] () -- C:\Users\Fetishgod\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2015-03-01 16:31:44 | 000,000,334 | ---- | C] () -- C:\Users\Fetishgod\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2015-03-01 16:28:33 | 816,209,917 | -HS- | C] () -- C:\hiberfil.sys
[2015-03-01 16:27:27 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2015-03-01 16:27:17 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2013-08-22 16:36:43 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2013-08-22 16:36:42 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2013-08-22 15:46:23 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2013-08-22 08:01:23 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2013-08-22 04:32:36 | 000,046,080 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2013-08-22 00:55:20 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2013-08-22 00:52:39 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat

========== ZeroAccess Check ==========


[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014-04-19 12:15:54 | 021,186,352 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014-04-19 07:49:39 | 018,644,072 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013-08-22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013-08-22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013-08-22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2015-03-01 18:23:10 | 000,000,000 | ---D | M] -- C:\Users\Fetishgod\AppData\Roaming\ASUS
[2015-03-03 17:52:29 | 000,000,000 | ---D | M] -- C:\Users\Fetishgod\AppData\Roaming\AVAST Software
[2015-03-01 18:27:48 | 000,000,000 | ---D | M] -- C:\Users\Fetishgod\AppData\Roaming\Battle.net
[2015-03-03 22:33:02 | 000,000,000 | ---D | M] -- C:\Users\Fetishgod\AppData\Roaming\Colasoft Capsa 7 - Enterprise Edition Demo
[2015-03-03 22:33:03 | 000,000,000 | ---D | M] -- C:\Users\Fetishgod\AppData\Roaming\Colasoft MAC Scanner
[2015-03-03 22:44:29 | 000,000,000 | ---D | M] -- C:\Users\Fetishgod\AppData\Roaming\Colasoft Packet Builder
[2015-03-03 22:33:05 | 000,000,000 | ---D | M] -- C:\Users\Fetishgod\AppData\Roaming\Colasoft Packet Player
[2015-03-03 22:33:04 | 000,000,000 | ---D | M] -- C:\Users\Fetishgod\AppData\Roaming\Colasoft Ping Tool
[2015-03-01 21:07:42 | 000,000,000 | ---D | M] -- C:\Users\Fetishgod\AppData\Roaming\jawset
[2015-03-01 21:06:50 | 000,000,000 | ---D | M] -- C:\Users\Fetishgod\AppData\Roaming\MAXON
[2015-03-03 14:14:50 | 000,000,000 | ---D | M] -- C:\Users\Fetishgod\AppData\Roaming\Spotify
[2015-03-03 19:25:09 | 000,000,000 | ---D | M] -- C:\Users\Fetishgod\AppData\Roaming\uTorrent
[2015-03-03 21:05:02 | 000,000,000 | ---D | M] -- C:\Users\Fetishgod\AppData\Roaming\xarp-Fetishgod

========== Purity Check ==========



< End of report >
 

mr.doom

Member
Hmm, curious thing, after all those cleans and scans, at least the Unreal Engine launcher started to work :D At least work -ish as t did download its files but it has a problem logging in into an account.
 
Top